Archives

2026

28 May When Encryption Isn’t Really Encryption
28 May Less panic patching, more precision
28 May Adversarial Oracles: LLM-Guided EDR Signature Reduction
28 May Grading on a curve: How to assess a pentest
28 May Visual Studio Extensions Revisited
28 May 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
28 May DICOM, Pydicom, GDCM, and Orthanc: A technical tour of what really happens in the heap
28 May From Exploit Code to Production Detection: Building a CVE-2026-31431 (Copy Fail) detection with Agents
27 May Out of the Crypt: The Evolving Cyber Extortion Economy
27 May MediaArea heap-based buffer overflow vulnerabilities
27 May Bad Habits: An ANTISOC Operation
27 May Investigating suspicious AI workflows in Microsoft Entra Agent ID: Autonomous agents
27 May Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
27 May How to detect HTTP/2 abuse in Apache web server logs
26 May Comparing AI Application Security Testing Platforms
26 May Module Stomping PIC
26 May Intelligence Insights: May 2026
26 May PCI DSS, Telephone Payments, and the Problems With VoIP
26 May Exploring Agent based Cloud Review Capabilities
26 May Critical vulnerability in Mirasvit Cache Warmer for Magento
25 May Breaking Tenant Boundaries, When Path Traversal Isn't About the Filesystem
25 May AWS Security Digest #262 - Not private
24 May Navigating Lax Load Balancers: When an Intersection Gets You Inside
24 May Remove SPNs and Fix Kerberoasting
24 May Negative-Days with Vulnerability Spoiler Alert: Three Months Later
23 May HTB: MonitorsFour
23 May How to Secure Your Enterprise LLM Deployment
22 May The Good, the Bad and the Ugly in Cybersecurity – Week 21
22 May RemotePE: The Lazarus RAT that lives in memory
22 May Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
22 May We hardened zizmor's GitHub Actions static analyzer
22 May Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
22 May Securing AI agents: Why guardrail placement is a key design decision
21 May Striga: Lifting x86 to LLVM IR with Python
21 May Shai-Hulud Is Back, and This Time It Ate the Whole Ecosystem
21 May Unpatchable Vulnerabilities of Kubernetes: CVE-2021-25740
20 May Tracking TamperedChef Clusters via Certificate and Code Reuse
20 May SVD-2026-0515: Third-Party Package Updates in Splunk User Behavior Analytics - May 2026
20 May SVD-2026-0512: Third-Party Package Updates in Splunk AppDynamics Private Synthetic Agent (PSA) - May 2026
20 May Reduce CVE noise with OpenVEX assessments in Datadog
20 May Parallel Intelligence and Cognitive Warfare
19 May durabletask: TeamPCP's Latest PyPi Compromise
19 May TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities
19 May From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
19 May Coverage-Driven Sustained Testing (CDST): A Graph-Oriented Model for Open-Ended Agentic Workflows
18 May When Filenames Become Attack Surfaces: Weaponizing NASA's CFITSIO Extended Filename Syntax
18 May How OLTs may have exposed entire ISP networks
18 May Distinguished paper award for Phoenix!
18 May SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain
18 May AWS Security Digest #261 - Pretending
18 May Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments
16 May HTB: Pterodactyl
15 May Living Off the Pipeline: Defending Against CI/CD Subversion
15 May Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
15 May Design-Based Vulnerabilities on macOS： Oops, Not a One-Shot Fix
14 May Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
14 May Finding Your Way on the Passkey Path
14 May Critical FunnelKit vulnerability threatens 40,000+ WooCommerce checkouts
14 May Backdoored node-ipc npm releases steal developer credentials through DNS queries
14 May Backdoored Cemu release linked to TanStack and Mistral supply chain campaign
