Astra Linux - уязвимость в samba

A flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl...

UAC-Bypass-ComputerDefaults

UAC...

📄 Remote Sunrise Helper for Windows 2026.14 UAC Bypass

Remote Sunrise Helper for Windows version 2026.14 suffers from a local UAC bypass vulnerability via the Icon Import dialog. Exploit Title: Remote Sunrise Helper for Windows 2026.14 - UAC Bypass via Icon Import Dialog Date: 2026-04-20 Exploit Author: Chokri Hammedi Software:...

PureRAT: A Multi-Stage, Fileless RAT Utilizing Image Steganography and Process Hollowing

PureRAT: A Multi-Stage, Fileless RAT Utilizing Image Steganography and Process Hollowing By Prashanth A N and Mallikarjun Wali · April 20, 2026 PureRAT is an advanced remote access trojan RAT characterized by its complex infection stages. The intrusion sequence is initiated by a malicious .LNK fi...

uac 操作系统命令注入漏洞

UAC is a Unix system forensics and incident response tool developed by Thiago Canozzo Lahr. Versions of UAC prior to 3.3.0-rc1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the runcommand function, which directly passed the constructed...

CVE-2026-22561

CVE-2026-22561 concerns Anthropic Claude for Windows installer (Claude Setup.exe). The vulnerability arises from Uncontrolled search path elements, where the installer loads DLLs (e.g., profapi.dll) from its own directory after UAC elevation, enabling local privilege escalation via DLL search-ord...

UacExploit

🛡️ UACExploit - Windows UAC Bypass Hidden This tool is a P...

A Deep Dive into the GetProcessHandleFromHwnd API

Posted by James Forshaw In my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access application. This API looked interesting so I thought I should take a closer look. I...

Bypassing Administrator Protection by Abusing UI Access

Posted by James Forshaw In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exist. I described one of the ways I was able to bypass the feature before it was released. In total I found 9 bypasses...

CVE-2026-23755

CVE-2026-23755 affects D-Link D-View 8 installer, versions 2.0.1.107 and below. The vulnerability is an uncontrolled search path leading to DLL preloading: during installation, the process loads version.dll from its execution directory when run with elevated privileges via UAC, enabling attacker-...

📄 Microsoft Windows 11 Build 10.0.22631.6199 UAC Bypass

Microsoft Windows 11 build 10.0.22631.6199 proof of concept exploit for a UAC bypass vulnerability achieved via DLL injection Windows Hooking. ============================================================================================================================================= | Title :...

September 9, 2025—Hotpatch KB5065306 (OS Build 20348.4106)

September 9, 2025—Hotpatch KB5065306 OS Build 20348.4106 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if...

September 9, 2025—KB5065425 (OS Build 25398.1849)

September 9, 2025—KB5065425 OS Build 25398.1849 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updat...

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

Cybersecurity researchers have charted the evolution of XWorm malware, turning it into a versatile tool for supporting a wide range of malicious actions on compromised hosts. "XWorm's modular design is built around a core client and an array of specialized components known as plugins," Trellix...

EUVD-2018-9633

Malware in sbrugna...

EUVD-2021-19489

Malware in sbrugna...

EUVD-2024-38552

Malicious code in bioql PyPI...

EUVD-2025-5558

Malicious code in bioql PyPI...

Cobalt-Strike-Aggressor-Scripts

This repository is an offensive tool for Cobalt Strike Aggressor Scripts. It is a collection of PowerShell scripts that aggregate various UAC bypass methods, including the MS16-032, MS16-135, and WScript bypass attacks. The scripts are designed to be used with the Cobalt Strike framework to perfo...

August 19, 2025—KB5066187 (OS Build 17763.7683) Out-of-band

August 19, 2025—KB5066187 OS Build 17763.7683 Out-of-band Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if...