// #red-team
2 articles
PhantomRPC — Unpatched Windows Privilege Escalation Technique Abuses COM Server Activation
Security researchers have disclosed PhantomRPC, an unpatched local privilege escalation technique in Windows that abuses the COM server activation mechanism to elevate from standard user to SYSTEM without triggering standard EDR alerts. Microsoft has acknowledged the report but not committed to a patch timeline. Defenders should implement mitigation controls; red teams should incorporate this technique into assessments.
AI Agents Can Autonomously Compromise Cloud Infrastructure With Minimal Human Oversight, Research Finds
New academic research demonstrates that AI agents equipped with common cloud security tools can autonomously identify, chain, and exploit misconfigurations in production-like cloud environments — achieving lateral movement, privilege escalation, and data exfiltration in multi-step attack sequences without human guidance. The findings have direct implications for red team methodologies, cloud security posture management, and the adversarial use of AI-assisted attack tooling.