Two individuals successfully bypassed a normal WAF for exploiting XSS using unicode and bypassed Kaspersky EDR for dumping lsass. Both incidents highlight the importance of robust security measures and the ongoing cat-and-mouse game between attackers and defenders.
For more details, check out the original tweet here: https://twitter.com/0xvaeed/status/1801195813994905620