Taiwan charges two businessmen over alleged role in Chinese espionage campaign
Former UK privacy chief preparing legal action against woman who reported him, minister says
Spain arrests alleged supporter of pro-Russian hacktivist groups after FBI tip
EU unveils cyber plan to reduce reliance on foreign AI systems
Supreme Court allows Texas app law requiring age verification to take effect
What's New
Top 5 Across All Sources-
Taiwan charges two businessmen over alleged role in Chinese espionage campaign
The Record from Recorded Future News · 1h ago -
Sony's True RGB display made this one of the most impressive TVs I've tested
Latest news · 1h ago -
Entra passkey enrollment vishing targets Microsoft 365 users
BleepingComputer · 1h ago -
OpenAI's new GPT-Live-1 voice model won't interrupt you - why that's a big deal
Latest news · 1h ago -
I tried DuckDuckGo's new video player, and it blocks YouTube ads for free
Latest news · 1h ago
Gigafeed (4375 entries)
Taiwan charges two businessmen over alleged role in Chinese espionage campaign The Record from Recorded Future News · 1h ago Sony's True RGB display made this one of the most impressive TVs I've tested Latest news · 1h ago Entra passkey enrollment vishing targets Microsoft 365 users BleepingComputer · 1h ago OpenAI's new GPT-Live-1 voice model won't interrupt you - why that's a big deal Latest news · 1h ago I tried DuckDuckGo's new video player, and it blocks YouTube ads for free Latest news · 1h ago Accenture Confirms Data Breach After Hacker Claims Source Code Theft SecurityWeek · 1h ago TeamPCP Attention John Hammond · 1h ago LIVE: 1 Million Subscribers | DEF CON/Summer Camp Giveaway The Cyber Mentor · 1h ago Cisco Advance Notification for Publication of July 15, 2026, Security Advisories Cisco Security Advisory · 1h ago China-Linked APT Expands Arsenal With New ‘Leash’ Backdoors SecurityWeek · 1h ago I tried Claude Cowork on my Gmail inbox after Gemini choked - and it saved me hours of work Latest news · 2h ago New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware The Hacker News · 2h ago I tested the Roborock Saros 20, and I'd trust it for the next decade Latest news · 2h ago Black Hat Europe 2025 | Breaking AI Inference Systems: Lessons From Pwn2Own Berlin Black Hat · 2h ago Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS The Hacker News · 2h ago Former UK privacy chief preparing legal action against woman who reported him, minister says The Record from Recorded Future News · 2h ago Attackers using Langflow flaw for credential harvesting (CVE-2026-55255) Help Net Security · 3h ago 3 Ways AI Powers Service Desk Attacks and How to Prevent Them BleepingComputer · 3h ago Censys Internet Map links real-time DNS data to internet infrastructure Help Net Security · 3h ago Spain arrests alleged supporter of pro-Russian hacktivist groups after FBI tip The Record from Recorded Future News · 3h ago Blackpoint AI SOC Agent autonomously contains identity-based attacks Help Net Security · 3h ago First Recon AI Security Runtime helps enterprises govern AI with audit-ready evidence Help Net Security · 3h ago Webinar Today: Why Email Security Keeps Failing SecurityWeek · 3h ago FalconStor Cloud Clean Room enables validated recovery without dedicated infrastructure Help Net Security · 3h ago EU unveils cyber plan to reduce reliance on foreign AI systems The Record from Recorded Future News · 4h ago GitHub's former CEO launches a distributed Git network built for the agentic coding age Latest news · 4h ago New Ghost Phishing Wave Is Breaking Traditional Email Security The Hacker News · 4h ago SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users The Hacker News · 4h ago DNSFilter makes its DNS threat protection available to OEM partners Help Net Security · 4h ago Why we're all posting less on social media these days Latest news · 4h ago Felons, Fraudsters Flog Offensive Cybersecurity Startup Krebs on Security · 4h ago Attestiv DeepScan combines AI and forensic analysis for file validation Help Net Security · 4h ago Google Dialogflow CX Bug Allowed Attackers to Hijack AI Conversations SecurityWeek · 4h ago DuckDuckGo browser now blocks YouTube video ads BleepingComputer · 5h ago GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures The Hacker News · 5h ago The Verification Step Is the New ATO Battleground in 2026 The Hacker News · 5h ago Accenture acknowledges security incident following 35GB data theft claim Help Net Security · 5h ago Telco giant KDDI says data breach affects over 12 million people BleepingComputer · 5h ago GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code The Hacker News · 5h ago 3 Android Auto automations that make my drives much easier - and how I set them up Latest news · 6h ago CISA Urges Immediate Patching of Exploited ColdFusion, Langflow, Joomla Flaws SecurityWeek · 6h ago Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection SecurityWeek · 6h ago OnlyFans Models Are Accidentally Making Hacked Government Websites Disappear Security Latest · 6h ago Why leaving extension cords plugged in permanently is riskier than you realize Latest news · 7h ago What Happens if China Hacks the US Water Supply? I Went to a Secret War Game to Find Out Security Latest · 7h ago CISA orders feds to prioritize patching Langflow auth bypass flaw BleepingComputer · 7h ago Crusoe brings serverless fine-tuning to AI model development Help Net Security · 7h ago Automox MCP Server adds visual reviews and AI-driven patch policy creation Help Net Security · 7h ago Cyber-Aware Customers Are Raising the Bar for MSPs and Other Vendors Heimdal Security Blog · 7h ago China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware The Hacker News · 8h ago Found fast, fixed slow: The gap the AI clearinghouse must close CyberScoop · 8h ago Ubiquiti warns of new max severity UniFi OS vulnerability BleepingComputer · 8h ago CISA orders feds to patch max severity ColdFusion flaw by Friday BleepingComputer · 9h ago Hackers can use 9 of the most popular AI tools to assemble massive botnets Security - Ars Technica · 10h ago 15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros The Hacker News · 10h ago CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV The Hacker News · 11h ago This free Android app makes sharing files across Windows, Mac, and iOS so easy for me Latest news · 15h ago NEW AI Hacking Challenges with Andrew Bellini! John Hammond · 15h ago Five Eyes Alert: The AI Deception Has Already Begun | Threat Wire Hak5 · 16h ago The Threat Isn’t the Frontier Model Recorded Future · 17h ago Samsung unveils Galaxy Z Fold 8 deal for up to $1,230 off ahead of July Unpacked - how to qualify Latest news · 18h ago Accenture confirms breach after hacker offers stolen data for sale BleepingComputer · 19h ago Spain arrests suspected hacker linked to Russian hacktivist campaign CyberScoop · 19h ago Deepfake CSAM lawsuit against xAI, Grok expands CyberScoop · 20h ago I turned my phone into an Android TV remote for free - here's why it's genius Latest news · 21h ago Your Windows 11 PC might be hiding a 500GB storage bug - how to check Latest news · 22h ago Chinese hackers develop LONGLEASH malware to expand ORB network BleepingComputer · 22h ago I connected ChatGPT to my bank, and it's my go-to finance app now - here's how (and why) Latest news · 22h ago You can soon restore Windows 11 from scratch even if it can't boot up - here's how Latest news · 23h ago County Government Reportedly Paid $1 Million to Cyber Extortion Group SecurityWeek · 23h ago Hidden backdoor in Tenda router firmware grants admin access BleepingComputer · 23h ago Critical Gitea Flaw Under Active Exploitation, Researchers Warn SecurityWeek · 23h ago Got a spare PC? How I turned mine into an open-source smart home hub for free Latest news · 23h ago RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service The Hacker News · 23h ago The best robot vacuums for 2026: Expert tested and reviewed Latest news · 1d ago Black Hat Intercepted | Anurag Swarnim Yadav, Co-Founder & CTO of QubitAC Black Hat · 1d ago Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots The Hacker News · 1d ago Linux Mint vs. RefreshOS: I compared the two best distros for new users - this one's better Latest news · 1d ago Sennheiser Momentum 5 vs. Bose QuietComfort Ultra 2: I compared the two and found a winner Latest news · 1d ago Supreme Court allows Texas app law requiring age verification to take effect The Record from Recorded Future News · 1d ago What's new with iPhone 18 Pro Max? Guess correctly for a chance to win an Apple Watch Latest news · 1d ago Spain arrests suspected member of pro-Russian hacktivist groups BleepingComputer · 1d ago Black Hat Europe 2025 | Nation-Scale SecOps: How CERT PL Scans Poland Black Hat · 1d ago DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts The Hacker News · 1d ago Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data The Hacker News · 1d ago The GitHub Actions Attack Pattern Your CI Security Scanners Miss BleepingComputer · 1d ago CVE-2026-45638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability MSRC Security Update Guide · 1d ago Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker The Hacker News · 1d ago Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants The Hacker News · 1d ago CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws SecurityWeek · 1d ago Critical Adobe ColdFusion Vulnerability Exploited in Attacks SecurityWeek · 1d ago Webinar tomorrow: Why modern email attacks require a new approach to defense BleepingComputer · 1d ago New Januscape Linux flaw allows VM escape on Intel, AMD devices BleepingComputer · 1d ago What Changes When Your Software Supply Chain Includes AI Writing Your Code? The Hacker News · 1d ago Threat landscape for industrial automation systems. Q1 2026 Securelist · 1d ago Microsoft to enable Windows settings backup by default for orgs BleepingComputer · 1d ago Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities The Hacker News · 1d ago Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities CyberScoop · 1d ago CVE-2026-9080 UAF after pause in socket callback MSRC Security Update Guide · 1d ago CVE-2026-8926 password leak with netrc and user in URL MSRC Security Update Guide · 1d ago CVE-2026-10536 HTTP/2 stream-dependency tree UAF MSRC Security Update Guide · 1d ago CVE-2026-8286 wrong STARTTLS connection reuse MSRC Security Update Guide · 1d ago CVE-2026-8458 wrong reuse for different services MSRC Security Update Guide · 1d ago CVE-2026-8924 trailing dot domain super cookie MSRC Security Update Guide · 1d ago CVE-2026-8932 incomplete mTLS config matching in conn reuse MSRC Security Update Guide · 1d ago CVE-2026-9545 exposing HTTP/3 early data MSRC Security Update Guide · 1d ago CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh MSRC Security Update Guide · 1d ago CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html MSRC Security Update Guide · 1d ago CVE-2026-14647 onnx onnxruntime old.cc convPoolShapeInference_opset19 out-of-bounds MSRC Security Update Guide · 1d ago CVE-2026-12480 Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras MSRC Security Update Guide · 1d ago CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl MSRC Security Update Guide · 1d ago CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop MSRC Security Update Guide · 1d ago CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension MSRC Security Update Guide · 1d ago CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware The Hacker News · 1d ago BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA The Hacker News · 1d ago Unveiled: Cisco Deep Reasoning David Bombal · 1d ago US Army websites