Stop everything you’re doing! Phrack is out!
📰 Phrack Issue 0x48
The latest Phrack is out! As usual, lots of amazing content: https://phrack.org/issues/72
🔑 The 401 That Fooled Me - N-Day Review of CVE-2025-49706 in SharePoint
A very detailed walkthrough on CVE-2025-49706 impacting SharePoint: https://y4nush.com/posts/the-401-that-fooled-me-n-day-review-of-cve-2025-49706-in-sharepoint/
🎲 Trivial C# Random Exploitation
A great write-up on exploiting Random in C# from the Doyensec team: https://blog.doyensec.com/2025/08/19/trivial-exploit-on-C-random.html
💎 Marshal Madness: A Brief History of Ruby Deserialization Exploits
A great summary of the history of Ruby deserialization exploitation! More posts like this, please: https://blog.trailofbits.com/2025/08/20/marshal-madness-a-brief-history-of-ruby-deserialization-exploits/
💻 Drive-By Attack in Ollama Desktop v0.10.0
A nice write-up from the GitLab team on a vulnerability in Ollama Desktop: https://gitlab-com.gitlab.io/gl-security/security-tech-notes/red-team-tech-notes/ollama-driveby/
🐍 CVE-2025–50817: Python-Future Module Arbitrary Code Execution via Unintended Import of test.py
A quirky RCE in Python’s future module: https://medium.com/@abcd_68700/cve-2025-50817-python-future-module-arbitrary-code-execution-via-unintended-import-of-test-py-f0818ea93cf4
