🔍 A new flaw in Udisks lets attackers escalate to root on major Linux distros. Local doesn’t mean low-risk—privilege escalation is still a key threat.
#LinuxSecurity #PrivilegeEscalation 🐧🚨

https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attackers-get-root-on-major-linux-distros/

Over 100,000 WordPress Sites Exposed to Privilege Escalation via MCP AI Engine
https://gbhackers.com/over-100000-wordpress-sites-exposed/

#Infosec #Security #Cybersecurity #CeptBiro #WordPressSites #PrivilegeEscalation #MCPAIEngine

🐧 Two new Linux flaws (CVE-2025-6018 & CVE-2025-6019) allow attackers to escalate from user to root in seconds—impacting major distros via PAM & udisks. Patch now.
#Vulnerability 🚨 #PrivilegeEscalation 🧨

https://thehackernews.com/2025/06/new-linux-flaws-enable-full-root-access.html

Windows Admins—Don’t Delete That Empty inetpub Folder!

Microsoft has released a PowerShell script to restore the C:\inetpub folder created by the April 2025 security update after many users mistakenly deleted it, not realizing it plays a critical role in mitigating a high-severity privilege escalation vulnerability (CVE-2025-21204).

This seemingly empty folder helps protect against attackers escalating privileges using symbolic link abuse, and deleting it can leave your organization vulnerable. If you have already deleted it, Microsoft has a restoration script.

Read the details: https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-script-to-restore-inetpub-folder-you-shouldnt-delete/

#WindowsSecurity #PowerShell #CVE202521204 #PrivilegeEscalation #PatchManagement #Cybersecurity #ITAdmin #Microsoft #CISO #Infosec #IT

🔐 New Linux flaws allow attackers to extract password hashes from memory—even without root access. A serious wake-up call for sysadmins: patch fast, audit often. 🐧⚠️
#LinuxSecurity #PrivilegeEscalation

https://thehackernews.com/2025/05/new-linux-flaws-allow-password-hash.html

🆕 New blog post! It's a rather short one, nothing crazy. Just wanted to share a random finding I made recently. 🤷‍♂️

'Hijacking the Windows "MareBackup" Scheduled Task for Privilege Escalation'

👉 https://blog.scrt.ch/2025/05/20/hijacking-the-windows-marebackup-scheduled-task-for-privilege-escalation/

#pentest #pentesting #redteam #windows #privilegeescalation

A privilege escalation from Chrome extensions (2023)

https://0x44.xyz/blog/cve-2023-4369/

#HackerNews #privilegeEscalation #ChromeExtensions #CVE2023 #cybersecurity #hackernews

A critical vulnerability called BadSuccessor in Windows Server 2025 lets attackers with minimal permissions escalate privileges and take over any Active Directory user. It exploits flaws in delegated Managed Service Accounts (dMSAs) and affects systems even if dMSAs aren’t actively used.

#CyberSecurity #InfoSec #Microsoft #PrivilegeEscalation #ZeroDay #PatchManagement #ADSecurity #WindowsSecurity #TECHi

Read Full Article Here :- https://www.techi.com/windows-server-2025-flaw-puts-active-directory-at-ris/

Cisco Patches High-Severity DoS, Privilege Escalation Vulnerabilities
https://www.securityweek.com/cisco-patches-high-severity-dos-privilege-escalation-vulnerabilities/

#Infosec #Security #Cybersecurity #CeptBiro #Cisco #Patches #DoS #PrivilegeEscalation #Vulnerabilities

Lorenzo Gallegos presents 'How to Write Secure Code' July 25th at Nebraska.Code().

https://nebraskacode.amegala.com/

#securecode #OWASP #XSS #sqlinjection #crosssitescripting #lincoln #CrossSiteRequestForgery #serversiderequestforgery #Nebraska #PrivilegeEscalation #supplychain #webdevelopment #DeveloperConference #coding #TechSecurity #TechConference

Escalation is not brute force. It's craft. From guest to god, silently.

