🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

MSSQL support just landed in BloodHound! You can now map out how attackers might use SQL servers to move laterally. This is incredibly useful in hybrid and legacy heavy environments. Let us know what you find. Learn more ➡️ ghst.ly/MSSQLHound

Created two new ansible roles for Bad Sector Labs's Ludus that enable ASR rules and create/link the recommended audit GPOs for an MDI rollout. It's all simple powershell, so would work for AutomatedLabs as well (see tasks/main.yml) github.com/curi0usJack/Lu…

Happy Tuesday

👋 Say hello to Nemesis 2.0, a streamlined, Docker Compose-based platform that is laser-focused on file triage. After introducing v1 two years ago, the team has reworked the platform to better serve what people need from it. Read more from Will Schroeder. ⤵️ ghst.ly/4mxQzFU

We just noticed that Stark Industries Ltd. transferred their AS44477 and IP ranges to PQ Hosting Plus S.R.L. just *4 days* before sanctions were announced. Meaning, they knew in advance that sanctions were coming and likely managed to save all their infrastructure and assets.

Compliments of friendlies over at CrowdStrike for some info on AI uses by cyber threat actors

You can now run gpt-oss-120b & 20b locally with our GGUFs! 🦥 Run OpenAI's 120b model on 66GB RAM & 20b model on 14GB RAM. Both in original precision. Uploads includes our chat template fixes. Guide: docs.unsloth.ai/basics/gpt-oss GGUF: huggingface.co/unsloth/gpt-os…

.OpenAI has been cooking! Here is OpenAI's Ollama cookbook cookbook.openai.com/articles/gpt-o…

Always nice to see kevs books making an appearance at Blackhat Met some new faces today at the innovators and investment summit. Left disappointed with the speaking content (perhaps I've been to one too many events). Who are a few new faces in cyber that are great at

Why do people even overstay? You visit someone’s country and they granted you entry…

AWS Deleted all data despite redundancy, backup, dead man’s switch. This is why you need to keep all your data offline. Never trust hosting company for your backups. seuros.com/blog/aws-delet…

Turns out his prediction was correct, just they were off by 3 weeks

Who could have guessed... bbc.co.uk/news/articles/…

''GitHub - DosX-dev/obfus.h: Macro-header for compile-time C obfuscation (tcc, win x86/x64)'' #infosec #pentest #redteam #blueteam github.com/DosX-dev/obfus…

firewall for Windows, blocks and allows apps

🚨🚨Adobe AEM Forms Vulns Alert CVE-2025-54253 (CVSS: 10): Critical RCE via misconfig, no auth or interaction needed. CVE-2025-54254 (CVSS: 8.6): XXE flaw allows arbitrary file reads, exposing sensitive data. No auth required. Search by vul.cve Filter👉vul.cve="CVE-2025-54253"

ReVault flaws let hackers bypass Windows login on Dell laptops - Sergiu Gatlan bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🎉 You’ve been asking for it. The Caido Scanner plugin is finally here. Run checks in the background or scan specific requests on demand to find issues like reflected XSS, SQL injection, and CORS misconfigs. All checks are open source. Add your own and help the list grow 💪

We just shipped automated security reviews in Claude Code. Catch vulnerabilities before they ship with two new features: - /security-review slash command for ad-hoc security reviews - GitHub Actions integration for automatic reviews on every PR

I pushed updates to SCCMHunter as part of my Arsenal demo at #BHUSA today! New features include a relay module for TAKEOVER-5 and a community contribution to coerce client push from a *nix host for ELEVATE-2. github.com/garrettfoster1….