RECON

Windows 11 brings us a lot of new Shim-related goodies and it makes sense to cover at least some of them. In the second part of this series I listed a number of process names that are treated in a … Continue reading →

In my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access application. This API looked interesting so I thought I should take a closer look. I typically start by reading the documentation for an API I don’t know about, assuming it’s documented at all. It can give you an idea of how long the API has existed as well as its security properties. The documentation’s rem...

OpenAI and Pacific Northwest National Laboratory introduce DraftNEPABench, a new benchmark evaluating how AI coding agents can accelerate federal permitting—showing potential to reduce NEPA drafting time by up to 15% and modernize infrastructure reviews.

How Infostealers Industrialize the Brute-Forcing of Corporate SSO Gateways How Infostealers Industrialize the Brute-Forcing of Corporate SSO Gateways Recently, the cybersecurity community was alerted to a significant credential stuffing attack targeting F5 devices. The activity was first brought to light by threat intelligence group Defused Cyber, who noted that threat actors were attempting to access […] The post How Infostealers Industrialize the Brute-Forcing of Corporate SSO Gateways appe...

Google researchers found that simply repeating your prompt—copying and pasting it twice—dramatically improves LLM accuracy on non-reasoning tasks, with gains up to 76% and zero performance degradation.

作者：Victor Morel, Cristiana Santos, Pontus Carlsson等 译者：知道创宇404实验室翻译组 原文链接：https://arxiv.org/html/2602.20222v1/https://arxiv.org/html/2602.20222v1 摘要 由欧洲互动广告局（IAB Europe）开发的透明化与同意框架（TCF），是向欧洲终端用户获取、记录和...

Lifting is the critical step to unlocking Binary Ninja’s powerful analysis and decompilation. Often the “left as an exercise to the reader” of Binary Ninja custom architecture tutorials, it is both a lengthy process and one with a lot of subtlety. From simple instructions to flags and intrinsics, the lifting process describes the behavior of every instruction. Let’s write a lifter for Quark!

For most of the web's history, content platforms operated on a simple binary: open or blocked. Then generative AI changed everything.

UNC2814 hit 53 victims in 42 countries with novel backdoor in decade long cyber espionage operation

The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation

How we train Dash's search ranking models with a mix of human and LLM-assisted labeling.

New botnet Aeternum shifted C2 operations to Polygon blockchain, complicating takedown efforts

Crypto Ransomware: 2026 Crypto Crime Report    Chainalysis