Credential Leakage

CVE-2026-23370: Dell Linux WMI Sysman Vulnerability Exposes Plaintext Passwords in Hex Dumps

A critical vulnerability in Dell's Linux WMI Sysman driver allows attackers to extract plaintext passwords from system memory through simple hex dumps. Designated CVE-2026-23370, this security flaw...

Windows LNK Security Flaws Exposed: 4 New Shortcut Spoofing Techniques Threaten Users

Windows shortcut files, those familiar .LNK icons that populate desktops and start menus, have once again emerged as a significant security vulnerability. Security researcher Wietze Beukema has...

CVE-2025-61594: Ruby URI Gem Vulnerability Bypasses Previous Fix, Exposing Credentials

A critical security vulnerability has been discovered in the widely used Ruby URI library that bypasses a previous patch and could lead to credential leakage in applications across the Ruby...

CVE-2025-33052: Critical Windows DWM Core Memory Leak Vulnerability Explained

Microsoft's Desktop Window Manager (DWM) has become the latest attack surface for potential data breaches with the discovery of CVE-2025-33052, a critical memory disclosure vulnerability in the DWM...

Enhancing Windows Security: Strategies to Harden NTLM Authentication and Safeguard Credentials in 2025

Introduction In the ever-evolving landscape of cybersecurity, legacy protocols like NTLM (NT LAN Manager) continue to pose significant security risks. Despite being deprecated, NTLM remains prevalent...

Microsoft Entra's MACE Fail: Lessons from the Mass Lockout Crisis

In April 2025, Microsoft Entra ID, formerly known as Azure Active Directory, experienced a significant disruption when its new security feature, MACE Credential Revocation, inadvertently caused...