RECON

rakhim.exotext.com203IN STACK · 2026-03-12 00:00

Windows 11 after two decades of macOS: okay, but also awful

Recently my partner's trusty old 5K iMac died after 8.5 years of service (Radeon gpu is fried). At first I thought it was finally time to get one of those cool little M4 Mac Minis, but then decided to conduct an experiment. I gave up my Mac Studio M2 Max (64 Gb unified memory and 1 Tb storage) and tried to use my Windows PC as the main machine. I originally purchased it to learn Unreal Engine and to play games. Let's try to use it for everything else: programming (Rust, TypeScript, Node), mus...

Alexander V. Leonov185 · 2026-03-12 15:14

About Elevation of Privilege – Desktop Window Manager (CVE-2026-21519) vulnerability

About Elevation of Privilege – Desktop Window Manager (CVE-2026-21519) vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Desktop Window Manager is a compositing window manager included in Windows starting with Windows Vista. A Type Confusion error (CWE-843) in Desktop Window Manager allows an authorized attacker to locally elevate privileges to the SYSTEM level. […]

Alexander V. Leonov185 · 2026-03-12 09:06

About Elevation of Privilege – Windows RDS (CVE-2026-21533) vulnerability

About Elevation of Privilege – Windows RDS (CVE-2026-21533) vulnerability. The vulnerability is from the February Microsoft Patch Tuesday. Remote Desktop Services (RDS) is a component of Microsoft Windows that allows a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection using the Remote Desktop Protocol […]

Check Point Research47 · 2026-03-12 17:21

“Handala Hack” – Unveiling Group’s Modus Operandi

Key Findings Introduction Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that is known for multiple destructive wiping attacks combined with “hack and leak” operations. The threat actor operates several online personas, with the most prominent among them being Homeland Justice, maintained from mid-2022 specifically for multiple attacks […] The post “Handala Hack” – Unveiling Group’s Modus Operandi appeared first on Check Point Research .

Huntress Blog40 · 2026-03-12 14:00

Data Exfiltration and Threat Actor Infrastructure Exposed

Threat actors are people, too, and like everyone else, make mistakes. These mistakes can reveal insights into the threat actor, or even expose access to their infrastructure.

Cloudflare Blog (Security)35 · 2026-03-12 05:00

Announcing Cloudflare Account Abuse Protection: prevent fraudulent attacks from bots and humans

Blocking bots isn’t enough anymore. Cloudflare’s new fraud prevention capabilities — now available in Early Access — help stop account abuse before it starts.

ElcomSoft blog34 · 2026-03-12 11:00

The C:\User Data in Windows Forensics

This article concludes our series on Windows forensic artefacts and the role they play in real-world investigations. Over the past several weeks, we looked at evidence sources that help investigators understand activity at the system level, from Windows Event Logs and the Windows Registry to file system traces stored under C:\Windows and C:\ProgramData. Those artefacts […]

Pen Test Partners24 · 2026-03-12 14:17

Taming the dragon: reverse engineering firmware with Ghidra

Introduction   I stumbled into infosec the same year the NSA graced us with Ghidra. It’s by far become the most used tool in my arsenal for reverse engineering and vulnerability research. It’s free, extensible, and supports some of the quirkier architectures we come across.  But its learning curve is steep.  This blog post is the culmination of my learnings from spending what may be too many hours in front of Ghidra’s glaring and dated UI. It focuses […] The post Taming the dragon: reverse en...

Dean Hume20 · 2026-03-12 14:32

How I Use PowerToys Workspaces to Switch Contexts in Two Clicks 🫰

Tired of arranging windows every morning? PowerToys Workspaces launches your ideal Windows desktop management setup with two clicks 🫰.

Gleb Bahmutov20 · 2026-03-12 04:00

Public Environment Variables For Your Tests Using cypress-expose Plugin

Recently Cypress announced a change in how it will handle environment variables. Variables were always public and accessible to the appli

Discord Developer Blog20 · 2026-03-12 00:00

You’re Now Discord Official: Developers, Claim Your Game and Verify Your Server

Developers can now claim and customize their game’s profiles on Discord. Curate your game’s presence on the platform to help people discover more about your game, and get your server verified in the process! Read on to see how it works.

