Banyamer_security

windows Beginner macOS CVE-2025-24085

macOS LaunchDaemon Privilege Escalation via com.apple.securemonitor (CVE-2025-24085)

A vulnerability in macOS LaunchDaemon configuration allows local attackers to hijack a system daemon and execute arbitrary commands with root privileges. This article demonstrates a proof-of-concept exploit that installs a root shell and persistent LaunchDaemon backdoor.

May 31, 2025 · 3 min read · Kernel Exploit

#cybersecurity #persistence backdoor #privilege escalation #macos vulnerability

windows Beginner Windows CVE-2025-30397

Microsoft Windows Server 2025 JScript Engine Use-After-Free Remote Code Execution (CVE-2025-30397)

A Use-After-Free vulnerability in the JScript engine of Internet Explorer on Windows Server 2025 allows remote attackers to execute arbitrary code through a specially crafted webpage. This article demonstrates a proof-of-concept exploit that launches calc.exe to confirm code execution.

May 31, 2025 · 4 min read · Heap Use-After-Free

#windows security #browser exploitation #rce exploit #use-after-free

windows Intermediate Windows CVE-2025-24071

Windows File Explorer NTLM Hash Disclosure via .library-ms Archive (CVE-2025-24071)

A vulnerability in Windows File Explorer causes NTLM authentication requests to be automatically triggered when extracting malicious .library-ms files from ZIP archives, potentially leaking NTLM hashes to an attacker-controlled SMB server.

May 27, 2025 · 2 min read · Other

#cybersecurity #smb attack #windows explorer vulnerability #ntlm hash disclosure

windows

macOS LaunchDaemon Privilege Escalation via com.apple.securemonitor (CVE-2025-24085)

Microsoft Windows Server 2025 JScript Engine Use-After-Free Remote Code Execution (CVE-2025-30397)

Windows File Explorer NTLM Hash Disclosure via .library-ms Archive (CVE-2025-24071)

Stay updated on new research