defaced with pro-Kurdish sentiments, insults to Trump CyberScoop · 1d ago LIVE AMA | Summer of CCNA | 07/09/2026 NetworkChuck · 2d ago 5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management Microsoft Security Blog · 2d ago What return behavior looks like around the world Fraud Prevention – Riskified · 2d ago Sysdig clocks first documented case of agentic ransomware CyberScoop · 2d ago Open Source Malware John Hammond · 2d ago Black Hat Europe 2025 | Not Just Victims: The Hidden Villains Inside Infostealer Logs Black Hat · 2d ago I Made an AI Agent That Reverses CVEs While I Sleep NahamSec · 2d ago ICE’s Internal Watchdog Is Now Investigating Online Critics Security Latest · 2d ago Playing Around With ADIDNS RPC Internals Technical Information Security Content & Discussion · 2d ago When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website Securelist · 2d ago Finding vulnerabilities was never the hard part CyberScoop · 2d ago Windows Service - Playbook & Detection Strategies Technical Information Security Content & Discussion · 2d ago THE MOD WORKS! lets improve it John Hammond · 2d ago Why Apple Hide My Email FAILS David Bombal · 3d ago Black Hat Europe 2025 | Taking Control Over Legacy And ERTMS/ETCS Railroad Signaling Systems Black Hat · 3d ago New to Linux? This is the best place to start! David Bombal · 3d ago the vibe continues John Hammond · 3d ago Black Hat Europe 2025 | Slashing QUIC's Performance With A Hash DoS Black Hat · 4d ago HackTheBox - DevArea IppSec · 4d ago Security Roundup: Apple’s Hide My Email Service Fails to Hide Your Email Security Latest · 4d ago CVE-2026-53223 net: guard timestamp cmsgs to real error queue skbs MSRC Security Update Guide · 4d ago let's vibe John Hammond · 4d ago WARNING: AI tracks your face David Bombal · 4d ago How to scale your patches without scaling your team (the patch wave) Heimdal Security Blog · 5d ago Black Hat Europe 2025 | Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents Black Hat · 5d ago Chromium: CVE-2026-13874 Inappropriate implementation in DataTransfer MSRC Security Update Guide · 5d ago Chromium: CVE-2026-13953 Inappropriate implementation in SplitView MSRC Security Update Guide · 5d ago Chromium: CVE-2026-14142 Inappropriate implementation in Extensions MSRC Security Update Guide · 5d ago Cyber readiness for SMBs: Getting the basics right WeLiveSecurity · 5d ago AI didn’t break patching. It showed us patching was already broken. Heimdal Security Blog · 5d ago Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign Securelist · 5d ago EU Politicians Investigated Pegasus Spyware. Then It Ended Up on One of Their Phones Security Latest · 5d ago Someone infected a spyware probe overseer with spyware CyberScoop · 5d ago Black Hat Europe 2025 | Abstractions For Program Analysis Black Hat · 5d ago Fable 5 is back.....run these prompts before July 7 NetworkChuck · 5d ago Newly discovered PamStealer isn't your typical macOS malware Security - Ars Technica · 5d ago FBI Seizes NetNut Proxy Platform, Popa Botnet Krebs on Security · 5d ago It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza) - watchTowr Labs Technical Information Security Content & Discussion · 6d ago FIFA was saved this time Technical Information Security Content & Discussion · 6d ago Improving security posture across the Microsoft partner ecosystem Microsoft Security Blog · 6d ago Alleged longstanding member of Scattered Spider extradited to US CyberScoop · 6d ago Celebrating 1 Million Subscribers on July 8th! The Cyber Mentor · 6d ago Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects Securelist · 6d ago /r/netsec's Q3 2026 Information Security Hiring Thread Technical Information Security Content & Discussion · 6d ago News alert: Link11 launches faster DDoS mitigation to counter AI-driven, adaptive network attacks The Last Watchdog · 6d ago Researchers spot exploitation of another critical Oracle defect CyberScoop · 6d ago NASA inspector general suggests Boeing's Starliner will now be a decade late Security - Ars Technica · 7d ago ClamAV Vulnerabilities Affecting Cisco Products: July 2026 Cisco Security Advisory · 7d ago Cisco Catalyst Center Arbitrary File Read Vulnerability Cisco Security Advisory · 7d ago Microsoft named a leader in the Frost Radar for cloud and application runtime security Microsoft Security Blog · 7d ago New Cargo Theft Surge: From Lobster Heists To Bourbon Warehouse Scams Proofpoint News Feed · 7d ago Privilege escalation to root in Lima QEMU guests via a world-writable agent socket (CVE-2026-53657) Technical Information Security Content & Discussion · 7d ago Beyond Usernames John Hammond · 7d ago US lifting export control restrictions on Anthropic’s Mythos, Fable CyberScoop · 7d ago r/netsec monthly discussion & tool thread Technical Information Security Content & Discussion · 7d ago The Chaya_006 Alert: OT Edge Devices Under Fire Cyber Defense Magazine · 7d ago The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign Securelist · 7d ago Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival Security Latest · 7d ago This phishing kit looks more like BEC-as-a-service CyberScoop · 7d ago Heimdal Launches MSP Onboarding Wizard to Help Partners Onboard Microsoft CSP Customers in 2 Minutes Heimdal Security Blog · 7d ago OpenClaw: risks for the users and how to mitigate them Securelist · 7d ago Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool Recorded Future · 7d ago Citrix patches a new NetScaler flaw with echoes of CitrixBleed CyberScoop · 7d ago Trump budget boss Russell Vought open to re-staffing CISA CyberScoop · 7d ago New attack provides one more reason why AI browsers are a bad idea Security - Ars Technica · 7d ago Is DEFCON for you? David Bombal · 7d ago CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) - watchTowr Labs Technical Information Security Content & Discussion · 7d ago Accelerating the quantum-safe timeline Microsoft Security Blog · 7d ago News alert: Reflectiz partners with Taboola to host webinar on AI-driven marketing security risks The Last Watchdog · 7d ago News alert: OpenMatter launches platform to verify AI activity across enterprise systems The Last Watchdog · 7d ago Beyond CTF Labs John Hammond · 8d ago What’s new in Microsoft Security: June 2026 Microsoft Security Blog · 8d ago Securing AI agents: When AI tools move from reading to acting Microsoft Security Blog · 8d ago Defending the Authentication Flow: Device Code Phishing with Selena Larson Proofpoint News Feed · 8d ago Nissan Americas Hit in Global Oracle PeopleSoft Data Breach Cyber Defense Magazine · 8d ago DHS to unveil replacement council for critical infrastructure cybersecurity CyberScoop · 8d ago This month in security with Tony Anscombe – June 2026 edition WeLiveSecurity · 8d ago Auditing OpenReception: 16 CVEs in an end-to-end encrypted appointment booking platform (unauthenticated admin creation, account takeover, E2E bypass) Technical Information Security Content & Discussion · 8d ago ToddyCat: your hidden email assistant. Part 2 Securelist · 8d ago How ransomware syndicates weaponize corporate-style organization CyberScoop · 8d ago US offers $10 million for info on group behind Signal and WhatsApp hacking spree Security - Ars Technica · 8d ago Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs Security Latest · 8d ago Warner bill would create federally vetted list for secure, trustworthy AI agents CyberScoop · 8d ago Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs Technical Information Security Content & Discussion · 8d ago Supreme Court approves mail-in ballots that arrive after Election Day CyberScoop · 8d ago Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling CyberScoop · 8d ago Chromium extension uses AI‑related branding to redirect browser search Microsoft Security Blog · 9d ago ConsentFix Exposed John Hammond · 9d ago CISA Warns Attackers Are Targeting Critical Internal Business Platforms Cyber Defense Magazine · 9d ago The Gentlemen are knocking: сustom backdoors and evolving tactics Securelist · 9d ago Top Google Security Staff Warn Search Data Could Be Hacked if EU Rules Change Security Latest · 9d ago What the post-quantum executive order really demands of CISOs CyberScoop · 9d ago Inside the inbox: Why cybercriminals want to break into your email account WeLiveSecurity · 9d ago New at Forter: AI Agents Built to Amplify Your Team 1 Blog – Forter · 9d ago TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry Trend Micro Research, News, Perspectives · 9d ago Black Hat Europe 2025 | How We Turned AI's 'Web Browsing' Into A Gateway For Targeting 1B+ Users Black Hat · 9d ago Return On Risk: The New Measure Of Cyber Resilience Cyber Defense Magazine · 10d ago 2026 home lab setup to test malicious links safely for FREE (step by step) David Bombal · 10d ago Path to StateRAMP Cyber Defense Magazine · 10d ago Black Hat Europe 2025 | The Forensic Trail On GitHub: Hunting For Supply Chain Activity Black Hat · 10d ago I tried a Local AI model (Qwen 3.6 27b) for security research and it works surprisingly well. Technical Information Security Content & Discussion · 10d ago Dissecting Apple's Sparse Image Format (ASIF) Technical Information Security Content & Discussion · 10d ago Black Hat Europe | LINE-Break: Cryptanalysis And Reverse Engineering Of Letter Sealing Black Hat · 10d ago A peek into Reddit's anti-spam internals Technical Information Security Content & Discussion · 11d ago Black Hat Europe 2025 | Hacking Smart Cities One Building At A Time - A City Of A Thousand Zero Days Black Hat · 11d ago Rethinking Identity Security In The Age Of AI Driven Fraud Cyber Defense Magazine · 11d ago HackTheBox - WingData IppSec · 11d ago New Age Insider Risk Cyber Defense Magazine · 11d ago Security News This Week: LastPass Users Had Their Data Stolen—Again Security Latest · 11d ago Black Hat Europe 2025 | Silence On macOS: What 70K Binaries Reveal About The macOS Malware Ecosystem Black Hat · 11d ago ATF cancels controversial commercial geolocation contract CyberScoop · 11d ago The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials Security Latest · 12d ago Facebook Phishing Fails John Hammond · 12d ago Real Folks of Cyber | Pearce Barry | Day in the Life The Cyber Mentor · 12d ago How Dynamic Defense shuts an attacker out without shutting down the business Heimdal Security Blog · 12d ago Openclaw And The Agentic AI Inflection Point: From “Cool Demo” To Governed Infrastructure Cyber Defense Magazine · 12d ago Black Hat Intercepted Video Series | Lexie Thach Black Hat · 12d ago Which is Ethernet? What's the difference? David Bombal · 12d ago Reasonable Reliance: The Test Duty-Holders Are Quietly Being Held To Cyber Defense Magazine · 12d ago Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk Securelist · 12d ago Name That Toon Contest darkreading · 12d ago Static security has run out of road. The case for Dynamic Defense Heimdal Security Blog · 12d ago SMB cyber readiness: the road to resilience starts here WeLiveSecurity · 12d ago Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access Microsoft Security Blog · 12d ago Getting Started with the TCM Security Academy The Cyber Mentor · 12d ago FCC passes new cybersecurity rules for emergency systems, undersea cables CyberScoop · 12d ago Federal court rules Trump election-focused executive order illegal CyberScoop · 13d ago Disable SmartScreen Fast John Hammond · 13d ago Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms Microsoft Security Blog · 13d ago CVE-2025-52465 geoserver arbitrary file write vulnerability Technical Information Security Content & Discussion · 13d ago Black Hat Intercepted | Lexie Thach, Ex Machina Parlor + Naval