Alexandre Cheron
@axcheron.bsky.social
Hacker. Security Researcher. Bytes Addict. Became self-aware at 5:32 a.m. Almost Human. Shall we play a game?
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001) thehackernews.com/2025/11/hack...
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)
Active exploitation targets 7-Zip CVE-2025-11001; patch 25.00 fixes symbolic link RCE flaws.
thehackernews.com
November 19, 2025 at 11:52 PM
Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001) thehackernews.com/2025/11/hack...
Catching Credential Guard Off Guard specterops.io/blog/2025/10...
Catching Credential Guard Off Guard - SpecterOps
Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.
specterops.io
October 23, 2025 at 7:56 PM
Catching Credential Guard Off Guard specterops.io/blog/2025/10...
Bypass AMSI in 2025 #AMSI www.r-tec.net/r-tec-blog-b...
r-tec Blog | Bypass AMSI in 2025
This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.
www.r-tec.net
October 23, 2025 at 7:41 PM
Bypass AMSI in 2025 #AMSI www.r-tec.net/r-tec-blog-b...
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely #Redis #RCE thehackernews.com/2025/10/13-y...
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely
Redis fixes 13-year CVSS 10 flaw allowing Lua script-based remote code execution in all versions.
thehackernews.com
October 7, 2025 at 9:07 PM
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely #Redis #RCE thehackernews.com/2025/10/13-y...
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens #Microsoft #EntraID dirkjanm.io/obtaining-gl...
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise ...
dirkjanm.io
September 18, 2025 at 2:33 PM
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens #Microsoft #EntraID dirkjanm.io/obtaining-gl...
ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3) #Fuzzing blog.doyensec.com/2025/09/02/k...
ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3) · Doyensec's Blog
ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3)
blog.doyensec.com
September 4, 2025 at 7:47 PM
ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3) #Fuzzing blog.doyensec.com/2025/09/02/k...
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel #Linux #Kernel a13xp0p0v.github.io/2025/09/02/k...
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel
Some memory corruption bugs are much harder to exploit than others. They can involve race conditions, crash the system, and impose limitations that make a researcher's life difficult. Working with suc...
a13xp0p0v.github.io
September 3, 2025 at 11:19 PM
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel #Linux #Kernel a13xp0p0v.github.io/2025/09/02/k...
WinRAR zero-day exploited to plant malware on archive extraction. #WinRAR #0day www.bleepingcomputer.com/news/securit...
WinRAR zero-day exploited to plant malware on archive extraction
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware.
www.bleepingcomputer.com
August 10, 2025 at 11:57 PM
WinRAR zero-day exploited to plant malware on archive extraction. #WinRAR #0day www.bleepingcomputer.com/news/securit...
Project Zero: From Chrome renderer code exec to kernel with MSG_OOB
googleprojectzero.blogspot.com/2025/08/from...
googleprojectzero.blogspot.com/2025/08/from...
From Chrome renderer code exec to kernel with MSG_OOB
Posted by Jann Horn, Google Project Zero Introduction In early June, I was reviewing a new Linux kernel feature when I learned about the...
googleprojectzero.blogspot.com
August 8, 2025 at 5:02 PM
Project Zero: From Chrome renderer code exec to kernel with MSG_OOB
googleprojectzero.blogspot.com/2025/08/from...
googleprojectzero.blogspot.com/2025/08/from...
ReVault flaws let hackers bypass Windows login on Dell laptops www.bleepingcomputer.com/news/securit...
ReVault flaws let hackers bypass Windows login on Dell laptops
ControlVault3 firmware vulnerabilities impacting over 100 Dell laptop models can allow attackers to bypass Windows login and install malware that persists across system reinstalls.
www.bleepingcomputer.com
August 6, 2025 at 6:05 PM
ReVault flaws let hackers bypass Windows login on Dell laptops www.bleepingcomputer.com/news/securit...
SonicWall urges admins to disable SSLVPN amid rising attacks #SonicWall www.bleepingcomputer.com/news/securit...
SonicWall urges admins to disable SSLVPN amid rising attacks
SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past...
www.bleepingcomputer.com
August 5, 2025 at 10:03 PM
SonicWall urges admins to disable SSLVPN amid rising attacks #SonicWall www.bleepingcomputer.com/news/securit...
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access #0day thehackernews.com/2025/07/hack...
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.
thehackernews.com
July 22, 2025 at 1:48 PM
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access #0day thehackernews.com/2025/07/hack...
Applocker bypass on Lenovo machines – The curious case of MFGSTAT.zip oddvar.moe/2025/07/03/a...
