hackyboiz

[1day-1line] CVE-2026-21241: Use-After-Free LPE Vulnerability Caused by I/O Mini-Completion Packet Lifetime Management Error in Windows afd.sys Hello, this is Libera. Today's 1day-1line is about a Use-After-Free Privilege Escalation (LPE) vulnerability occurring in afd.sys, a WinSock kernel driver for Windows. This vulnerability occurs during the socket state notification process; while AfdNotifyPostEvents briefly releases the spinlock, socket cleanup (AfdNotifyDestroyContext) releases mini-completion packets without cancellation, causing the remaining released packets in the queue to be dequeued. Please refer to the blog post for more details! https://t.co/ntzqxANTQw

[1day-1line] CVE-2026-48095: Heap Buffer Overflow in 7-Zip's NTFS Handler Caused by an Integer Overflow in a Shift Operation Hello, this is gongjae. Today's 1day1line covers a heap buffer overflow vulnerability in the file archiver 7-Zip. When 7-Zip handles an NTFS image, GetCuSize() — the function that computes the compressed-stream buffer size — triggers shift undefined behavior (UB) of the form 1 << 32, causing the input buffer to be under-allocated to just 1 byte. Attacker-controlled data is then written immediately afterward, which is where the bug occurs. For more details, please check out the blog post! https://t.co/mec9ZwPJS1

[Hacking jjack jjack🐥] 🌴 Everybody come to Haeundae! This time, the members of HackyBoiz were able to personally attend the Summer Conference hosted by the Korea Information Security Society, so we visited Busan! In Hackingjjackjjack, we will share a review of the Summer Conference along with stories related to the Korea Information Security Society! Please check Hacking Tweet Tweet for more details!🐣 👉 https://t.co/13kmRAkZ0Y #HackingTweetTweet #KoreaInformationSecurityConference #CISC #Paper #KoreaInformationSecuritySociety

Hello from Hackyboiz! Our previous account was unfortunately suspended due to a thumbnail-related guideline violation. 😭 We've also spent the past few months reorganizing and preparing for a new chapter of Hackyboiz(season 2.), so it's great to finally be back and sharing research with everyone again. Today, we're excited to introduce the first article in our Chrome Full-Chain Exploitation series. Think of it as cultivating exploit primitives and gradually building a complete full chain. ⛰️ Wipeload(Wipe Payload for Building Exploit Primitives) Project Ready to join the climb? https://t.co/L9si5RugGT #Hackyboiz #Wipeload #ChromeFullChain #BrowserExploitation #V8 #SandboxEscape #WindowsLPE #CyberSecurity