Information Warfare Center Pacific Black Hat · 13d ago The Moment Of Reliance: The Question Safety Governance Cannot Currently Answer Cyber Defense Magazine · 13d ago Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract CyberScoop · 13d ago Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack CyberScoop · 13d ago The New Face Of Fraud: Why AI Is Making Older Adults The Primary Target Cyber Defense Magazine · 13d ago Copilot in Excel: Built for the era of Frontier Finance Microsoft 365 Blog · 13d ago NSA Urges Cyberthreat Timeline Has Compressed From Years to Months Cyber Defense Magazine · 13d ago CargoWise WebTracker - The keys were in the cargo Technical Information Security Content & Discussion · 13d ago Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools Securelist · 13d ago British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted Security Latest · 13d ago Europe Evolves Into Ransomware's Favorite Region darkreading · 13d ago Why patch directives only go so far CyberScoop · 13d ago Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances WeLiveSecurity · 13d ago Where Expertise Meets Algorithm: The Insikt Group® Intelligence Edge Recorded Future · 13d ago Evaluating Mexico’s New Cybersecurity Plan Recorded Future · 13d ago Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure darkreading · 13d ago One-two punch delivered in global operation disrupts cybercrime "assembly line" Security - Ars Technica · 13d ago 2026 FIFA World Cup Faces Surge in Cyber Threats darkreading · 13d ago Europe’s 800 Exaflop SUPERCOMPUTERS David Bombal · 13d ago Do CISOs Need a Code of Ethics? darkreading · 13d ago Malicious hackers exploit Cisco zero-day for highest access level at communications service provider CyberScoop · 13d ago CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms Microsoft Security Blog · 13d ago More Malicious OpenClaw Skills Threaten AI Supply Chain darkreading · 14d ago Exploiting vulnerabilities in Johnson & Johnson web apps Technical Information Security Content & Discussion · 14d ago Cisco Advance Notification for Publication of July 1, 2026, Security Advisories Cisco Security Advisory · 14d ago Governance Is Failing: Why Converged Digital Risk Is Outpacing Every Control We Have Cyber Defense Magazine · 14d ago Github got Hacked by CATS John Hammond · 14d ago Invisible By Design: Making Quantum-Safe Encryption The Easy Path Cyber Defense Magazine · 14d ago ESET takes part in Operation Endgame to disrupt Amadey and Stealc WeLiveSecurity · 14d ago In a first, a court takedown goes after two cybercrime tools at once CyberScoop · 14d ago Magecart Evolves and Attackers Weaponize Ethereum Blockchain for Digital Skimming Cyber Defense Magazine · 14d ago Apple's MacOS Gap Lets Users Disable Security Tools darkreading · 14d ago Breaking the MSP Echo Chamber: The Power of Community Heimdal Security Blog · 14d ago Open-source security is posing challenges governments can’t easily solve CyberScoop · 14d ago New at Forter: AI Agents Built to Amplify Your Team Blog – Forter · 14d ago FortiBleed Campaign Exposing Credentials for 73,932 FortiGate Systems Recorded Future · 14d ago White House drastically shortens deadline for dropping quantum-vulnerable crypto Security - Ars Technica · 14d ago Scope of Salesforce Attacks Expands as Icarus Leaks Data darkreading · 14d ago Innovator Spotlight: NAKIVO Cyber Defense Magazine · 14d ago Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed Security Latest · 14d ago 'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows darkreading · 14d ago Justice Department seizes infrastructure used by cyber scam and criminal marketplace CyberScoop · 14d ago This Dark Web Linux Backdoor Erases Its Own Footprints John Hammond · 14d ago Cybersecurity Outsourcing. Beyond Cost Cyber Defense Magazine · 15d ago Scattered Spider Hackers Plead Guilty on Day 1 of Trial Krebs on Security · 15d ago Algerian man charged with running two cybercrime marketplaces CyberScoop · 15d ago SocGholish Takedown Highlights Malicious TDS Threats darkreading · 15d ago Can AI Agents Find, Trust, and Choose Your Brand? Blog – Forter · 15d ago Inside The Rising Cyber Risk To Insurers: Why Insurance Companies Are Now Prime Targets Cyber Defense Magazine · 15d ago FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist darkreading · 15d ago Supply Chain Compromise: Nintendo Vendor Breach Exposes Internal Data Cyber Defense Magazine · 15d ago Cloudflare patches Copy-Fail across every server in two days Technical Information Security Content & Discussion · 15d ago New Cisco RCE was fixed Technical Information Security Content & Discussion · 15d ago The Purchase Scam Tactic Headed for the World Cup | Recorded Future Recorded Future · 15d ago From Langflow to Monero: Inside CVE-2026-33017 Cryptominer Trend Micro Research, News, Perspectives · 15d ago Court rules SAVE database illegal, orders it dismantled CyberScoop · 15d ago DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories darkreading · 15d ago Data Breach with Eastman Kodak Company Cyber Defense Magazine · 15d ago They Created a Supercomputer in a Rack? David Bombal · 15d ago Trump executive orders speed up post-quantum migration, boost industry CyberScoop · 15d ago Following user outcry, AMD reinstates memory encryption in consumer CPUs Security - Ars Technica · 15d ago CVE-2026-25860 turn XSS to RCE Technical Information Security Content & Discussion · 15d ago OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos Security Latest · 16d ago Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign darkreading · 16d ago Intel agencies: Frontier AI models will reshape cybersecurity faster than expected CyberScoop · 16d ago Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities Cisco Security Advisory · 16d ago How attackers built a RAT on a Windows machine using its own .NET compiler Heimdal Security Blog · 16d ago He Thought He Was Secure; His Phone Number Was Stolen Anyway darkreading · 16d ago Miasma Worm Source Code Leaked + What NPM v12 Means for Developers | Threat Wire Hak5 · 16d ago The World Cup Is Here… And So Are The Cyber Risks Cyber Defense Magazine · 16d ago Cloud Managed Services For Modern Cybersecurity To Secure Cloud Cyber Defense Magazine · 16d ago This Hacker Got Paid $50,000+ to Break Frontier AI Models NahamSec · 16d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 16d ago Proofpoint Joins the OpenAI Daybreak Cyber Partner Program to Advance Responsible AI-Powered Cyber Defense Proofpoint News Feed · 16d ago World Cup Scams Are Getting Harder to Spot Security Latest · 16d ago OpenAI Lets Cyber Vendors Embed GPT-5.5 in Defenses Proofpoint News Feed · 16d ago Attacker enables RDP, creates admin, erases evidence in ten seconds Heimdal Security Blog · 16d ago Exploiting Auth0 Defaults in XSS Attacks - elttam Technical Information Security Content & Discussion · 16d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 16d ago Scanning malicious websites with 'infinite' number of VPN tunnels (Part 1) Technical Information Security Content & Discussion · 17d ago Build a Complete Free CCNA Home Lab in 2026 With No Gear David Bombal · 17d ago Exploring The 2025 Cyber Threat Landscape: Analysis From The IT And Food And Agriculture Sectors Cyber Defense Magazine · 17d ago A Critical Deadline Is Approaching for Windows and Linux Security Security Latest · 17d ago Broken access control demo David Bombal · 17d ago HackTheBox - Nanocorp IppSec · 18d ago The Shadow AI Paradox: Governing Innovation At Machine Speed Cyber Defense Magazine · 18d ago Hackers Claim to Leak Stolen Madison Square Garden Data Security Latest · 18d ago ContinuumCon 2026 Redux! John Hammond · 18d ago Innovator Spotlight: Ensemble Cyber Defense Magazine · 18d ago Innovator Spotlight: Centrii Cyber Defense Magazine · 18d ago shadow AI is terrifying NetworkChuck · 18d ago Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530 Technical Information Security Content & Discussion · 18d ago NSPM-12: The New Baseline for National Security Cybersecurity Cyber Defense Magazine · 19d ago Soft Skills for the Job Market: Resume Writing The Cyber Mentor · 19d ago Will this replace PoE (Power over Ethernet)? David Bombal · 19d ago OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099) Technical Information Security Content & Discussion · 19d ago Stressors, AI Forcing Changes to Cybersecurity Teams darkreading · 19d ago Squidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration Technical Information Security Content & Discussion · 19d ago Microsoft discovers new lightweight backdoor that steals cryptocurrency Security - Ars Technica · 19d ago Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026 NetworkChuck · 19d ago How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members Security Latest · 19d ago Authorities disrupt Evil Corp’s SocGholish botnet CyberScoop · 19d ago Congress tees up No FAKES Act, aiming at AI-generated deepfakes CyberScoop · 19d ago Novo Nordisk Breach Highlights Software Development Pipeline Risk darkreading · 19d ago Never look into a fiber cable! David Bombal · 19d ago Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds Security - Ars Technica · 19d ago HTTPS Doesn't Hide This From Your ISP!! NetworkChuck · 19d ago Operation Escaneo Signals Shift in LatAm Threat Landscape darkreading · 19d ago FIFA Bug Exposes World Cup Streams to Remote Takeover darkreading · 19d ago CVE-2026-5667: Unauthenticated Remote Control of Mitsubishi MAC-577IF-2E WiFi Adapters via Probe Request Reconnaissance Technical Information Security Content & Discussion · 19d ago ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm Krebs on Security · 19d ago Salesforce Data Thefts Continue via Klue App Compromise darkreading · 20d ago Cisco Just Showed the Future of Networking NetworkChuck · 20d ago How software development’s speed obsession enabled TeamPCP’s chaos crusade CyberScoop · 20d ago Accenture shells out $4.18B on three companies in big industrial cybersecurity push CyberScoop · 20d ago Five Compliance Realities Federal Contractors Can’t Ignore Cyber Defense Magazine · 20d ago Get Out of Security Debt by Tackling the Exposure Problem darkreading · 20d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 20d ago CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure Alerts · 20d ago Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT All CISA Advisories · 20d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 20d ago Schneider Electric EasyLogic T150 and Saitel DP All CISA Advisories · 20d ago AVer PTC cameras All CISA Advisories · 20d ago Rockwell Automation FactoryTalk Historian Site Edition All CISA Advisories · 20d ago AzeoTech DAQFactory All CISA Advisories · 20d ago Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products All CISA Advisories · 20d ago Mitsubishi Electric MELSEC iQ-F Series All CISA Advisories · 20d ago Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module All CISA Advisories · 20d ago CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure All CISA Advisories · 20d ago Would you like some malware served at the very top of DuckDuckGo? Technical Information Security Content & Discussion · 20d ago How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras Security Latest · 20d ago Killing me gently: Inside Gentlemen’s EDR killer framework WeLiveSecurity · 20d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 20d ago EU Gets a Head Start in Developing 6G Network Security darkreading · 20d ago The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed Security Latest · 20d ago PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM Trend Micro Research, News, Perspectives · 20d