HackingPassion.com
👻 home posts ethical hacking course newsletter shop whoami github youtube
HackingPassion.com

Privilege-Escalation

14 posts

/configconfusion-google-no-bounty/configconfusion-google-no-bounty.png
Google Told the Researcher Nice Catch Then Refused to Pay and Never Fixed It

June 23, 2026

Google told a security researcher his bug was a nice catch, lined up his payout, then eleven days later called it harmless and refused to pay a cent. The flaw …

/rogueplanet-windows-defender-zero-day/rogueplanet-windows-defender-zero-day.png
RoguePlanet Windows Defender Zero Day Hands Any User Full SYSTEM Control

June 10, 2026

Nightmare-Eclipse is back, with a new exploit called RoguePlanet. Windows 10 and 11 have a new zero-day that lets a user with no rights take complete control of …

/nftables-root-use-after-free/nftables-root-use-after-free.png
One Character in nftables Hands Any Linux User Root

June 9, 2026

One extra character in the Linux kernel hands a normal user root. A single ! that does not belong inside nftables, the firewall built into Debian and Ubuntu by …

/ghosttree-ntfs-defender-bypass/featured-image.png
GhostTree Makes Windows Defender Stop Scanning With Two Lines of Code

May 21, 2026

GhostTree makes Windows Defender stop scanning. Two lines of code, no admin rights, and malware sitting right next to it goes completely undetected. A Varonis …

/miniplasma-windows-zero-day-system-access/featured-image.png
MiniPlasma Windows Zero Day Gives Any User SYSTEM Access on a Fully Patched Machine

May 18, 2026

A Windows zero-day called MiniPlasma gives any standard user full SYSTEM access on a fully patched machine. Microsoft patched it in December 2020, assigned it …

/dirty-frag-linux-root/featured-image.gif
Dirty Frag Gives Root Access on Every Major Linux Distribution

May 8, 2026

A new Linux zero-day called Dirty Frag gives any local user full root access on every major Linux distribution, and right now no distribution has a patched …

/copy-fail-linux-kernel-cve-2026-31431/featured-image.png
Copy Fail CVE-2026-31431: Nine Years of Root Access Hidden in the Linux Kernel

April 30, 2026

Since 2017, every major Linux distribution has been shipping a flaw that hands root access to any local user. The exploit is a 732-byte Python script that uses …

/phantomrpc-windows-privilege-escalation/featured-image.png
PhantomRPC: Windows Has a Privilege Escalation Problem Microsoft Won't Fix

April 28, 2026

Last week at Black Hat Asia in Singapore, a Kaspersky researcher publicly demonstrated PhantomRPC: five separate ways to take any standard Windows service …

/redsun-undefend-defender-zero-days/featured-image.png
RedSun and UnDefend: Two Unpatched Windows Defender Zero-Days

April 19, 2026

Two unpatched Windows Defender zero-days have been actively exploited since April 16th, and both of them work on fully patched Windows 10, Windows 11, and …

/bluehammer-windows-defender-zero-day/featured-image.png
Windows Defender Is Being Used to Hack Windows

April 10, 2026

Windows Defender, the built-in antivirus running on every Windows machine, has a zero-day exploit with full source code sitting on GitHub. No patch, no CVE, and …

/gpubreach-attack-nvidia-gpu/featured-image.png
GPUBreach Attack Gives Hackers a Root Shell on NVIDIA GPUs

April 8, 2026

NVIDIA GPUs with GDDR6 memory can be used to take full control of a system, including a root shell, bypassing hardware defenses that were supposed to stop …

/cve-2023-31096-microsoft-modem-driver-exploit/featured-image.png
CVE-2023-31096: Microsoft Modem Driver Exploit Fixed Three Years Later

January 14, 2026

In January 2026, Microsoft had already patched 114 vulnerabilities! Four modem drivers deleted since October. Companies that wrote them: gone. Source code: …

/unix-v4-1973-buffer-overflow-history/featured-image.png
52-Year-Old Unix Tape Reveals the Same Buffer Overflow We're Still Making Today

January 11, 2026

A 52-year-old tape just revealed a buffer overflow that looks exactly like the bugs we’re still finding today. 😏 In July 2025, someone found a magnetic …

/cve-2025-62215-windows-kernel-race-condition/featured-image.png
Your Windows Kernel Has a Race Condition Being Exploited Right Now

November 12, 2025

Your Windows Kernel has a race condition. You’ve probably never thought about race conditions. (Most people haven’t. But stick with me…) …