Threat Intelligence

Offensive Research & Advisories

We don't just consume threat intel — we generate it. Zero-day disclosures, EDR evasion research, cloud attack techniques, and CTF write-ups.

CVE CRITICAL

CVE-2026-10492

Privilege Escalation in Enterprise Cloud Agent

Chaining LFI with a misconfigured IAM execution role to achieve SYSTEM access across an entire cloud fleet. Discovered during a Fortune 500 adversary simulation.

Read Advisory →

EDR EVASION RED TEAM

Red Team Tradecraft

Bypassing User-Land Hooks with Indirect Syscalls

Modern EDRs rely on user-land API hooking. This research demonstrates indirect syscalls in Rust to blind telemetry during live red team operations.

Read Paper →

CTF WRITE-UP COMING SOON

DEF CON 33 · AI Village

Breaking the AI Sandbox

A multi-stage prompt injection attack that exfiltrated the hidden flag via indirect execution in the AI Village final challenge at DEF CON 33.

Publishing Q3 2026

CLOUD COMING SOON

Cloud Security

AWS Cross-Account Pivoting via Misconfigured STS Roles

How a single over-permissioned AssumeRole call allowed us to pivot from a compromised SaaS vendor account to their customer's production AWS environment.

Publishing Q4 2026

Get New Research First

CVE disclosures, tradecraft papers, and threat intel delivered to your inbox — no marketing, no spam.

Subscribe via Email