ago Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update Technical Information Security Content & Discussion · 20d ago What is Clam AV (free & open source )? David Bombal · 20d ago Massive breach spills credentials for thousands of sensitive networks Security - Ars Technica · 20d ago This hacker made $500,000+ hacking google in just a few months. #hacking #bugbounty #cybersecurity NahamSec · 20d ago News alert: SpyCloud report finds phishing surge exposing employee data at Fortune 100 companies The Last Watchdog · 20d ago "Dangerous" AI models are coming no matter what Security - Ars Technica · 20d ago News alert: Heimdal study finds executives are more confident than frontline IT teams on AI risk The Last Watchdog · 20d ago Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities Cisco Security Advisory · 21d ago Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability Cisco Security Advisory · 21d ago Cisco Webex App Open Redirect Vulnerability Cisco Security Advisory · 21d ago Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability Cisco Security Advisory · 21d ago Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April CyberScoop · 21d ago Cyber Security Market Insights & Trends Driving The Next Wave Of Protection Cyber Defense Magazine · 21d ago Windows and Linux users: The deadline to update Secure Boot keys is near Security - Ars Technica · 21d ago QoS Policies to Restrict EDR Traffic and Detection Strategies Technical Information Security Content & Discussion · 21d ago Protecting legacy OT systems against modern cyberthreats WeLiveSecurity · 21d ago Getting a CVE Without Shipping Slop Technical Information Security Content & Discussion · 21d ago PrizeBuzz phishing network analysis Technical Information Security Content & Discussion · 21d ago State Digital Surveillance Risk Landscape Recorded Future · 21d ago Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign Trend Micro Research, News, Perspectives · 21d ago Shark Jacked my LAN 🦈 Hak5 · 21d ago Lawmakers leery about Trump administration’s Anthropic order CyberScoop · 21d ago News alert: Aembit secures Copilot Studio agents with identity-based access controls and audit trails The Last Watchdog · 21d ago AI’s constant patching treadmill can be a security problem CyberScoop · 21d ago 27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth Bypass Technical Information Security Content & Discussion · 21d ago Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society Security Latest · 21d ago AI is Not Solving Cybersecurity Burnout Yet, New ISSA and Omdia Research Warns Cyber Defense Magazine · 21d ago Learn Linux in 180s - history command David Bombal · 21d ago News alert: GitGuardian adds endpoint protection as developer laptops become credential troves The Last Watchdog · 21d ago Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability Cisco Security Advisory · 21d ago TCM Security Summer Sale is Here! The Cyber Mentor · 22d ago A case for how to shape ‘ingredient lists’ for AI models CyberScoop · 22d ago Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026 NetworkChuck · 22d ago Copilot Cowork is now generally available Microsoft 365 Blog · 22d ago Crypto’s Biggest Unresolved Risk Is Not Theft Of Assets, It’s The Collapse Of Identity Certainty In Financial Transactions Cyber Defense Magazine · 22d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 22d ago Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP All CISA Advisories · 22d ago Rockwell Automation RSLinx All CISA Advisories · 22d ago Rockwell Automation FLEX I/O EtherNet/IP Adapters All CISA Advisories · 22d ago Rockwell Automation FactoryTalk Analytics PavilionX All CISA Advisories · 22d ago Rockwell Automation CompactLogix All CISA Advisories · 22d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 22d ago Critical Copilot vulnerability allowed hackers to steal 2FA code from users Security - Ars Technica · 22d ago News alert: Varist announces AI-scale malware detection for healthcare and medical imaging The Last Watchdog · 22d ago FishMonger’s arsenal upgraded: SprySOCKS for Windows WeLiveSecurity · 22d ago The State of AI Risk Management in 2026 Heimdal Security Blog · 22d ago The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine Recorded Future · 22d ago Empty-ciphertext panic in aws-encryption-provider (CVD with AWS) Technical Information Security Content & Discussion · 22d ago Google exposes China espionage group that’s been lurking in networks undetected since 2023 CyberScoop · 22d ago Users cry foul after AMD stripped memory crypto from its consumer CPUs Security - Ars Technica · 22d ago Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE Technical Information Security Content & Discussion · 22d ago I was wrong about VPNs NetworkChuck · 23d ago Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat CyberScoop · 23d ago Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability Cisco Security Advisory · 23d ago SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon Technical Information Security Content & Discussion · 23d ago Could GPU-Accelerated EDR Improve The Future Of Endpoint Detection? Cyber Defense Magazine · 23d ago Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It Heimdal Security Blog · 23d ago How I Made $30,000 Hacking Broken Access Control NahamSec · 23d ago $30K from one bug class: broken access control. Here's how 3 "lows" chain into account takeover NahamSec · 23d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 23d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 23d ago EvilTokens: A phishing attack that doesn’t steal your password WeLiveSecurity · 23d ago ContinuumCon 2026 - Day 3 John Hammond · 23d ago CMMC Is Exposing A Major Gap In The Defense Supply Chain Cyber Defense Magazine · 24d ago Researcher accidentally gained access to a threat actor-controlled phishing website Technical Information Security Content & Discussion · 24d ago PromptSnatcher: AdBlocker stealing Ai Chats - 90k installs Technical Information Security Content & Discussion · 24d ago MeshCentral: From XSS to RCE Technical Information Security Content & Discussion · 24d ago Anthropic disables new models after government calls them a national security concern CyberScoop · 24d ago HackTheBox - VariaType IppSec · 25d ago Zero Trust For AI In Defense Networks Cyber Defense Magazine · 25d ago Getting the PID from random numbers in PHP Technical Information Security Content & Discussion · 25d ago The Axios npm compromise was visible in registry metadata before anyone ran npm install Technical Information Security Content & Discussion · 25d ago FBI takes down massive China-based cybercrime network that caused $1.9B in losses CyberScoop · 25d ago Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) - watchTowr Labs Technical Information Security Content & Discussion · 25d ago ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed darkreading · 25d ago PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data Security - Ars Technica · 25d ago US, France, and Italian authorities shut down massive deepfake porn site CyberScoop · 25d ago Conti ransomware group member pleads guilty, faces up to 20 years in prison CyberScoop · 25d ago ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw CyberScoop · 26d ago Free Compromise Detection for GitHub Repos - Tracebit Community Edition Technical Information Security Content & Discussion · 26d ago Your Next Insider Threat May Be an AI Coworker Heimdal Security Blog · 26d ago Major AI Clients Shipping With Broken OAuth Implementations (JUNE 2026 UPDATE) Technical Information Security Content & Discussion · 26d ago Old Passwords Die Hard: Abusing CREDHIST for offline credential recovery Technical Information Security Content & Discussion · 26d ago Claude Fable 5 Doesn't Change the Mythos Security Story darkreading · 26d ago Why Most Cyber Resilience Programs Fail Before The First Incident Cyber Defense Magazine · 26d ago The OSI Model and Its Two Missing Layers Heimdal Security Blog · 26d ago Developers React to the 105-Second Github Chain Reaction | Threat Wire Hak5 · 26d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 26d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 26d ago CyberCorps is adapting to AI. The budget isn’t keeping up. CyberScoop · 26d ago Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751) - watchTowr Labs Technical Information Security Content & Discussion · 26d ago Phishing Attack Volume Down 20%, But Risk Still Rising darkreading · 26d ago Governing Claude Enterprise in Environments Where Inline Controls Can't Go Trend Micro Research, News, Perspectives · 26d ago Detecting AI-specific threats in Claude Enterprise from the Compliance API: a prefilter + LLM-as-judge pipeline with Sigma rules Technical Information Security Content & Discussion · 26d ago Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure darkreading · 26d ago Any solutions we can use? cybersecurity · 26d ago Russian national charged in connection with Void Blizzard espionage campaign CyberScoop · 26d ago DIY pwnagotchi-like device on esp32 hacking: security in practice · 27d ago Reverse engineered BLE protocol of a $7 generic Chinese smart ring from Temu, and built an iOS app around it Reverse Engineering · 27d ago Possible targeted attack cybersecurity · 27d ago RoguePlanet: Windows Zero-Day That Weaponizes Defender's Own Quarantine Pipeline cybersecurity · 27d ago [Reverse-Engineering] Skeet CS:GO source code (Gamesense) Reverse Engineering · 27d ago [Reverse-Engineering] Skeet CS:GO source code (Gamesense) Reverse Engineering · 27d ago Facebook messenger to text cybersecurity · 27d ago Claude Fable 5: mid-tier results on coding tasks Technical Information Security Content & Discussion · 27d ago US charges suspected Russian hacker with facilitating cyber campaign For [Blue|Purple] Teams in Cyber Defence · 27d ago Flipper Blackhat + Bjorn hacking: security in practice · 27d ago Segmentation Works for OT If Operators Are Paying Attention darkreading · 27d ago Managing Solution Agents cybersecurity · 27d ago Nottingham University data breach affects over 450,000 students cybersecurity · 27d ago SWGs that support 3rd party external DNS resolver cybersecurity · 27d ago Sub:jugation - Hijacking Cloud Identities by Recycling Namespaces in Global OIDC Issuers cybersecurity · 27d ago Giulio Zausa's MMO-CHIP Makes Reverse Engineering Old Silicon Chips a Multiplayer Game Reverse Engineering · 27d ago Chrome extensions with 10M+ installations are actively vulnerable to UXSS & UXSG cybersecurity · 27d ago Hawkish GOP lawmaker Don Bacon says he was hacked by Russia For [Blue|Purple] Teams in Cyber Defence · 27d ago Cybersecurity researchers aren't happy about the guardrails on Anthropic's Fable | TechCrunch cybersecurity · 27d ago Do you think AI is making hacking easier or harder hacking: security in practice · 27d ago Breaking Free Of The Cyber Insurance Market’s Moment Of Frustration Cyber Defense Magazine · 27d ago Phishing awareness training resulting in ignoring company comms? cybersecurity · 27d ago How are you analyzing Android malware nowadays? cybersecurity · 27d ago Fable 5 and the analyst-AI threat model: what a Mythos-class model changes for security work Technical Information Security Content & Discussion · 27d ago Hackers Exploit Langflow Vulnerability for Remote Code Execution cybersecurity · 27d ago Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research cybersecurity · 27d ago NEED SOME GUIDANCE cybersecurity · 27d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 27d ago Yarbo Android/iOS Mobile Application and Cloud Infrastructure All CISA Advisories · 27d ago Naxclow IoT Platform All CISA