Last Week in Security (LWiS) - 2025-03-10
Detection Studio (@sifex), SCCM discovery account decryption (@unsigned_sh0rt), FindProcessesWithNamedPipes (@podalirius_), Windows LPE (@MrAle_98), and more!
New Method to Leverage Unsafe Reflection and Deserialisation to RCE on Rails - elttam
elttam.comA new RCE gadget chain discovered in the sqlite3 gem affects all default Rails installations. Learn how unsafe reflection leads to remote code execution.