Skip to content
The Nexus
DossierENTITY

privilege escalation

Coverage of privilege escalation in the Nexus archive.

Earliest in view: Apr 14 · 14:02 UTCMost recent: Jul 3 · 22:39 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 3 · 22:39 UTCHACKER NEWS
    Elevating Privileges from Firefox to Android Root

    The article discusses a method to escalate privileges from Firefox to Android root, highlighting a potential security vulnerability. It references a specific article URL and Hacker News comments.

  • SECURITYMay 21 · 10:55 UTCTHE HACKER NEWS
    Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

    Microsoft has disclosed two actively exploited vulnerabilities in Microsoft Defender, including a privilege escalation flaw (CVE-2026-41091) rated 7.8 on the CVSS scale that could allow attackers to gain SYSTEM privileges, and a denial-of-service vulnerability. These flaws are currently being exploited in the wild.

  • SECURITYApr 28 · 06:37 UTCTHE HACKER NEWS
    Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

    Microsoft has patched a vulnerability in its Entra ID platform where the Agent ID Administrator role could be exploited for privilege escalation and identity takeover attacks, as reported by cybersecurity firm Silverfort. The flaw, related to AI agent identity lifecycle management, highlights risks in administrative roles within identity platforms.

  • SECURITYApr 28 · 06:27 UTCHACKER NEWS
    GTFOBins

    GTFOBins is a resource for security professionals that lists binaries which can be exploited for privilege escalation or command execution. The article links to its website and a Hacker News comment thread with 40 points and 3 comments.

  • SECURITYApr 27 · 15:31 UTCDARK READING
    Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

    A researcher discovered an unpatched vulnerability in Windows' Remote Procedure Call (RPC) mechanism, dubbed 'PhantomRPC,' which allows privilege escalation due to architectural weaknesses. The flaw enables five distinct exploit paths when handling connections to unavailable services.

  • SECURITYApr 23 · 11:05 UTCBLEEPING COMPUTER
    CISA orders feds to patch BlueHammer flaw exploited as zero-day

    CISA has directed U.S. federal agencies to address a critical privilege escalation vulnerability in Microsoft Defender, known as BlueHammer, which is currently being exploited in zero-day attacks. The flaw allows attackers to escalate privileges, posing a significant security risk.

  • SECURITYApr 14 · 14:02 UTCBLEEPING COMPUTER
    5 Ways Zero Trust Maximizes Identity Security

    The article discusses how Zero Trust frameworks enhance identity security by addressing stolen credentials, which are a major breach vector. It highlights Specops' approach to limiting access, enforcing device trust, and preventing lateral movement to mitigate privilege escalation risks.

privilege escalation · Dossier · The Nexus