Microsoft, and other software vendors, have demonstrated time and again that security will always come second. I agree that this is a situation where observe the consequences of “what happens when security decisions are made by vendor priorities” but to say that this has anything

We've heard feedback suggesting we should have waited to release details about BadSuccessor until Microsoft issued a patch. We want to explain why we made the decision to go public immediately.

nix You can actually target krbtgt and get its keys, no need for DCSync

Many missed this on #BadSuccessor: it’s also a credential dumper. I wrote a simple PowerShell script that uses Rubeus to dump Kerberos keys and NTLM hashes for every principal-krbtgt, users, machines. no DCSync required, no code execution on DC.

Here's our new blog on hiding your implant in VTL1, where even an EDR's kernel sensor can't see it.🧑‍🦯 Post includes full operational details. Plus our OST offering has been updated with a Cobalt Strike sleep mask exploiting secure enclaves. Full read ➡️ outflank.nl/blog/2025/06/1…

If you can't beat them, ban them 😏 Malicious Cryptominers can be tough to dismantle - but we found a way. 👀 By exploiting common mining topologies, Akamai researchers were able to ban attackers from their mining pools and shut down their operations. akamai.com/blog/security-…

This is a wild one. 🏜️ The Coyote malware is now abusing UI Automation (UIA) - marking the first known case of UIA abuse observed in the wild. 👀 Defenders pay attention - this novel technique can have serious implications. Full details here: akamai.com/blog/security-…

I had an amazing time presenting my research at DEFCON today! 🎤 My talk covered VBS enclaves, showing how they work and the ways they could be abused by attackers. You can find the full details in our blog: akamai.com/blog/security-… Akamai Security Intelligence Group

BadSuccessor is dead… or is it? 👀 It's more than a bug, it's a technique. Microsoft patched CVE-2025-53779, but analysis by Yuval Gordon shows that while the patch closed the door, an attacker can get in through the keyhole in some scenarios. Read more: akamai.com/blog/badsucces…