DLLs & TLS Callbacks – SANS Internet Storm Center

Xavier’s diary entry “Abusing DLLs EntryPoint for the Fun” inspired me to do some tests with TLS Callbacks and DLLs. TLS stands for Thread Local Storage. TLS Callbacks are an execution mechanism in Windows PE files that lets code run automatically when a process or thread starts, before the program’s normal entry point is reached. I’ve…

Read More

Bi-directional streaming for real-time agent interactions now available in Amazon Bedrock AgentCore Runtime

Building natural voice conversations with AI agents requires complex infrastructure and lots of code from engineering teams. Text-based agent interactions follow a turn-based pattern: a user sends a complete request, waits for the agent to process it, and receives a full response before continuing. Bi-directional streaming removes this constraint by establishing a persistent connection that…

Read More

The Ultra-Realistic AI Face Swapping Platform Driving Romance Scams

The Chinese-language artificial intelligence app Haotian is so effective that it’s made millions of dollars selling its face-swapping technology on Telegram. The service integrates easily with messaging platforms like WhatsApp and WeChat and claims that users can tweak up to 50 settings—including the ability to adjust things like cheekbone size and eye position—to help mimic…

Read More

Build and deploy scalable AI agents with NVIDIA NeMo, Amazon Bedrock AgentCore, and Strands Agents

This post is co-written with Ranjit Rajan, Abdullahi Olaoye, and Abhishek Sawarkar from NVIDIA. AI’s next frontier isn’t merely smarter chat-based assistants, it’s autonomous agents that reason, plan, and execute across entire systems. But to accomplish this, enterprise developers need to move from prototypes to production-ready AI agents that scale securely. This challenge grows as…

Read More

Critical unauthenticated RCE affecting Hewlett Packard Enterprise OneView

Overview On December 17, 2025, Hewlett Packard Enterprise (HPE) published an advisory for CVE-2025-37164, a CVSS 10.0 vulnerability in HPE OneView. The vulnerability, which was reported to HPE by security researcher Nguyen Quoc Khanh, facilitates unauthenticated remote code execution (RCE) on versions of HPE OneView before 11.0. Defenders are advised to prioritize upgrading to version…

Read More