Stop everything you’re doing! Phrack is out!
The latest Phrack is out! As usual, lots of amazing content: https://phrack.org/issues/72
A very detailed walkthrough on CVE-2025-49706 impacting SharePoint: https://y4nush.com/posts/the-401-that-fooled-me-n-day-review-of-cve-2025-49706-in-sharepoint/
A great write-up on exploiting Random
in C# from the Doyensec team: https://blog.doyensec.com/2025/08/19/trivial-exploit-on-C-random.html
A great summary of the history of Ruby deserialization exploitation! More posts like this, please: https://blog.trailofbits.com/2025/08/20/marshal-madness-a-brief-history-of-ruby-deserialization-exploits/
A nice write-up from the GitLab team on a vulnerability in Ollama Desktop: https://gitlab-com.gitlab.io/gl-security/security-tech-notes/red-team-tech-notes/ollama-driveby/
A quirky RCE in Python’s future
module: https://medium.com/@abcd_68700/cve-2025-50817-python-future-module-arbitrary-code-execution-via-unintended-import-of-test-py-f0818ea93cf4