Mandiant | Transform Your Cybersecurity17 · 2026-03-12 03:00

Threat Hunting with Google Threat Intelligence - Episode 6 (APAC Timezone)

In this new episode of Threat Hunting with Google Threat Intelligence, we go beyond basic detection to explore how to proactively unmask sophisticated phishing operations. We will demonstrate advanced techniques to identify phishing infrastructure targeting specific brands. Furthermore, we will dive into the analysis of phishing kits, showing you how to hunt their components to start tracking new phishing websites and kits as they are uploaded to GTI. Join us to learn how to: - Track adversar...

PortSwigger Blog15 · 2026-03-12 12:02

Automation without alignment: The hidden cost of modern DAST

Watch the webinar recording: Burp Suite DAST x Burp Suite Professional: Better Together I'm a firm believer that if you want to understand how secure an application really is, you have to test how it

evanhahn.com15 · 2026-03-12 00:00

How I use generative AI on this blog

Inspired by others, I’m publishing how I use generative AI to write this little blog. General feelings on generative AI Generative AI, like any technology, has tradeoffs. I think the cons far outweigh the pros. In other words, the world would be better off without generative AI. Despite this belief, I use it. I’m effectively forced at work, but I also use LLMs to help write this personal blog. I think they can produce better writing if used correctly. Also: I want to be critical of this techn...

Infosecurity11 · 2026-03-12 16:00

PixRevolution Malware Hijacks Brazil's PIX Transfers in Real Time

PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse

Infosecurity11 · 2026-03-12 15:28

Critical Zero-Click Flaw in n8n Allows Full Server Compromise

The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited

Wallarm10 · 2026-03-12 12:00

The CISO’s Dilemma: How To Scale AI Securely

Your board wants AI. Your developers are building with it. Your budget committee is asking for an ROI timeline. But as CISO, you're the one who has to answer when the inevitable question comes up: "How do we know this is secure?" If you're like most security leaders, you're caught between two impossible positions. Say [...] The post The CISO’s Dilemma: How To Scale AI Securely appeared first on Wallarm .

Spotify8 · 2026-03-12 20:42

Inside the Archive: The Tech Behind Your 2025 Wrapped Highlights

What if we could identify interesting listening moments from your year, and tell you a story about them? The post Inside the Archive: The Tech Behind Your 2025 Wrapped Highlights appeared first on Spotify Engineering .

Infosecurity8 · 2026-03-12 12:45

CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws

CISA issued urgent directive as attackers exploit Cisco SD-WAN flaw granting admin access to networks

Stripe8 · 2026-03-12 00:00

10 things we learned building for the first generation of agentic commerce

A future where we buy with AI agents feels inevitable. Making it actually work is harder. These lessons from the first wave of agentic commerce are meant to help sellers decide what to tackle, avoid common bottlenecks, and get ahead of what’s coming.

lcamtuf (Michal Zalewski)6 · 2026-03-12 01:13

How much of HN is AI?

I have a complicated relationship with Hacker News. The site is the most important aggregator of geek news and a major source of traffic to this blog. At the same time, it has a fair number of toxic commenters, making it a dependable source of insults hurled in my general direction; if you want a taste,

[DRAGNET]0 · 2026-03-12 07:00

‘Zombie ZIP’ slips malware past 98% of antivirus engines

‘Zombie ZIP’ slips malware past 98% of antivirus engines    SC Media

[DRAGNET]0 · 2026-03-12 07:00

A Slopoly start to AI-enhanced ransomware attacks

A Slopoly start to AI-enhanced ransomware attacks    IBM

[DRAGNET]-13 · 2026-03-12 07:00

Apple patches Coruna exploit kit flaws for older iOS versions

Apple patches Coruna exploit kit flaws for older iOS versions    Malwarebytes

[DRAGNET]-45 · 2026-03-12 07:00

Stryker Cyber Attack: Iranian Threat Actor Claims Revenge

Stryker Cyber Attack: Iranian Threat Actor Claims Revenge    Cyber Magazine