Advisories · 27d ago Brickcom Cameras All CISA Advisories · 27d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 27d ago I built 99 adversarially malformed PE files to test tool robustness - here’s what happened Malware Analysis & Reports · 27d ago I built 99 adversarially malformed PE files to test tool robustness - here’s what happened Reverse Engineering · 27d ago What can i do left? PSN hacking: security in practice · 27d ago Help setting up local encryption on my pc cybersecurity · 27d ago Hacking Google with A.I. for $500,000 Technical Information Security Content & Discussion · 27d ago Agentic AI on Cybersecurity cybersecurity · 27d ago 🔴 [PAYLOAD] Shark Jack Display 🦈 Hak5 · 27d ago DoD 0-days Typically Come Down to Authorization Failures cybersecurity · 27d ago HDD cybersecurity · 27d ago Plzz Helpp - Say you're trying to build a toolkit that checks for LLM vulnerability do y'all know any trustable datasets cybersecurity · 27d ago OceanLotus: From external espionage to domestic targeting WeLiveSecurity · 27d ago OceanLotus: From external espionage to domestic targeting WeLiveSecurity · 27d ago Prompt injection: attacking the analyst's AI Technical Information Security Content & Discussion · 27d ago How can we test the firmware code/images security? cybersecurity · 27d ago 20 years of Fancy Bear (APT28): How Russian military hackers evolved their tradecraft since 2004 cybersecurity · 27d ago Proxmark5 campaign ending in less than 18 hours. hacking: security in practice · 27d ago Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025 For [Blue|Purple] Teams in Cyber Defence · 27d ago GreatXML: GreatXML bitlocker bypass vulnerability For [Blue|Purple] Teams in Cyber Defence · 27d ago GitHub announces npm security changes to tackle supply-chain attacks cybersecurity · 27d ago GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan For [Blue|Purple] Teams in Cyber Defence · 27d ago The ‘Miasma’ worm source code briefly leaked on GitHub cybersecurity · 27d ago CISA Rewrites Federal Patching Requirements for AI Threat Era cybersecurity · 27d ago What is the difference between Regular TLS and Mutual TLS? cybersecurity · 27d ago Every employee's password was stored in a single Excel file cybersecurity · 27d ago npm v12 is changing how dependencies are installed to reduce supply-chain risk cybersecurity · 27d ago How to bypass speed queen coin slot for washer and dryer hacking: security in practice · 27d ago LIVE: 🕵️ CTF Prize Draw | Cybersecurity The Cyber Mentor · 27d ago Why is Gartner Magic Quadrant treated like a procurement benchmark in South Asia? cybersecurity · 27d ago Drive Firmware Security - Phison S11 Reverse Engineering · 27d ago I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue For [Blue|Purple] Teams in Cyber Defence · 27d ago [Op Report] From SSA Phish to AdaptixC2: A Multi-RAT Intrusion For [Blue|Purple] Teams in Cyber Defence · 27d ago How good Microsoft Defender for storage? cybersecurity · 27d ago GhostTrace – CLI forensic scanner for Windows: 22 modules, MITRE ATT&CK mapped, read-only by default For [Blue|Purple] Teams in Cyber Defence · 27d ago GreatXML bitlocker bypass vulnerability cybersecurity · 27d ago Struggle cybersecurity · 27d ago Did the work, got the certs, now I'm drowning. Should I keep labbing or go all-in on applications? cybersecurity · 27d ago Chinese, N. Korean Threat Groups Build on Asia-Pacific Success darkreading · 27d ago Recorded Future Launches Impact and Metrics Dashboard Recorded Future · 27d ago Cyber-Enabled Maritime Sanctions Evasion Recorded Future · 27d ago Wiz launches Cloud Security Job Board cybersecurity · 27d ago Physical Project Ideas cybersecurity · 27d ago How can I get into cybersecurity while studying Information Systems Engineering? cybersecurity · 27d ago Miasma-style supply chain attacks For [Blue|Purple] Teams in Cyber Defence · 27d ago Cloud Security job board cybersecurity · 27d ago Continuous learning cybersecurity · 27d ago Self-hosting stuff for when things get ugly hacking: security in practice · 27d ago CISA Rewrites Federal Patching Requirements for AI Threat Era darkreading · 27d ago Angry bug hunter with Microsoft beef drops new Windows 0-day cybersecurity · 27d ago OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers CyberScoop · 27d ago Bug Bounty Research Triggers ServiceNow Security Alert darkreading · 27d ago Mid-30s, stuck in web pentesting, and wondering what to do ? cybersecurity · 27d ago AI Risk Worries Insurers & Businesses Alike darkreading · 27d ago Streamline your Nmap triage: Interactive, single-file HTML reports from raw XM cybersecurity · 27d ago Is Microsoft Purview really secure when using Copilot? cybersecurity · 27d ago Pre-auth XXE → HTTP SSRF on ArubaOS 8.13.2 closed as "theoretical / no valid PoC" despite TCP pcap, sshd localhost log, and internal port scan — documenting for community review Technical Information Security Content & Discussion · 27d ago News alert: Cloud security report finds fragmented tools widening the cloud complexity gap The Last Watchdog · 27d ago Malware Includes Taboo In Text To Prevent LLM Analysis hacking: security in practice · 27d ago On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet For [Blue|Purple] Teams in Cyber Defence · 27d ago Banking app intentionally block some operations when connected to wifi due to "security reason" is this good or stupid feature? cybersecurity · 27d ago added Mac support for my corporate hacking game, demo on Steam hacking: security in practice · 27d ago IDA 9.4 Beta | Hex-Rays Docs Reverse Engineering · 27d ago Nee academic references for Hashcat's 'Next Big Bang' log cybersecurity · 27d ago More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs For [Blue|Purple] Teams in Cyber Defence · 27d ago CISA released BOD 26-04: A new federal government vulnerability management strategy? cybersecurity · 27d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace For [Blue|Purple] Teams in Cyber Defence · 28d ago Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days cybersecurity · 28d ago IMPACT Roadshow Recap: Getting Ready for Agentic Commerce Blog – Forter · 28d ago added Mac support to my corporate hacking sim. Demo now available on Steam cybersecurity · 28d ago Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet darkreading · 28d ago CISA directive orders agencies to prioritize vulnerability patching in a new way CyberScoop · 28d ago We post-trained a model for offensive security instead of teaching it to refuse Technical Information Security Content & Discussion · 28d ago Catfished hacking: security in practice · 28d ago Suche aktuelle IONOS Phishing .eml für eine technische Blog-Analyse (Header & Artefakte) cybersecurity · 28d ago ClickFix attack in the wild — fake Cloudflare CAPTCHA delivering obfuscated PowerShell dropper Malware Analysis & Reports · 28d ago Students' data taken in major University of Nottingham cyber-attack cybersecurity · 28d ago Has unmanaged external file sharing ever burned you? cybersecurity · 28d ago Who Runs the Ransomware Group ‘The Gentlemen?’ Krebs on Security · 28d ago Anthropic released Claude Fable 5 yesterday. Public version of Mythos with cyber classifiers cybersecurity · 28d ago Trane Tracer HVAC cybersecurity issues Reverse Engineering · 28d ago Need feedback on my presentation cybersecurity · 28d ago Compensating controls besides admin credentials being needed to download software on employee endpoints cybersecurity · 28d ago OpenSSL PKCS#7 CVE-2026-45447 cybersecurity · 28d ago Testing offensive AI agents in a cloud lab with deception tech For [Blue|Purple] Teams in Cyber Defence · 28d ago What The Cybersecurity Industry Knows And Will Not Say Cyber Defense Magazine · 28d ago Presentation Question cybersecurity · 28d ago What did they mean by this? One of us? hacking: security in practice · 28d ago How to Stay Ahead of Deepfake Evolution in 2026 cybersecurity · 28d ago How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026 Technical Information Security Content & Discussion · 28d ago FedRAMP Penetration Testing: How to Pass Your ATO Review and Get Cloud Authorized Faster Technical Information Security Content & Discussion · 28d ago France’s Government Messaging App Tchap Got Breached cybersecurity · 28d ago WordPress malware in official WooCommerce theme (Kiosko): hidden admin users and corrupted sitemap Malware Analysis & Reports · 28d ago Unpacking SMB cyber-readiness – and what makes or breaks it WeLiveSecurity · 28d ago Unpacking SMB cyber-readiness – and what makes or breaks it WeLiveSecurity · 28d ago certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA" Technical Information Security Content & Discussion · 28d ago Where's the fix for MiniPlasma? cybersecurity · 28d ago BlackSun - Defender for Endpoint on macOS Technical Information Security Content & Discussion · 28d ago ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances cybersecurity · 28d ago Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges hacking: security in practice · 28d ago GhostTrace – a Windows forensic scanner that finds what "Uninstall" leaves behind (22 modules, read-only, offline) Technical Information Security Content & Discussion · 28d ago Internships cybersecurity · 28d ago Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS cybersecurity · 28d ago Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows cybersecurity · 28d ago Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam Technical Information Security Content & Discussion · 28d ago Looking for a Reliable Cybersecurity Provider for a School in North Sydney cybersecurity · 28d ago Early Operational Visibility cybersecurity · 28d ago Benchmarking n-day exploit generation [via AI] For [Blue|Purple] Teams in Cyber Defence · 28d ago how are you actually managing ai agents in production? cybersecurity · 28d ago 🚀 Release PyMemoryEditor v2.0 — read, write and scan the memory of any running process, in pure Python (Windows, Linux & macOS) Reverse Engineering · 28d ago Al app builders: How are you handling security questionnaires when selling your product? cybersecurity · 28d ago [ Removed by Reddit ] cybersecurity · 28d ago How are all of doing with THE AI model thats big news currently?? cybersecurity · 28d ago Whoops! I did it again. I patched Windows Kernel at Milan0day 2026 For [Blue|Purple] Teams in Cyber Defence · 28d ago Microsoft Defender now monitors RPC activity For [Blue|Purple] Teams in Cyber Defence · 28d ago Skill to Scan your Codebase cybersecurity · 28d ago RoguePlanet: RoguePlanet Windows Defender Vulnerability For [Blue|Purple] Teams in Cyber Defence · 28d ago Miasma-style supply chain attacks cybersecurity · 28d ago FCaptcha v1.12: Catching AI Agents That Drive Real Browsers cybersecurity · 28d ago Flooding invalid deauth frames still kicks PMF clients, tested on 3 Android phones cybersecurity · 28d ago More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs cybersecurity · 28d ago More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs Technical Information Security Content & Discussion · 28d ago AI Malware Worm Adapts to New Targets in Real Time, Cybersecurity Experts Say cybersecurity · 28d ago 2026 FIFA World Cup: What Public Safety Officials Need to Know Recorded Future · 28d ago China's Noncombatant Evacuation Operations: 2005–2025 Recorded Future · 28d ago GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026 Trend Micro Research, News, Perspectives · 28d ago Huntress Stack (MS Defender or SentinelOne) cybersecurity · 28d ago META DELETES FACE-RECOGNITION SYSTEM FROM ITS SMART GLASSES APP AFTER WIRED REPORT cybersecurity · 28d ago OptOutCode – A Privacy4Cars Universal Opt-Out Concept