In a chilling reminder of the ongoing cat-and-mouse game between AI system developers and security researchers, recent revelations have exposed a new dimension of vulnerability in large language models (LLMs) like ChatGPT—one that hinges not on sophisticated technical exploits, but on the clever...
adversarial ai
adversarial prompts
ai cybersecurity
ai exploits
ai regulatory risks
ai safety filters
ai safety measures
ai security
ai threat detection
chatgpt vulnerability
conversational ai risks
llm safety
llm safety challenges
microsoft product keys
prompt engineering
prompt manipulation
prompt obfuscation
red teaming ai
securityresearcher
social engineering
At just 13 years old, Dylan has emerged as a formidable force in the cybersecurity realm, collaborating with the Microsoft Security Response Center (MSRC) to identify and rectify vulnerabilities across Microsoft's vast array of products. His journey from a curious student to a recognized...
bug bounty
cybersecurity
cybersecurity achievements
cybersecurity challenges
cybersecurity innovations
digital safety
global research
microsoft
microsoft bug bounty
msrc
online security
resilience in tech
responsible disclosure
securityresearchersecurity vulnerabilities
tech for youth
technology education
vulnerability research
young talent
youth in tech
A critical and as yet unpatched vulnerability in Windows Server 2025 has shaken the enterprise security community, exposing devastating privilege escalation risks for nearly any Active Directory (AD) environment leveraging the platform. Security researchers at Akamai uncovered the exploit—dubbed...
active directory
active directory attack
active directory security
ad permissions
attribute manipulation
cyberattack prevention
cybersecurity threat
cybersecurity threats
dmsa exploit
dmsa vulnerability
domain controller
domain controller security
enterprise security
incident response
it security
kerberos attack
microsoft patch
microsoft security
microsoft vulnerability
microsoft windows
network security
operational security
permission management
privilege escalation
security advisory
security best practices
security mitigation
securityresearchersecurity risks
security vulnerability
server security
threat detection
vulnerability disclosure
windows server
windows server 2025
Microsoft’s recent Windows update released in April 2025 has introduced an unexpected and somewhat controversial element to the Windows file system: an empty folder named "inetpub" appearing on many user systems. This update, part of Windows 11 24H2 and Windows 10 cumulative patches (notably...
cve-2025-21204
cybersecurity alerts
directory hijacking
directory junction
directory junctions
filesystem security
inetpub folder
it administration
it security news
microsoft patch
microsoft updates
mklink utility
patch management
security patch
security patches
securityresearchersecurity vulnerability
symlink attack
symlink security
system administration
system folder security
system security
system security best practices
update risks
windows 10
windows 11
windows 2025 update
windows iis
windows process activation
windows security
windows system files
windows system folders
windows update
windows update patch
windows vulnerabilities
windows vulnerabilities mitigation
Here is a summary of the original Petri article on the Windows 11 'inetpub' folder security risk:
What happened?
After the April 2025 Patch Tuesday update, a new "inetpub" folder started appearing on Windows 10 and 11 machines.
Microsoft created this folder to help patch a bug (CVE-2025-21204)...
admin tips
administrative permissions
cve-2025-21204
cyberattack prevention
cybersecurity
cybersecurity best practices
directory junction
directory junctions
endpoint protection
file system security
folder permissions
inetpub folder
insider threat
it protection
it security
junction points
local user exploit
malware exploitation
malware risk
microsoft april 2025 update
microsoft patch
microsoft security
microsoft updates
microsoft windows
operating system security
permission hardening
permissions hardening
security alerts
security mitigation
security patch
securityresearchersecurity vulnerabilities
security vulnerability
security workaround
symbolic link exploit
symbolic links
symlink exploitation
symlink vulnerability
symlinks
sysadmin guide
sysadmin tips
system integrity
system patching
system permissions
system protection
system security
system update bypass
system update security
system vulnerabilities
system vulnerability
update security
windows 10
windows 11
windows defender
windows folder permissions
windows iis
windows patch
windows security
windows security patch
windows security risk
windows security update
windows servicing stack
windows system administration
windows system folder
windows system risks
windows update
windows update fix
windows update management
windows update security
windows update vulnerability
windows updates
windows vulnerabilities
windows vulnerability
At Black Hat USA each year, we unveil the Top 100 Security Researcher list to reflect the amazing engagement we get from the community. During this period, we had several thousand researchers engage with the Microsoft Security Response Center (MSRC). We appreciate all the partnership and...
acknowledgements
annual report
august 2018
black hat usa
bounty for defense
community engagement
cybersecurity
industry collaboration
microsoft
mitigation bounty
msrc
research impact
research methods
research recognition
researchers
security impact
securityresearcher
severity
top 100
vulnerabilities
Criminal Hacker "Iceman" gets 13 years. Former "Security Researcher- Max Butler" has been sentenced to 13 years for hacking into a financial institutions and stealing credit card account numbers.