🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Offensive AI Con is excited to announce Joshua Saxe as our keynote speaker! Joshua leads AI security efforts at Meta and is an accomplished data scientist who recognizes that "the dam is about to break"—AI will fundamentally alter the security landscape.

New research just dropped I'll be presenting at TROOPERS Conference next week - Attacking ML Training Infrastructure 💥 Model poisoning for code execution ⚠️ Abusing ML workflows ⚙️ MLOKit updates and new threat hunting rules ibm.com/think/x-force/…

Great and interesting talk about AI enabled IDE’s by b33f | 🇺🇦✊ at Offensive X

Really awesome research on abusing malicious browser extensions by Rio at #OffensiveX2025 😍

You can find my slide deck for Offensive X on GitHub. I also included a minimalist extension that you can build on and will load in any of the VSCode forks on any platform 👨‍💻⚔️

I publish two blog posts today! 📝🐫  The first dives into how we're improving the way BloodHound models attack paths through AD trusts: specterops.io/blog/2025/06/2…  The second covers an attack technique I came across while exploring AD trust abuse: specterops.io/blog/2025/06/2…

If you are at TROOPERS Conference #TROOPERS25 and want to learn about attacking ML training infrastructure, come to track 3 in 15 minutes! Presentation will include lots of demos ⌨️

Thanks to everyone who came to my TROOPERS Conference #TROOPERS25 talk today! The slides are available here - github.com/h4wkst3r/Confe…

After today’s talk at #TROOPERS25 I’m releasing BitlockMove, a PoC to execute code on remote systems in the context of a loggedon user session 🔥 github.com/rtecCyberSec/B… No need to steal credentials, no impersonation, no injection needed 👌

It was great to attend #TROOPERS25! Beautiful city, nice weather, talented researchers. My talk was just based on how Entra works but I hope it contributed to the community. Thanks for everyone I had a chance to talk to! No jet lug now. Time to go home😂 github.com/temp43487580/E…

🚨 RemoteMonologue UPDATE: Just pushed a new DCOM object MSTSWebProxy that is susceptible to authentication coercion! The only difference to the existing ones is that it requires modifications of the AccessPermission and LaunchPermission reg values. github.com/xforcered/Remo…

I wrote a blogpost about Android on-device fuzzing -> Reproducing a million-dollar bug: WhatsApp CVE-2019-11932 (with AFL & Frida) ibm.com/think/x-force/…

GitPhish - a comprehensive tool designed to perform GitHub's device code authentication flow. The platform operates through three primary modes: ✅an authentication server ✅an automated landing page deployment and ✅an administrative management interface github.com/praetorian-inc…

Azure Arc is Microsoft's solution for managing on-premises systems in hybrid environments. My new blog covers how it can it be identified in an enterprise and misconfigurations that could allow it to be used for out-of-band execution and persistence. ibm.com/think/x-force/…

The Blog post about "Revisiting Cross Session Activation attacks" is now also public. Lateral Movement with code execution in the context of an active session? 😎 Here you go: r-tec.net/r-tec-blog-rev…

A little over a week left to register for Chris Thompson and I's Black Hat #BHUSA training on attacking MLSecOps and AI-as-a-Service platforms. We are almost full for both the Sat/Sun and Mon/Tues sessions! blackhat.com/us-25/training…

Come join us and learn how to attack AI platforms, model registries, training infrastructure, and backdoor models (and how to defend against these new attacks). It’s been a really hot topic with various military commands I’ve met with recently!

How are you leveraging AI to advance offensive security? We want to hear about it at OAIC in October. CFP open now... only ONE MORE WEEK left to submit your talk(s)! sessionize.com/offensive-ai-c…

I recently interviewed with Politico on the risks and benefits of the offensive use of AI. “This isn’t just malicious threat actors using it,” ... “There’s also the security research community that is leveraging this work to do their jobs better and faster as well. So it’s kind

SCCM’s Management Points can leak more than you’d expect. Garrett shows how Network Access Accounts, Task Sequences, and Collection Settings can be stolen by relaying a remote Management Point to the site database. Check it out ⬇️ ghst.ly/4eNLaHU