Big thank you to ThreatLocker for sponsoring my trip to ZTW26 and also for sponsoring this video. To start your free trial with ThreatLocker please use the following link: https://www.threatlocker.com/davidbombal

Forget hot glue and paper clips. Here are 7 REAL 5-minute cybersecurity hacks everyone should know in 2026. Recorded live at Zero Trust World (ZTW26), David Bombal and a team of hackers demonstrate actual cyber attacks and how quickly your systems can be compromised.

From forcing AI prompt injections to steal credentials, to hiding C2 servers
in plain sight on a Steam profile, these are the real-world exploits threat actors are using right now. We’re diving into the technical weeds to show you Windows LNK shortcut hijacking, Linux privilege escalation via sudo misconfigurations, and how to protect yourself from these exact attacks.

// Guests’ SOCIAL //
Alex Benton: Rename StickyKeys / alex-benton-b805065
Kenneth Walker: Everthing is a C2 / kenneth-walker-527595109
Jacob Meyer: Shortcut Hijack / jacob-meyer-165b8359
David Smith: Alternate Data Streams / david-smith-sudo-wrestler
Karla Abarca: The validity of an application before execution / karlaabarcacyber
Ramsey Shaban: Prompt Injection / ramsey-shaban-390335205
Tillman Hall Powershell Fake Logon / tillmanhall
Rayton Li: Rooting Around Linux: Privilege Escalations / rayton-li
Kieran Human: Network Hash Stealing / kieran-human-5495ab170

// ThreatLocker’s SOCIAL //
LinkedIn: https://www.linkedin.com/company/threatlockerinc/posts/?feedView=all

X: https://x.com/threatlocker
Instagram: / threatlocker
Website: https://www.threatlocker.com/

// David’s Social //

================
Coect with me:
================
Discord: http://discord.davidbombal.com
X: https://www.x.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube Main https://www.youtube.com/davidbombal
YouTube Tech: https://www.youtube.com/chael/UCZTIRrENWr_rjVoA7BcUE_A
YouTube Clips: https://www.youtube.com/chael/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Emerging Technologies: https://www.youtube.com/chael/UCbY5wGxQgIiAeMdNkW5wM6Q
YouTube Shorts: https://www.youtube.com/chael/UCEyCubIF0e8MYi1jkgVepKg
Apple Podcast: https://davidbombal.wiki/applepodcast
Spotify Podcast: https://open.spotify.com/show/3f6k6gERfuriI96efWWLQQ
SoundCloud: / davidbombal

================
Support me:
================
Or, buy my CCNA course and support me:
DavidBombal.com: CCNA ($10): http://bit.ly/yt999ccna
Udemy CCNA Course: https://bit.ly/ccnafor10dollars
GNS3 CCNA Course: CCNA ($10): https://bit.ly/gns3ccna10

// MY STUFF //
https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com

// MENU //
0:00 – Coming Up
0:59 – Intro
01:20 – ThreatLocker Sponsor
01:36 – Demo 1: Sticky Keys
04:20 – Demo 2: Steam-Based C2 Attack
09:25 – Demo 3: Shortcut Hijacking
13:32 – Demo 4: Hidden Malware in Alternate Data Streams
20:18 – Demo 5: Safe App Validation (3-Step Check)
24:39 – AI Prompt Injection Attack
28:45 – Demo 6: Linux Privilege Escalation (Sudo Abuse)
34:10 – Demo 7: Credential Theft & Hash Cracking
36:38 – Conclusion

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#5minutehacks #hacking #redteaming