13 May The Convergence of Cloud Secrets & AI Risk
13 May Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend
13 May How to Identify and Exploit New Vulnerabilities
13 May Investigating server compromises with cgroups: A Linux DFIR primer
13 May A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
13 May Microsoft Patch Tuesday – May 2026
13 May Shai-Hulud Goes Open Source
13 May Disclosure: Teachable's CDN Is Stealing From Teachers
13 May Composer vulnerability leaks GitHub tokens, threatens PHP supply chain
12 May Microsoft Patch Tuesday for May 2026 — Snort rules and prominent vulnerabilities
12 May The beast needs a cage: What's next for AppSec post-Mythos
12 May Keys to the Kingdom Live Stripe Credentials Exposed via Unauthenticated OAuth Endpoint
12 May Nuclei Templates - April 2026
12 May Go fuzzing was missing half the toolkit. We forked the toolchain to fix it.
12 May State-sponsored actors, better known as the friends you don’t want
12 May Slamming the Door on Quick Assist Tech Support Scams and Abuse
12 May Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised
11 May Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
11 May Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware
11 May AWS Security Digest #260 -
11 May Malicious Coding Agent Skills and the Risk of Dynamic Context
10 May Personal Software and BaremetalVMM
09 May The Accidental C2 - Exploring Dev Tunnels for Remote Access
09 May HTB: Overwatch
08 May Hunting ClickFix Win + X Variants
08 May The Good, the Bad and the Ugly in Cybersecurity – Week 19
08 May Dirty Frag: Linux Kernel Local Privilege Escalation via ESP and RxRPC
08 May Oh MyAudi!
08 May Claude Code Cost Tracking: AWS Bedrock vs Pro Max (Part 2) — Tag Propagation, Sydney Migration, Bug Fixes
08 May Remote Code Execution Vulnerability in Fooocus
08 May Kubernetes security fundamentals: Secrets
07 May The New Reality in Cybersecurity: AI Agents, Acceleration, and Asymmetry
07 May Spring cleaning your browser
07 May GRC in an AI World - Staying in the Fast Lane Without Losing the Race!
07 May Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
06 May Gibbon v30.0.00: Authenticated SQL Injection and RCE
06 May The IGVM File Format
06 May Open-Sourcing 140+ Weaponisable File Type Samples: Test What Your Defences Actually Block
06 May Swapper – A Pure Regex Match/Replace Burp Extension
06 May Critical Buffer Overflow Vulnerability in PAN-OS Exploited in-the-Wild
06 May Insights into the clustering and reuse of phone numbers in scam emails
06 May Breaking SameSite=Strict in Chrome
05 May Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
05 May [Deprecated] Break LLM Workflows with Claude's Refusal Magic String
05 May C/C++ checklist challenges, solved
05 May UAT-8302 and its box full of malware
05 May CloudZ RAT potentially steals OTP messages using Pheno plugin
05 May pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI
05 May The Defensive Stack is Exposed: LLMs, Reverse Engineering, and the End of Opaque Defense
04 May The Danger of Multi-SSO AWS Cognito User Pools
04 May Paramiko Security Audit
04 May Redis array type: short story of a long development
04 May AWS Security Digest #259 - Better late
04 May Evaluating our Threat Hunting Detection Rules (+ KQL Query Evaluation)
02 May Chaining ISC DHCP Server Features for Unauthenticated Root Remote Code Execution
02 May Tuned by Design: Why Detection Engineering Needs Its Own Development Lifecycle
01 May Essential Data Sources for Detection Beyond the Endpoint
01 May The Good, the Bad and the Ugly in Cybersecurity – Week 18
01 May The Life-Dinner Principle in Detection
01 May 3 ways custom scan checks turn practitioner knowledge into scalable automation
01 May Discovering Vulnerabilities in Enterprise Audiovisual Hardware