#PrivilegeEscalation #HackerMindset #GTFOBins #RedTeam #DeadSwitch #InfoSec

http://tomsitcafe.com/2025/05/20/the-art-of-privilege/

In januari 2025 werd de Technische Universiteit Eindhoven (TU/e) getroffen door een ernstige cyberaanval. Wat op het eerste gezicht een technologische crisis leek, werd al snel een belangrijk lesmoment voor de hele onderwijssector.

Podcast Spotify: https://open.spotify.com/episode/6QNXPzNENfVedOvbM3nxcP?si=3418e9dcdf1840d5

Artikel Cybercrimeinfo: https://www.ccinfo.nl/menu-onderwijs-ontwikkeling/cybercrime/2514415_hoe-de-tu-e-een-cyberaanval-stopte-een-les-in-snelle-actie-en-transparantie

#TUe #cyberaanval #cybersecurity #incidentresponse #MFA #darkweb #privilegeescalation #DCSync #SURFsoc #FoxIT #vpnbeveiliging #transparantie #netwerkbeveiliging #onderwijs

New Open-Source Tool Spotlight 🚨🚨🚨

Watson is a .NET tool for enumerating missing KBs on Windows systems and identifying privilege escalation vulnerabilities with associated exploits. Supported OS: Win10 (1507–2004), Server 2016 & 2019. Archived but still useful. #CyberSecurity #PrivilegeEscalation

🔗 Project link on #GitHub 👉 https://github.com/rasta-mouse/Watson

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Watch out with your Azure Automation Account / Runbooks.

• they often include hard-coded credentials
• their output is not protected. So attackers can see your results
• they can use Shared Resources (i.e. credentials or certificates)
• Hybrid Worker and Azure Arc allow access to your on-premise infrastructure

Dangerous stuff if not managed correctly!

#cloud #azure #knowledgedrop #dfir #pentesting #privilegeescalation

clownpertino - A simple macOS debugger detection trick

Analyzes a macOS vulnerability allowing privilege escalation via a flaw in the operating system's handling of certain system calls.

https://reverse.put.as/2025/04/04/clownpertino/

#macOS #PrivilegeEscalation

Inside the Mind of a Hacker #CyberSecurity #HackerMindset #DigitalDefense #InfoSec #CyberThreats #TTPs #PhishingAwareness #PrivilegeEscalation #NetworkSecurity #MalwareAnalysis #EthicalHacking #OpSec #BlueTeam #RedTeam #CyberIntel #DeadSwitch #CyberGhost #KnowYourEnemy #SilenceIsTactical #FearTheSwitch

http://tomsitcafe.com/2025/04/08/inside-the-mind-of-a-hacker/

CISA Identifies Five New Vulnerabilities Currently Being Exploited

Of the five, one is a Windows vulnerability, another is a Cisco vulnerability. We don’t have any details about who is exp... https://www.schneier.com/blog/archives/2025/03/cisa-identifies-five-new-vulnerabilities-currently-being-exploited.html

#privilegeescalation #vulnerabilities #Uncategorized

Hello everyone.
In today's article we are reviewing the DC-1 Capture The Flag Vulnhub Guide.

I wish everyone good hacking.
https://denizhalil.com/2025/01/03/dc-1-vulnhub-walkthrough/

#ctf #cybersecurity #vulnhub #dc1ctf #penetrationtesting #privilegeescalation

Hello everyone.

In today's article we are dealing with CTF solution with #tryhackme

I wish everyone good work:

https://denizhalil.com/2024/12/27/simple-ctf-tryhackme-walkthrough/

#ctf #tryhackme #ctfwalkthrough #cybersecurity #penetrationtesting #privilegeescalation

Windows 11 Privilege Escalation Vulnerability Lets Attackers Execute Code to Gain Access
https://gbhackers.com/windows-11-privilege-escalation-vulnerability/

#Infosec #Security #Cybersecurity #CeptBiro #Windows11 #PrivilegeEscalation #Vulnerability #ExecuteCode #GainAccess