hacking: security in practice · 28d ago I triaged this pattern hundreds of times. Here's the KQL that actually works (with noise reduction built in) For [Blue|Purple] Teams in Cyber Defence · 28d ago A Record-Breaking Patch Tuesday for June 2026 Krebs on Security · 28d ago The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life darkreading · 28d ago FBI is announcing Operation Riptide cybersecurity · 28d ago Blame AI: Patch Tuesday Hits Record 206 CVEs darkreading · 28d ago ServiceNow confirmed some customer instances were breached. cybersecurity · 28d ago Which are some of the best Cybersecurity / OT Security events that happen in GCC? cybersecurity · 28d ago DF/IR Community cybersecurity · 28d ago Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed Security - Ars Technica · 28d ago Chaotic Eclipse's new RoguePlanet cybersecurity · 28d ago Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address darkreading · 28d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace cybersecurity · 28d ago Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace Malware Analysis & Reports · 28d ago Microsoft breaks Patch Tuesday record with 206 vulnerabilities CyberScoop · 28d ago Thoughts on Automated Compliance? cybersecurity · 28d ago Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories darkreading · 28d ago A fix for the Windows BitLocker bypass vulnerability dubbed "YellowKey" is available cybersecurity · 28d ago Apple’s Siri-AI, or more shouting into the void about “private” agents Technical Information Security Content & Discussion · 28d ago How do you make learning blue team security entertaining ? For [Blue|Purple] Teams in Cyber Defence · 28d ago North Korean Hackers—Posing As Fake IT Workers—Behind Nearly Half Of All Tech Firm Attacks, Report Says cybersecurity · 28d ago Microsoft has released a patch for the bitlocker bypass cybersecurity · 28d ago I reverse engineered Lofree Hypace mouse firmware flashing protocol to bypass their official web based configuration on MacOS. Reverse Engineering · 28d ago Please advices cybersecurity · 28d ago soc analyst l1 cybersecurity · 28d ago Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow cybersecurity · 28d ago Looking to move off KnowBe4, what are people actually using these days? cybersecurity · 28d ago Maximizing IOC Impact For [Blue|Purple] Teams in Cyber Defence · 28d ago Too Many Certs, Not Enough Experience — What’s the Best Next Step? cybersecurity · 29d ago Anthropic’s new model is Mythos on a leash CyberScoop · 29d ago Authenticating ARP and NDP cybersecurity · 29d ago Does anyone use rule feeds in 2026? cybersecurity · 29d ago [2606.07158] Synthetic APTs: the Collapse of TTP-Based Attribution For [Blue|Purple] Teams in Cyber Defence · 29d ago CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector CyberScoop · 29d ago Building a tactical Pelican case for my Flipper Zero + AIO setup. Looking for advanced tool and script recommendations! cybersecurity · 29d ago Need a vm for practice cybersecurity · 29d ago Tips/Tricks to WFH as a SOC Analyst? cybersecurity · 29d ago Cybersecurity statistics of the week (June 1st - June 7th) cybersecurity · 29d ago Hades Cluster PyPI Worm Abuses Python Startup Hooks For [Blue|Purple] Teams in Cyber Defence · 29d ago Where can GRC folks learn practical AppSec / DevSecOps without going full engineer? cybersecurity · 29d ago Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs darkreading · 29d ago I almost got “onboarded” into a malware campaign disguised as a job opportunity. cybersecurity · 29d ago Suspected North Korean actors use fake ‘coding assignments’ to steal crypto Proofpoint News Feed · 29d ago University of Toronto proof-of-concept AI worm spread to 62% of a test network in 7 days using a free open-weight model cybersecurity · 29d ago High-severity vulnerability in Linux caused by a single faulty character Security - Ars Technica · 29d ago AI Blocklist - help cybersecurity · 29d ago Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability Cisco Security Advisory · 29d ago Entra Agent ID from a Security Perspective For [Blue|Purple] Teams in Cyber Defence · 29d ago Cisco customers encounter another SD-WAN zero-day under attack CyberScoop · 29d ago Entra Agent ID from a Security Perspective Technical Information Security Content & Discussion · 29d ago Protecting AI workloads on Linux servers cybersecurity · 29d ago Exposing DoNex Ransomware Secrets with Malcore! cybersecurity · 29d ago What are the different Disaster Recovery scenarios your teams have tested on? cybersecurity · 29d ago someone actually leaked the Miasma supply chain attack toolkit source code on github cybersecurity · 29d ago X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection Technical Information Security Content & Discussion · 29d ago Rethinking Access Governance for AI Agents Cyber Defense Magazine · 29d ago Secrets to PNPT Debrief Success The Cyber Mentor · 29d ago Understanding modern Chinese cyber operations means shifting from ‘APT’ to composite responsibility For [Blue|Purple] Teams in Cyber Defence · 29d ago WinGet - Code Execution, Persistence and Detection Strategies cybersecurity · 29d ago WinGet - Code Execution, Persistence and Detection Strategies Technical Information Security Content & Discussion · 29d ago Ransomware attack shuts Illinois high school until Wednesday cybersecurity · 29d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog Alerts · 29d ago Siemens KACO Blueplanet Inverters All CISA Advisories · 29d ago Schneider Electric EcoStruxure Panel Server All CISA Advisories · 29d ago Schneider Electric Modicon Network Managed Switches All CISA Advisories · 29d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog All CISA Advisories · 29d ago Ideas for demo cybersecurity · 29d ago Microsoft account hacked through infostealer. Trying to log in using authenticator, but not successful. Help please? cybersecurity · 29d ago Harnessing Generative AI for Automated Reverse Engineering, Static and Dynamic Analysis, and Risk Scoring of Fraudulent Mobile Applications (APKs) and Malwares. cybersecurity · 29d ago I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue Technical Information Security Content & Discussion · 29d ago Physical attack device cybersecurity · 29d ago Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer cybersecurity · 29d ago Cybercriminals: the 'auditors' you never hired WeLiveSecurity · 29d ago Cybercriminals: the 'auditors' you never hired WeLiveSecurity · 29d ago IT GRC News? cybersecurity · 29d ago Meta Says Israeli Spyware Firm Targeted WhatsApp Users Again cybersecurity · 29d ago I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information Technical Information Security Content & Discussion · 29d ago What are the best risk-based vulnerability management tools for tracking active exploitation in 2026? For [Blue|Purple] Teams in Cyber Defence · 29d ago QuasarNix: Reverse Shell Detection with Machine Learning For [Blue|Purple] Teams in Cyber Defence · 29d ago Shifting L7 validation to the edge to stop DB resource exhaustion? cybersecurity · 29d ago Google Patches 5th Chrome Zero-Day Exploited in 2026 cybersecurity · 29d ago AI Agents May Always Fall for Prompt Injections Technical Information Security Content & Discussion · 29d ago Shifting Layer 7 Validation to the Edge: Mitigating Application-Layer Resource Exhaustion in Go For [Blue|Purple] Teams in Cyber Defence · 29d ago EC Council CEH exam advice cybersecurity · 29d ago Incident de sécurité sur Tchap : la DINUM sécurise la plateforme et informe les usagers après une intrusion maîtrisée - Security incident on Tchap: DINUM secures the platform and informs users after a controlled intrusion For [Blue|Purple] Teams in Cyber Defence · 29d ago Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257 For [Blue|Purple] Teams in Cyber Defence · 29d ago About NPower vs PerScholas cybersecurity · 29d ago Looking for a vulnerability to learn cybersecurity · 29d ago Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency For [Blue|Purple] Teams in Cyber Defence · 29d ago From Brute Force to Malware Execution: Investigating a Multi-Stage Cyberattack in Splunk cybersecurity · 29d ago UK Cybercrime Journal: British Universities Struck by ShinyHunters Before Exam Season For [Blue|Purple] Teams in Cyber Defence · 29d ago Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) For [Blue|Purple] Teams in Cyber Defence · 29d ago Visual Studio Code 1.123: Delayed extension auto-updates For [Blue|Purple] Teams in Cyber Defence · 29d ago Fighting Spyware: An Update From WhatsApp: Today, we’re asking the court to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users. For [Blue|Purple] Teams in Cyber Defence · 29d ago Old WinRAR Flaw Fuels Attacks on Ukraine: Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, For [Blue|Purple] Teams in Cyber Defence · 29d ago Bad USB through charger? cybersecurity · 29d ago Recommendations for Discord community for latest AI security products cybersecurity · 29d ago StumbleTV: Omegle/ChatRoulette but for accidentally exposed webcams hacking: security in practice · 29d ago Vulnerability Summary for the Week of June 1, 2026 cybersecurity · 29d ago Windows Defender Tamper Protection stuck off - no active GPOs, SFC corruption, looking for ideas cybersecurity · 29d ago Russia’s Defense-Based Economy Risks Forcing Putin to Fight Wars Recorded Future · 29d ago I feel like ive lost my passion to tinker after 6 years in the industry, anyone else? cybersecurity · 29d ago I wrote a free, no sign up, defender guide for suspicious USB devices and rogue hardware, with copy-paste detection examples cybersecurity · 29d ago really need help with project ideas for MSc cybersecurity · 29d ago Which Course for an almost-complete noob? (SANS.edu) cybersecurity · 29d ago SoFi confirms third-party data breach at Hong Kong subsidiary cybersecurity · 29d ago AI Slop Will Kill Cybersecurity Storytelling If We Let It darkreading · 29d ago For the 2nd time in weeks, Microsoft packages laced with credential stealer cybersecurity · 29d ago Iran Signed a Ceasefire — Its Hackers Didn't cybersecurity · 29d ago New Shai-Hulud attack trojanizes 19 science-focused PyPI packages cybersecurity · 29d ago DSPM étude marche cybersecurity · 29d ago CMMC Phase 2 November 2026: two readings of SR.1 — C3PAOs are applying the one that requires a verifiable chain, not just a file cybersecurity · 29d ago Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks darkreading · 29d ago AppSec / Pentesting job market in Canada for experienced overseas applicants? cybersecurity · 29d ago Stop Treating Low Severity CVEs as Noise. Start Treating Them as Ingredients. cybersecurity · 29d ago Check Point VPN Flaw Exploited Since Early May darkreading · 29d ago Automation Playbooks - which ones would you not want to live without? cybersecurity · 29d ago Is it necessary/important to Hash and salt API Keys for a strictly internal use tool? cybersecurity · 29d ago Need review on the OMS Cybersecurity program from Georgia Tech? cybersecurity · 29d ago If You Use Claude or Gemini, This Microsoft Breach Means Your Data Is at Risk cybersecurity · 29d ago 2026 Verizon DBIR: vulnerability exploitation overtakes stolen credentials as #1 breach entry point for the first time in 19 years cybersecurity · 29d ago Security Notice: Former Helm APT Mirror Domain `baltocdn.com` Statement For [Blue|Purple] Teams in Cyber Defence · 29d ago How do you close an alert cybersecurity · 29d ago Iran Signed a Ceasefire — Its Hackers Didn't darkreading · 29d ago What cybersecurity certifications are great value for money? cybersecurity · 29d ago Boxes for CPENT cybersecurity · 