30 Apr That AI Extension Helping You Write Emails? It’s Reading Them First
30 Apr ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution and NTLM Relay
29 Apr Auditing Application Permissions in Microsoft Entra ID: Hidden Risks, Pitfalls, and Quarkslab's QAZPT Tool
28 Apr (CVE-2026-41873) Apache Pony Mail CRLF Injection and SSRF Leading to Full Account Takeover
23 Apr When Wi-Fi Encryption Fails: Protecting Your Enterprise from AirSnitch Attacks
23 Apr Identifying and containing a data breach
23 Apr You’re Not Watching MCPs. Anthropic’s Vulnerability Shows Why You Should Be.
23 Apr IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persist
22 Apr Bad Apples: Weaponizing native macOS primitives for movement and execution
22 Apr Phishing and MFA exploitation: Targeting the keys to the kingdom
22 Apr 500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise
22 Apr Microsoft Entra ID: Understanding OAuth App Consent and Permissions
22 Apr Some notes on the security properties of the pipe_buffer kernel object
22 Apr From a Regular Red Team Exercise to Developing a Custom C2 Channel over MS Teams
21 Apr From Code to Pipeline: Wiz Code Now Secures Your Build Environment
21 Apr Context.ai OAuth Token Compromise
21 Apr Fracturing Software Security With Frontier AI Models
21 Apr Threat Hunting via InternetMessageId (+ KQL Queries)
21 Apr Detection Visibility Metrics
21 Apr AWS Security Digest #257 - Myth not Mythos?
21 Apr swic: a simple web interface for calibre
20 Apr Pickling the Mailbox: A Deep Dive into CVE-2025-20393
20 Apr CFITSIO Fuzzing: Memory Corruptions and a Codex-Assisted Pipeline
19 Apr HTB: AirTouch
19 Apr SQLite prefixes its temp files with `etilqs_`
18 Apr The Good, the Bad and the Ugly in Cybersecurity – Week 16
18 Apr We beat Google’s zero-knowledge proof of quantum cryptanalysis
18 Apr The Mythos Effect: Preparing for AI-Accelerated Exploitation
18 Apr Mythos, Memory Loss, and the Part InfoSec Keeps Missing
18 Apr Threat Brief: Escalation of Cyber Risk Related to Iran (Updated April 17)
18 Apr Beyond the Perimeter How an On-Premises Domain Admin Compromise Unlocked the Cloud
18 Apr Anonymous credentials: an illustrated primer (Part 2)
17 Apr Spotting CI/CD misconfigurations before the bots do: Securing GitHub Actions with Datadog IaC Security
17 Apr Obfuscation vs the Optimizer: An LLVM Middle-End Arms Race
17 Apr A Deep Dive Into Attempted Exploitation of CVE-2023-33538
17 Apr The case for dependency cooldowns in a post-axios world
17 Apr PowMix botnet targets Czech workforce
17 Apr Foxit, LibRaw vulnerabilities
17 Apr AI cybersecurity is not proof of work
16 Apr Signed, Trusted, and Abused: Proxy Execution via WebView2
16 Apr Identity, browsers, and node.js: Everything you missed in the Threat Detection Report miniseries
16 Apr Shadow Admins in Active Directory: Hidden Privilege Paths Attackers Exploit
16 Apr LmCompatibilityLevel and the PDC Trap
16 Apr SVD-2026-0407: Sensitive Information Disclosure in ''_internal'' index in Splunk MCP Server app
16 Apr SVD-2026-0405: Third-Party Package Updates in Splunk Enterprise - April 2026
16 Apr Business CTF 2022: H2 Request Smuggling and SSTI - Phishtale
16 Apr Uni CTF 2022: UNIX socket injection to custom RCE POP chain - Spell Orsterra
16 Apr Finding RCE in NodeJS templating engine ‘Eta’ - CVE-2022-25967
16 Apr Business CTF 2022: Chaining Self XSS with Cache Poisoning - Felonious Forums
16 Apr Performing Supply-Chain Attack in the NodeJS Ecosystem [hands-on exercise]
15 Apr The n8n n8mare: How threat actors are misusing AI workflow automation
15 Apr Can a Predicted `window.open` Target Really Be That Impactful?
15 Apr Slacker Slash: Bypassing Bun Security Middleware via Normalization Desync
15 Apr Chaining service key leakage and path confusion in LangSmith (Resolved)
