CVE-2025-55182 is a critical Remote Code Execution (RCE) vulnerability in React Server Components (RSC) affecting Next.js applications using App Router with Server Actions

The vulnerability exists in the Flight protocol deserialization process, allowing attackers to achieve arbitrary code execution through prototype pollution

use multi/http/react2shell_cve_2025_55102

Cross-platform and cross-compiled BloodHound collector tool written in Rust, making it compatible with Linux, Windows, and macOS. It therefore generates all the JSON files that can be analyzed by BloodHound Community Edition

# Install from cargo
cargo install rusthound-ce

rusthound-ce -i 192.168.1.10 -d domain.local -u user@domain.local -p 'pass' -z

40+ BOF commands
LDAPS support (port 636) with automatic certificate acceptance
Standard LDAP (port 389) with signing and sealing
Automatic DN/username detection for flexible targeting
Adaptix C2 integration via AxScript

git clone https://github.com/P0142/ldap-bof-collection.git
cd ldap-bof-collection
make

AxScript tab -> Script Manager -> Right click, Load New (ldap.axs)

Akamai researchers analyzed Microsoft’s patch for the vulnerability known as BadSuccessor (CVE-2025-53779) to assess its effectiveness

System access control lists (SACLs): Audit the creation of dMSAs and changes to the migration link attributes on both sides — the dMSA’s link and the superseded/preceding account’s link

Repeated log entries indicating a dMSA password has been fetched in a short window
An enabled user appearing to be linked to a dMSA (should be unusual)
A previously disabled user getting linked to a new dMSA

BloodSOCer is a 💻 Python automation tool that aggregates threat intelligence data from multiple sources (Mitre ATT&CK, Sigma rules, Atomic Red Team) and produces JSON files to ingest in BloodHound in OpenGraph format. Tool can also upload the files to BloodHound and set the icons for the custom objects if it has API Tokens defined in the configuration. Security analysts can then visualize the data from any angle, and a few Cypher queries are provided to help you get started

nxc smb dc.domain.local  -d domain.local -u 'user' -p 'pass' -M check-add-computer

The OWASP Top 10 for Agentic Applications 2026 is a globally peer-reviewed framework that identifies the most critical security risks facing autonomous and agentic AI systems. Developed through extensive collaboration with more than 100 industry experts, researchers, and practitioners, the list provides practical, actionable guidance to help organizations secure AI agents that plan, act, and make decisions across complex workflows. By distilling a broad ecosystem of OWASP GenAI Security guidance into an accessible, operational format, the Top 10 equips builders, defenders, and decision-makers with a clear starting point for reducing agentic AI risks and supporting safe, trustworthy deployments

The issue lies in UseBasicParsing of Invoke-WebRequest cmdlet of Powershell. UseBasicParsing uses basic parsing, it does not evaluate any javascript code. It just reads the text and parses it

If this parameter is not provided, Invoke-WebRequest launches the Internet Explorer underneath and tries to parse the html code by actually evaluating it, using mshtml.HTMLDocumentClass

git clone https://github.com/commixproject/commix.git commix
python commix.py -h

python commix --wizard

python commix -u http://62.173.140.174:16016/ --data 'action='

python commix -u http://62.173.140.174:16016/ --data 'action=' --tamper=space2ifs

The Microsoft ms-photos URI scheme takes fileName as parameter, which can be submitted with a UNC path, leaking NTLMv2-SSP hashes one opened

If you’re a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One common technique for remote command execution has been the use of DCOM objects

git clone https://github.com/the-useless-one/pywerview
cd pywerview
python3 -m venv venv
source ./venv/bin/activate
pip install -r requirements.txt
./pywerview.py --help