A new Linux local privilege escalation exploit has emerged from the same subsystem as Dirty Frag and if you patched instead of mitigated, you may still be exposed. What is the Linux XFRM ESP-in-TC...

A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Dirty Frag: Two ...

The flaw has existed in the kernel since 2017 and reliably affects nearly every major distribution, including Ubuntu, Red Hat Enterprise Linux (RHEL), Amazon Linux, and SUSE. CVE-2026-31431 The “...

The evil Easter bunnies operate a web control panel that holds the wormhole open. Using cURL, identify the endpoints, send the required requests, and shut the wormhole once and for all. The Sto...

Learn the basics of AWS enumeration. The Story Introduction One of our stealthiest infiltrated elves managed to hop their way into Sir Carrotbane’s office and, lo and behold, discovered a ...

Explore how to analyze a large PCAP and extract valuable information. The Story Introduction The TBFC is very wary since the last series of attacks by the underlings of King Malhare. They ...

Learn about malware analysis and forensics. The Story Introduction And in our kingdom of Wareville, just like in others, thousands of files of all kinds pass through the systems every day,...

Learn how to exploit a race condition attack to oversell the limited-edition SleighToy. The Story Introduction The Best Festival Company (TBFC) has launched its limited-edition SleighToy, ...

Learn to identify and exploit weaknesses in ICS systems. The Story Introduction The snow falls heavily over Wareville as chaos erupts at TBFC headquarters. What should be the busiest shipp...

McSkidy keeps her focus on a particular alert that caught her interest: an email posing as northpole-hr. The Story Introduction WareVille has not felt right since the wormhole appeared. Ev...