RECON

https://metactf.com/join/dawgctf26

Adobe has confirmed that attackers have been quietly exploiting a critical zero-day vulnerability in Adobe Acrobat and Reader since at least December 2025 — and the attack requires nothing more than a victim opening a PDF file. The vulnerability, now tracked as CVE-2026-34621 , carries a CVSS score of 9.6 out of 10 and enables arbitrary code execution (where an attacker can remotely run malicious commands on the victim's machine) across both Windows and macOS platforms. Adobe addressed the fl...

Spring Boot CloudFoundry Actuator 认证绕过漏洞 CVE-2026-22733

How I Made $360 by Serving Markdown to A.I. agents from My Jekyll Blog

Just completed the Eighteen machine on Hack The Box — a great example of chaining multiple techniques from initial access to full domain compromise. Gained initial foothold by cracking WinRM credentials (adam.scott / iloveyou1) and accessing the system via Evil-WinRM. From there, escalated privileges by abusing Delegated Managed Service Accounts (DMSA) using BadSuccessor, allowing impersonation of the Administrator. Set up a Ligolo-ng tunnel to reach the domain controller, leveraged Kerberos ...

Is the Strait of Hormuz open yet, building code cost benefit analysis, Intel joining Terafab, sponge cities, and more.