RT @snd_wagenseil: #blackhat2025 has spoken: AI security is so awful, it's like the '90s all over again! Comments from @beccalunch @wendyna….

RT @wunderwuzzi23: 💥 Remote Code Execution in GitHub Copilot (CVE-2025-53773) . 👉 Prompt injection exploit writes to Copilot config file an….

Generate videos in just a few seconds. Try Grok Imagine, free for a limited time.

RT @tamirishaysh: We got ChatGPT to leak sensitive data from your Google Drive data back to OUR servers. And you’ll never even know it happ….

RT @simonw: Apparently @cursor_ai's official position on MCP is "MCP servers, especially ones that connect to untrusted data sources, prese….

RT @mbrg0: next. we hijacked cursor via jira mcp by submitting a support ticket. cursor harvests and exfiltrate all creds from your dev ma….

RT @mbrg0: we got a persistent 0click on ChatGPT by sharing a doc. that allowed us to exfiltrate sensitive data and creds from your connect….

Connect your powerful AI agent to an MCP server. Enable auto-run. What could possibly go wrong? 😈.Turns out, when using Cursor with a Jira MCP, any local secret - API keys, AWS creds, SSH keys - is up for grabs.

RT @ly4k_: Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Creden….

RT @_dirkjan: I've added the material from my Black Hat US talk yesterday to my blog. If you are interested in Azure AD security, love acco….

2/2 Check out slides 48-50 (or the recorded talk) for more details on the detection.

1/2 Three years ago @YaronZi and I presented a generic NTLM relay detection at #BHUSA. Recently, we extended it to detect machine accounts relay, independent of the coercion tactic used (PetitPotam, ShadowCoerce, DFSCoerce, etc.).

RT @filip_dragovic: Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed b….

RT @gentilkiwi: We saw a lots of problem after KB5005565 patch (or others KB on September 2021 patch tuesday), thinking it was related to #….

RT @YaronZi: Excited to share I'll be (virtually) in Vegas presenting in @defcon a talk titled: "Adventures in MitM-land: Using Machine-in-….

RT @harmj0y: 5 months ago @tifkin_ and I started looking into the security of Active Directory Certificate Services. Today we're releasing….

RT @eyal_karni: NTLM relay refuses to die! A new blog is alive with details about the cool vuln in Print Spooler we have found!.It was patc….

While the Bronze Bit vulnerability was patched, the ability to bypass the "Kerberos Only" protection in Kerberos Constrained Delegation was published 2 years ago by @elad_shamir and still works today against patched DCs 😇

RT @agsolino: Just merged @jakekarnes42 implementation CVE-2020-17049 (aka Kerberos Bronze Bit Attack). Great stuff and thorough explanatio….

Great write up on how any service account with Kerberos constrained delegation permissions can be used with protocol transition to get a ticket for any user (including "sensitive users which cannot be delegated") by flipping a single bit ("forwardable" flag of the service ticket).

Excited to join the @CrowdStrike team! 🎉.