15 Apr Authenticated Arbitrary File Read via Race Condition leads to 0-Click Account Take Over on n8n
15 Apr The Dot-Dot-Slash That Frameworks Hand You: CSPT Across Every Major Frontend Framework
15 Apr Detect runtime threats in Python Lambda functions with Datadog AAP
15 Apr BSIM explained once and for all!
15 Apr Primer on GitHub Actions Security - Threat Model, Attacks and Defenses (Part 1/2)
15 Apr Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack
15 Apr Benchmarking Self-Hosted LLMs for Offensive Security
15 Apr State-sponsored threats: Different objectives, similar access paths
15 Apr Microsoft Patch Tuesday for April 2026 - Snort Rule and Prominent Vulnerabilities
15 Apr Intercepting WCF Traffic with wcfproxy
15 Apr Microsoft Patch Tuesday – April 2026
15 Apr Mythos and its impact on security
15 Apr Citrix Breakout When Restricted Means Nothing
14 Apr Binary Ninja 5.3 (Jotunheim)
14 Apr AWS Security Digest #256 - TY Mythos
14 Apr JitterDropper
14 Apr Fixing ESC8 - Web Enrollment is enabled over HTTP and HTTPS, and Channel Binding is disabled
14 Apr LibreNMS < 26.3.0 Authenticated RCE & XSS
13 Apr Validating Browser Defences with Push Security and delivr.to
12 Apr IrDA
12 Apr HTB: Eighteen
11 Apr Introducing our open source AI-native SAST
11 Apr The Good, the Bad and the Ugly in Cybersecurity – Week 15
11 Apr Security’s Blind Spot: Physical Keyloggers That Bypass Antivirus Entirely
11 Apr Bypassing LLM Supervisor Agents Through Indirect Prompt Injection
11 Apr 283 - The Future
10 Apr Tearing down a car telematic unit (and finding an accident on Facebook)
10 Apr Edge Decay: How a Failing Perimeter Is Fueling Modern Intrusions
10 Apr Master C and C++ with our new Testing Handbook chapter
10 Apr IAM the Captain Now – Hijacking Azure Identity Access
10 Apr Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8562
10 Apr From the field to the report and back again: How incident responders can use the Year in Review
10 Apr The threat hunter’s gambit
10 Apr How We Cut LLM Costs by 59% With Prompt Caching
10 Apr Scanscope: Visualizing Port Scan Results Using Machine Learning Methods
10 Apr Crystal Mask
09 Apr Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API
09 Apr CI/CD security: How to secure your GitHub ecosystem
09 Apr CI/CD security: threat modeling using a MITRE-style threat matrix
09 Apr Cracks in the Bedrock: Agent God Mode
09 Apr New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations
09 Apr AI in cybersecurity: The good, the bad, and the FUD
09 Apr Scroll trīgintā sextus
08 Apr Year in Review: Vulnerabilities old and new and something React2
08 Apr Yandex Services Source Code Leak
08 Apr What we learned about TEE security from auditing WhatsApp's Private Inference
08 Apr What enables malicious models?
08 Apr Using KServe to deploy malicious models
08 Apr The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines
08 Apr Reversing ELFs on TryHackMe: Crackme8
08 Apr Remote Session Enumeration via Undocumented Windows APIs
08 Apr PrivEsc: Abusing the Service Control Manager for Stealthy & Persistent LPE
08 Apr Model Confusion - Weaponizing ML models for red teams and bounty hunters
08 Apr Kernel Drivers, Process Protection, and ...Bears?
08 Apr Introducing the Offsec ML Playbook v0.1
08 Apr Introducing MacNoise!
08 Apr Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox
08 Apr Building a Detection Foundation: Part 5 - Correlation in Practice
08 Apr Adversaries sometimes compute gradients. Other times, they rob you.
07 Apr What is LLM Penetration Testing? A Complete Guide
07 Apr Understanding Current Threats to Kubernetes Environments
05 Apr HTB: DarkZero
04 Apr Six Accounts, One Actor: Inside the prt-scan Supply Chain Campaign

Archives

Trending Tags