Firefox JIT Use-After-Frees | Exploiting CVE-2020-26950
Learn how to dive into JIT compilers in JavaScript engines and follow along as we find a new set of exploit primitives in this previously patched bug.
Read More
Learn how to dive into JIT compilers in JavaScript engines and follow along as we find a new set of exploit primitives in this previously patched bug.
Are there still real hacktivists out there or are they all a cover for state-sponsored operations?
With victims in the US, Australia and India, BlackCat is a new RaaS making a big impact. Learn more about this unique ransomware's behavior and IoCs.
MuddyWater APT's updated toolkit: an evolution of PowGoop malware, abuse of tunneling tools, and targeting of Exchange servers. MuddyWater's activities are attributed to the Iranian Ministry of Intelligence by U.S. Cyber Command.
SentinelLabs has discovered a high severity flaw in NetUSB which could be remotely exploited to execute code in the kernel.
Mac adware is hidden, persistent, and evasive, fingerprinting devices and delivering custom payloads. Learn how to hunt it on macOS.
Scavenging code leaked from Babuk, Rook's first victim was a bank and the theft of 1123 GB of data. Learn more about this new ransomware operator.
25 CVEs and counting: SentinelLabs' latest research reveals millions of cloud users are exposed to privilege escalations from bugs in shared driver software.
Inspired by Pwn2Own, SentinelLabs' researcher Max Van Amerongen discovered three CVEs, including two privilege escalations, in VirtualBox. Read more here.
SentinelLabs reveals further IoCs, behavior and analysis around suspected APT attack targeting macOS users and Hong Kong pro-democracy activists.