29d ago For the 2nd time in weeks, Microsoft packages laced with credential stealer Security - Ars Technica · 29d ago SIEM: is it "SIM" or "SEEM" cybersecurity · 29d ago I’m looking for recommendations for an online Master’s program that is recognized in the Middle East. (Better if certifications are included) cybersecurity · 29d ago Fake Interview deploys stealthy cross platform (macOS/Windows) through npm package install in take home assessment Malware Analysis & Reports · 29d ago How justdeleteme and justgetmydata work? cybersecurity · 29d ago Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint CyberScoop · 29d ago GitHub - Teycir/ApiHunter: Async API security scanner in Rust for CORS, CSP, GraphQL, JWT, OpenAPI, and active API posture checks. hacking: security in practice · 30d ago How CIAM Helps Boost Business Cyber Defense Magazine · 30d ago I need help - PCI DSS 4.0 requirement 11.6.1 cybersecurity · 30d ago How are you learning agent pen testing? cybersecurity · 30d ago HTTP/2 HPACK amplification: detection signatures + the nginx/Apache directives that actually stop it (lab- & vps verified) For [Blue|Purple] Teams in Cyber Defence · 30d ago Cyber security intern cybersecurity · 30d ago [Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme Reverse Engineering · 30d ago [Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme Reverse Engineering · 30d ago Introducing Shark Jack Display 🦈 Hak5 · 30d ago Meta to take legal action against Israeli spyware company NSO cybersecurity · 30d ago Inside SStar Agent, a cross-platform RAT with an unfinished macOS toolkit cybersecurity · 30d ago What's the best way to alert companies of a Glassworm copycat? cybersecurity · 30d ago How To Verify If A Site Is Legit? cybersecurity · 30d ago First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security Reverse Engineering · 30d ago What is Flaresolverr cybersecurity · 30d ago Research: defenders using generative AI to simulate malware variants before they exist in the wild cybersecurity · 30d ago How are regulated orgs actually letting engineers use Claude Code / Copilot? cybersecurity · 30d ago Cyber security expo Manchester cybersecurity · 30d ago Content creations was both a blessing and a curse. #bugbounty NahamSec · 30d ago Remote Hiring Opened the Talent Pool — and the Fraud Surface cybersecurity · 30d ago Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it Technical Information Security Content & Discussion · 30d ago World Cloud Security Day Cyber Defense Magazine · 30d ago This Hacker Made $7,000 Hacking AI With One Email NahamSec · 30d ago EMBA firmware analysis framework v2.0.2 available - Party the big 2k Reverse Engineering · 30d ago Hades Cluster PyPI Worm Abuses Python Startup Hooks cybersecurity · 30d ago What certs should I do during summer of 11th grade? cybersecurity · 30d ago CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) cybersecurity · 30d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 30d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 30d ago Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine cybersecurity · 30d ago Oxford University discloses data breach after careers platform hack cybersecurity · 30d ago Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification Heimdal Security Blog · 30d ago Vendor ISO 27001 Assessment - Questions Around Control 8.29 Security Testing cybersecurity · 30d ago Got this message from “SimBoss” cybersecurity · 30d ago PKCS12 Golang fork cybersecurity · 30d ago The AI security race needs accountability, not overregulation CyberScoop · 30d ago Malware Insights: Miasma Campaign cybersecurity · 30d ago 73 Microsoft GitHub repositories impacted by Miasma malware Malware Analysis & Reports · 30d ago 73 Microsoft GitHub repositories impacted by Miasma malware cybersecurity · 30d ago [Honeypot Research] Looking for volunteers to test telemetry/logs cybersecurity · 30d ago Heyy ik it sounds dumb but can we just get access to one's gaming acc?🙏 hacking: security in practice · 30d ago What is the condition of Bug Bounty program in the era of AI. cybersecurity · 30d ago Opening a cloned repo is no longer safe cybersecurity · 30d ago Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse cybersecurity · 30d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 30d ago CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers cybersecurity · 30d ago Google Colab CLI opens runtimes to Claude Code and Codex cybersecurity · 30d ago VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks cybersecurity · 30d ago The AI governance gap no one is talking about: deployment-stage accountability cybersecurity · 30d ago Security Review Request — TID Linux Kernel Module For [Blue|Purple] Teams in Cyber Defence · 30d ago Building a safe, effective sandbox to enable Codex on Windows For [Blue|Purple] Teams in Cyber Defence · 30d ago Query-Hub: CQL Hub is an open repository of detection and hunting queries for CrowdStrike NextGen SIEM and Falcon LogScale. For [Blue|Purple] Teams in Cyber Defence · 30d ago About PCIe DMA Cheats: Protocol, IOMMU, Hardware, and Detection For [Blue|Purple] Teams in Cyber Defence · 30d ago BusyWork: Replacing Sleep with Real Work to Break Behavioral Detection For [Blue|Purple] Teams in Cyber Defence · 30d ago Z-Jail: A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine (Truthimatics Public Version) for secure, auditable code execution. For [Blue|Purple] Teams in Cyber Defence · 30d ago Unauthorized Onlyfans Payment Malware Analysis & Reports · 30d ago Free Study Resources for Comptia Cysa+ cybersecurity · 30d ago What's up with powershellforhackers.com? hacking: security in practice · 30d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 30d ago May 2026 CVE Landscape Recorded Future · 30d ago Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open Trend Micro Research, News, Perspectives · 30d ago Hi there cybersecurity · 30d ago Final risk-based IT Audit interview round with Director and have no experience. Please help! cybersecurity · 30d ago Needed help cybersecurity · 30d ago HDD Firmware Hacking Part 1 Reverse Engineering · 30d ago [ Removed by Reddit ] cybersecurity · 30d ago UPnPHostFileRead: Arbitrary file read exploit for the Windows UPnP Device Host service. For [Blue|Purple] Teams in Cyber Defence · 30d ago Career advice cybersecurity · 30d ago Do people really click on links from unknown numbers? hacking: security in practice · 30d ago PhD in cyber Security cybersecurity · 30d ago Built a password guessing game. Almost everyone stuck in level 5. cybersecurity · 30d ago OSINT (SOCIAL MEDIA) cybersecurity · 30d ago Beginner KQL project cybersecurity · 30d ago Question about WORM and encryption cybersecurity · 30d ago Update:Certified cyber security cybersecurity · 30d ago Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction Reverse Engineering · 30d ago How to unlock whitelabeled uniview IPcam hacking: security in practice · 30d ago EDRChoker: A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server. For [Blue|Purple] Teams in Cyber Defence · 30d ago Has anyone have any idea what to expect from Information security engineer- Network interview at Glidewell Dental cybersecurity · 31d ago Can converted video files contain malware? hacking: security in practice · 31d ago Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction) cybersecurity · 31d ago Malware that survives reinstalling the BIOS and OS cybersecurity · 31d ago Am I overthinking the x86 compatibility issues? how much friction am I actually facing? cybersecurity · 31d ago Fedora Linux 43 exposes 20-year-old Microsoft Outlook security failure cybersecurity · 31d ago Managing Microsoft Identity Is More Complicated Than It Looks cybersecurity · 31d ago Zhiyun Weebil-S Camera Gimbal BLE Protocol Reverse Engineering · 31d ago My work email got subscribed to a bunch of israel newsletters cybersecurity · 31d ago Shadow AI cybersecurity · 31d ago Rate limiting is not enough. What else can I use? cybersecurity · 31d ago CMMC Is Here, But AI Changes The Compliance Conversation Cyber Defense Magazine · 31d ago How To Avoid Potential Malware From Transferring To New Laptop cybersecurity · 31d ago Sysmon RegistryEvent exclude not overriding include rule for Event ID 13 cybersecurity · 31d ago Sysmon RegistryEvent exclude not overriding include rule for Event ID 13 For [Blue|Purple] Teams in Cyber Defence · 31d ago Can't decide. cybersecurity · 31d ago looking for partners cybersecurity · 31d ago My edge is changing into bing when I search something cybersecurity · 31d ago Reverse Engineering the Garmin Running Dynamics BLE protocol Reverse Engineering · 31d ago Cybersecurity reality check cybersecurity · 31d ago [ Removed by Reddit ] cybersecurity · 31d ago EDRChoker: Choking The Telemetry Stream to Bypass Defenses Technical Information Security Content & Discussion · 31d ago Information Management cybersecurity · 31d ago Pwnd Blaster: Hacking your PC using your speaker without ever touching it For [Blue|Purple] Teams in Cyber Defence · 31d ago cygor: An modular asset discovery framework written in python to automate the repeating manual work For [Blue|Purple] Teams in Cyber Defence · 31d ago On May 31, 2026, Meta discovered that there was a vulnerability in an AI-assisted account recovery system for Instagram ("High Touch Support" or "HTS") that was exploited byun authorized third parties to perform password resets on Instagram user accounts. For [Blue|Purple] Teams in Cyber Defence · 31d ago Chinese-Cybercrime-Research: Resources to learn more about Chinese-language cybercrime actors. For [Blue|Purple] Teams in Cyber Defence · 31d ago Inside an Active STX RAT Supply Chain Campaign - A threat actor spent one month building a trojanized software supply chain aimed at a specific type of victim For [Blue|Purple] Teams in Cyber Defence · 31d ago Unmasking Quellostanco: How a Git Commit Exposed a Threat Actor Targeting Egyptian Infrastructure (co-authored) For [Blue|Purple] Teams in Cyber Defence · 31d ago The Privileged Roles Nobody Talks About For [Blue|Purple] Teams in Cyber Defence · 31d ago Auditing GitLab: The CI/CD Kill Chain - GoGatoZ — a purpose-built Go tool for GitLab CI/CD security auditing that can perform and automate the entire CI/CD kill chain... For [Blue|Purple] Teams in Cyber Defence · 31d ago Popping Root on UniFi OS Server: Unauthenticated RCE Chain Detection & Analysis For [Blue|Purple] Teams in Cyber Defence · 31d ago 21 Zero-Days in FFmpeg For [Blue|Purple] Teams in Cyber Defence · 31d ago IronWorm Malware cybersecurity · 31d ago Why do we use UNC for smbclient ? Why don't we use UNC for nc or ssh? cybersecurity · 31d ago Why do we use UCL for smbclient ? Why don't we use UCL for nc or ssh? cybersecurity · 31d ago Everyone's planning post-quantum migration for enterprises. Nobody's talking about your password manager cybersecurity · 31d ago depthfirst's AI agent found 21 FFmpeg zero-days (CVE-2026-39210–39218) for ~$1,000 — oldest bug from 2003. What does this do to the economics of vuln research? For [Blue|Purple] Teams in Cyber Defence · 31d ago PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware Technical Information Security Content & Discussion · 31d ago Is a separate “clean” S3 bucket actually a security boundary for uploaded files? cybersecurity · 31d ago CVE-2026-46640: Developing payloads for Twig sandbox bypass Technical Information Security Content & Discussion · 31d ago CVE-2026-46640: Developing payloads for Twig sandbox bypass cybersecurity · 31d ago CrowdStrike LogScale queries I use to detect LOLBin- built from 10 years of production SOC work For [Blue|Purple] Teams in Cyber Defence · 31d ago