Applocker bypass on Lenovo machines – The curious case of MFGSTAT.zip
This blogpost is about a minor discovery I made regarding a writeable file inside the Windows folder that is present on Lenovo machines. Initially when I found it I thought it was only a handful of…
oddvar.moe
July 4, 2025 at 4:56 PM
Applocker bypass on Lenovo machines – The curious case of MFGSTAT.zip oddvar.moe/2025/07/03/a...
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms thehackernews.com/2025/07/chin... #Ivanti #0day
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
Chinese hackers exploited Ivanti CSA zero-days, targeting French government, media, and telecom sectors in September 2024.
thehackernews.com
July 3, 2025 at 3:08 PM
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms thehackernews.com/2025/07/chin... #Ivanti #0day
Over 1,200 Citrix servers unpatched against critical auth bypass flaw #Citrix www.bleepingcomputer.com/news/securit...
Over 1,200 Citrix servers unpatched against critical auth bypass flaw
Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authe...
www.bleepingcomputer.com
June 30, 2025 at 12:14 PM
Over 1,200 Citrix servers unpatched against critical auth bypass flaw #Citrix www.bleepingcomputer.com/news/securit...
Instagram ads mimicking BMO, EQ Bank are finance scams
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Instagram ads mimicking BMO, EQ Bank are finance scams
Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud.
Some ...
www.bleepingcomputer.com
June 18, 2025 at 9:10 PM
Instagram ads mimicking BMO, EQ Bank are finance scams
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability thehackernews.com/2025/06/cisa... #Linux
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability
CISA warns CVE-2023-0386 is being actively exploited, impacting Linux systems via OverlayFS. Patching is urgent.
thehackernews.com
June 18, 2025 at 2:08 PM
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability thehackernews.com/2025/06/cisa... #Linux
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware thehackernews.com/2025/06/appl... #Apple
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple patched zero-day flaws exploited to deploy Paragon’s Graphite spyware targeting journalists and civil society, raising global spyware concerns.
thehackernews.com
June 13, 2025 at 11:02 AM
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware thehackernews.com/2025/06/appl... #Apple
Streaming Zero-Fi Shells to Your Smart Speaker |
Exploiting the Sonos Era 300 with a Malicious HLS Playlist blog.ret2.io/2025/06/11/p...
Exploiting the Sonos Era 300 with a Malicious HLS Playlist blog.ret2.io/2025/06/11/p...
Streaming Zero-Fi Shells to Your Smart Speaker
In October 2024, RET2 participated in the “Small Office / Home Office” (SOHO) flavor of Pwn2Own, a competition which challenges top security researchers to c...
blog.ret2.io
June 11, 2025 at 7:12 PM
Streaming Zero-Fi Shells to Your Smart Speaker |
Exploiting the Sonos Era 300 with a Malicious HLS Playlist blog.ret2.io/2025/06/11/p...
Exploiting the Sonos Era 300 with a Malicious HLS Playlist blog.ret2.io/2025/06/11/p...
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them arstechnica.com/security/202...
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them.
The publicly available exploits provide a near-universal way to bypass key protections.
arstechnica.com
June 10, 2025 at 9:53 PM
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them arstechnica.com/security/202...
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File thehackernews.com/2025/05/micr...
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File
OneDrive’s OAuth flaw grants full cloud access via vague prompts + insecure tokens = user data risk.
thehackernews.com
May 28, 2025 at 10:25 PM
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File thehackernews.com/2025/05/micr...
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages googleprojectzero.blogspot.com/2025/05/brea...
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
Guest post by Dillon Franke, Senior Security Engineer , 20% time on Project Zero Every second, highly-privileged MacOS system daemons...
googleprojectzero.blogspot.com
May 9, 2025 at 8:04 PM
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages googleprojectzero.blogspot.com/2025/05/brea...
Supercharging Ghidra: Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI
medium.com/@clearblueja...
medium.com/@clearblueja...
Supercharging Ghidra: Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI
Reverse engineering binaries often resembles digital archaeology: excavating layers of compiled code, interpreting obscured logic, and…
medium.com
April 30, 2025 at 5:28 PM
Supercharging Ghidra: Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI
medium.com/@clearblueja...
medium.com/@clearblueja...
Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks www.bleepingcomputer.com/news/securit...
Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks
A set of security vulnerabilities in Apple's AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code exec...
www.bleepingcomputer.com
April 29, 2025 at 5:49 PM
Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks www.bleepingcomputer.com/news/securit...