All posts

4 posts

aresinheaven bio

aresinheaven info

Jun 9, 2026·1 min read

Warp Terminal WSL Command Injection: Escaping the Sandbox via OSC 8 Hyperlinks

How we found an OS command injection in Warp Terminal on WSL that lets an attacker escape the Linux sandbox and execute arbitrary commands on the Windows host through crafted terminal hyperlinks.

Jun 9, 2026·4 min read

cvecommand-injection

Unmasking Etherhiding: Reverse Engineering a Modular ClickFix Loader

A deep dive into bypassing anti-emulation, rebuilding decoders, and uncovering Web3-based C2 infrastructure in a sophisticated ClickFix campaign variant.

May 20, 2026·6 min read

malwarereverse-engineering

The Hidden Cost of Misconfiguration: Exploiting Exposed Ray Clusters

An educational look at insecure deserialization in distributed AI systems — how misconfigured Ray clusters lead to instant remote code execution.

May 15, 2026·6 min read

cloud-securitydeserialization