A good mix of everything to please everyone: CVEs, AI, Integrity Bypass and Unicode
The Doyensec team is following up on their research against ksmbd
. It’s raining CVEs! https://blog.doyensec.com/2025/09/02/ksmbd-2.html
Another great post from the Trail of Bits team on attacking code integrity in Electron-based applications: https://blog.trailofbits.com/2025/09/03/subverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more/
The Kulkan team just released a new tool to help you keep up with the Kardashian^w
latest infosec news: https://blog.kulkan.com/in4m-keeping-up-with-the-latest-infosec-news-ff4a045cf8a9
A great post from Jason Haddix’s newsletter on how to build Hackbots: https://executiveoffense.beehiiv.com/p/ai-hackbots-part-1
__Host
and __Secure
Cookie PrefixesA great post on bypassing __Host
cookies by leveraging Unicode: https://portswigger.net/research/cookie-chaos-how-to-bypass-host-and-secure-cookie-prefixes