Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025)
The core issue: Windows RPC runtime doesn't verify whether the server a high-privileged client connects to is legitimate. If a target RPC server is unavailable, an attacker with SeImpersonatePrivilege can spin up a fake RPC server mimicking the same endpoint, wait for a SYSTEM-level client to connec
ORIGINAL SOURCE →via Reddit r/cybersecurity
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] AI lowers moral barriers to crime, expanding pool of would-be fraudsters
- [CYBER] 5 Critical Security Vulnerabilities in Python APIs (and How to Fix Them in Production)
- [CYBER] UK-based group urges sanctions on 62 Israeli lawmakers over death penalty bill
- [CYBER] My project against Malicious Browser Extensions
- [CYBER] CVE-2026-31691 - igb: remove napi_synchronize() in igb_down()
- [CYBER] CVE-2026-31690 - firmware: thead: Fix buffer overflow and use standard endian macros