PenTest+ Exam cybersecurity · 31d ago Rooted your router lately? hacking: security in practice · 31d ago AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs cybersecurity · 31d ago The Detection & Response Chronicles: Covert Operations Through QEMU For [Blue|Purple] Teams in Cyber Defence · 31d ago The Interesting Case of WSL for Payload Staging For [Blue|Purple] Teams in Cyber Defence · 31d ago The Click that shouldn’t have worked: RCE via clickjacking in Internet Explorer For [Blue|Purple] Teams in Cyber Defence · 31d ago Ongoing Targeted Campaign Against US Law Firms For [Blue|Purple] Teams in Cyber Defence · 31d ago New China-Linked Cluster OP-512 For [Blue|Purple] Teams in Cyber Defence · 31d ago Looking for guidance cybersecurity · 31d ago 5$ to whoever can find the email of my old YouTube channel hacking: security in practice · 31d ago Before you attempt any OffSec certification, read what just happened to me cybersecurity · 32d ago Reporting Metrics for Management cybersecurity · 32d ago got hit with SOC 2, cyber insurance, and a prospect pentest request at the same time cybersecurity · 32d ago This company is scaming people hacking: security in practice · 32d ago Found an old Discord CDN ZIP in Opera downloads and I’m trying to figure out if I should be worried cybersecurity · 32d ago HackTheBox - Facts IppSec · 32d ago Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload. cybersecurity · 32d ago AI Security Certificates cybersecurity · 32d ago Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload. For [Blue|Purple] Teams in Cyber Defence · 32d ago Guys is bug bounty dead? cybersecurity · 32d ago How are folks making it in bug bounty? cybersecurity · 32d ago How useful is it to require at least one uppercase letter in a password? cybersecurity · 32d ago Cybersecurity Improved Detection But Exposed a New Problem Cyber Defense Magazine · 32d ago Cyber security ! Is no more ? cybersecurity · 32d ago From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services For [Blue|Purple] Teams in Cyber Defence · 32d ago MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain For [Blue|Purple] Teams in Cyber Defence · 32d ago Six Stages Deep and an Endless Loop: Shai-Hulud Is Getting Sophisticated For [Blue|Purple] Teams in Cyber Defence · 32d ago Game Over: WeedHack - The Rise of Minecraft Malware-as-a-Service Campaigns For [Blue|Purple] Teams in Cyber Defence · 32d ago About ETW Internals: Architecture, Hooking, Tampering, and Detection For [Blue|Purple] Teams in Cyber Defence · 32d ago PoisonXドライバを用いた日本組織への攻撃キャンペーン - Attack campaign against Japanese organizations using PoisonX driver For [Blue|Purple] Teams in Cyber Defence · 32d ago Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp For [Blue|Purple] Teams in Cyber Defence · 32d ago Async PICOs and Custom Beacon Wakeups in Cobalt Strike For [Blue|Purple] Teams in Cyber Defence · 32d ago Enter the WasmForge: Compiling Sliver into WebAssembly For [Blue|Purple] Teams in Cyber Defence · 32d ago staged-DLL-Injection-SMB-: Staged DLL injection proof-of-concept built in C using Win32 APIs For [Blue|Purple] Teams in Cyber Defence · 32d ago Trend Micro Deep Security Agent Research: Forcing bmhook/tmhook Reloads to Open a Protection Bypass Window For [Blue|Purple] Teams in Cyber Defence · 32d ago Seven Years on a Public Clipboard: Pasted Secrets, Türkiye's Exposure, and a Stored XSS For [Blue|Purple] Teams in Cyber Defence · 32d ago BOF Cocktails in Cobalt Strike For [Blue|Purple] Teams in Cyber Defence · 32d ago Address Translation For [Blue|Purple] Teams in Cyber Defence · 32d ago CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers cybersecurity · 32d ago Ghosts in the Cloud: Chinese Hackers Hid in Microsoft 365 Networks for 18 Months cybersecurity · 32d ago Antimiasma Worm to discover/mitigate/vaccinate Miasma worm infected repositories cybersecurity · 32d ago Investigation into APT 5 and their inner workings of PLA Troop 61786 For [Blue|Purple] Teams in Cyber Defence · 32d ago How to train employees to feel when something's off? cybersecurity · 32d ago Building A Malware Lab From Scratch Part 2! Malware Analysis & Reports · 32d ago A modular autonomous-agent runtime written in C hacking: security in practice · 32d ago The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy For [Blue|Purple] Teams in Cyber Defence · 32d ago ALERT OVERLOAD cybersecurity · 32d ago CISA and Partners Urge Hardening Automatic Tank Gauge Systems For [Blue|Purple] Teams in Cyber Defence · 32d ago Magecart skimmer turns Stripe into a malware command server For [Blue|Purple] Teams in Cyber Defence · 32d ago Security advisory: Brute force attack on Dashlane user accounts For [Blue|Purple] Teams in Cyber Defence · 32d ago Cisco Security Advisory: Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability For [Blue|Purple] Teams in Cyber Defence · 32d ago A new extortion brand called Pink, tracked as cluster CL-CRI-1147, that leverages vishing for initial access for the purposes of extortion. CL-CRI-1147 is likely a Com-affiliated actor, with techniques similar to Bling Libra (ShinyHunters) and CL-CRI-1116 (Blackfile/Redact). For [Blue|Purple] Teams in Cyber Defence · 32d ago IronWorm: Shai-Hulud's rustier cousin For [Blue|Purple] Teams in Cyber Defence · 32d ago Finally! A modern Android menu template with ImGui + Zygisk + all major hooking libraries (Dobby, KittyMemory, Substrate) Reverse Engineering · 32d ago CTO at NCSC Summary: week ending June 7th cybersecurity · 32d ago Weil reportedly pays up to $20 million after hackers steal client data For [Blue|Purple] Teams in Cyber Defence · 32d ago CTO at NCSC Summary: week ending June 7th For [Blue|Purple] Teams in Cyber Defence · 32d ago A new BitLocker bypass allows access to encrypted drive in the pre-boot environment with all Windows security features enabled cybersecurity · 32d ago defending-code-reference-harness: Claude skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize For [Blue|Purple] Teams in Cyber Defence · 32d ago 1-Click GitHub Token Stealing via a VSCode Bug For [Blue|Purple] Teams in Cyber Defence · 32d ago The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds For [Blue|Purple] Teams in Cyber Defence · 32d ago Microsoft Azure Repositories Compromised (Disabled) as Miasma Worm Targets AI Coding Agents Through GitHub cybersecurity · 32d ago Detecting npm Native Addon Malware: node-gyp Abuse Malware Analysis & Reports · 32d ago AppSec Engineer Interview Stories cybersecurity · 32d ago [OpenSource] Multi-layer sandbox for native code execution on Linux with no external deps. cybersecurity · 32d ago Multi-layer sandbox for native code execution on Linux with no external deps. For [Blue|Purple] Teams in Cyber Defence · 32d ago Is there a safe way to continue using (unsupported) Windows 10? cybersecurity · 32d ago Is Splunk suitable for smaller Enterprises? cybersecurity · 32d ago Has anyone else had MFA prompt fatigue issues with users? cybersecurity · 32d ago Data Scrubbing from Databases cybersecurity · 32d ago Best Certificates? cybersecurity · 32d ago Rant cybersecurity · 32d ago New York passes data center moratorium and consumer protections as environmental, and housing proposals stall cybersecurity · 32d ago Cyber attackers have a new favorite, the browser cybersecurity · 32d ago Looking to get into cybersecurity in web3 cybersecurity · 32d ago Microsoft discovered that Anthropic's Claude Code GitHub Action is vulnerable to prompt injection attacks via issues and Pull Requests cybersecurity · 32d ago Should i use email 2fa or only auth and phone number? cybersecurity · 32d ago Can I break into cybersecurity with a white collar felony? cybersecurity · 32d ago Open Source Intelligence - Building AI Systems That Handle Contradiction at Scale cybersecurity · 32d ago How a USB-connected speaker can infect a PC without ever being touched Security - Ars Technica · 32d ago How are people supposed to defend against both supply chain attack and zero-day vulnerabilities at the same time? cybersecurity · 32d ago What kind of topics do you think should be covered more (in conferences, youtube etc) but they arent? cybersecurity · 32d ago Innovator Spotlight: Airrived Cyber Defense Magazine · 32d ago How Hard is This cybersecurity · 32d ago Reverse Engineering Crazy Taxi, Part 3 Reverse Engineering · 32d ago Ghidra 12.1.2 has been released! Reverse Engineering · 32d ago Installed Fake Codex hidden as a google site cybersecurity · 32d ago Virustital scan result help cybersecurity · 32d ago CrowdStrike Turned an AI Wave Into Its Best Quarter Ever cybersecurity · 32d ago ESP32 Bit Pirate - An Hardware Hacking Tool That Speaks Every Protocol - Version 1.6, new Pirate Assistant in the WebUI, USB adapter system - IR SUBGHZ WIFI BT JTAG I2C UART SPI 1WIRE 2WIRE 3WIRE RF24 ETH and more hacking: security in practice · 32d ago Cyber Resilience Act - Position? Pain points? Struggle? Possible solutions? cybersecurity · 32d ago I fell for the cybersecurity degree trap and thought I could beat the job market, I could not. Not sure what to do now cybersecurity · 32d ago Being a Security Engineer? Which AI-powered tools are you using on a daily basis? cybersecurity · 33d ago Over 900 US gas station tank gauge systems exposed to attacks cybersecurity · 33d ago Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person cybersecurity · 33d ago SIEM is broken in the AI agents era cybersecurity · 33d ago TCM Security CTF Walkthrough The Cyber Mentor · 33d ago Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption Technical Information Security Content & Discussion · 33d ago Google Cloud hit by fresh layoffs, security and Mandiant teams among those affected cybersecurity · 33d ago Extending a map tool for Cataclismo Reverse Engineering · 33d ago Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away CyberScoop · 33d ago Keeping Secrets Out of Logs Technical Information Security Content & Discussion · 33d ago Phantom Gyp npm Worm Abuses node-gyp Build Hooks cybersecurity · 33d ago Certified cybersecurity ISC2 cybersecurity · 33d ago Help studying for OSCP cybersecurity · 33d ago The current state of Threat Intelligence Tooling cybersecurity · 33d ago Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware cybersecurity · 33d ago I've been reverse engineering a lost 2010 horse MMO and I need contributors Reverse Engineering · 33d ago Cloud Security In Practice Cyber Defense Magazine · 33d ago We tested offensive AI agents against deception technology cybersecurity · 33d ago A matter that I have been losing my sleep over cybersecurity · 33d ago Any experience with Rootly or incident.io for cyber incident management? cybersecurity · 33d ago CTIA Study Resources & Preparation Advice? cybersecurity · 33d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 33d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 33d ago Black hat uk vs brucon cybersecurity · 33d ago Unauthenticated RCE as QSECOFR via IBM i Management Central — port 5555, client-controlled verify flag, no credentials required (V7R4 and earlier) Technical Information Security Content & Discussion · 33d ago Cisco warns of unpatched SD-WAN zero-day exploited in attacks cybersecurity · 33d ago NIS2 hits railway hard cybersecurity · 33d ago Introducing Package Proxy: supply-chain safety checks without client-side software For [Blue|Purple] Teams in Cyber Defence · 33d ago I need help guys… :( cybersecurity · 33d ago Question from the Seniors cybersecurity · 33d ago China-Linked Cybercrime Group Expands Attacks Beyond Asia With AI-Assisted Malware cybersecurity · 33d ago AI-Powered Cheats & Stolen Secrets: Teardown of the Yuta/Solara Roblox Stealer For [Blue|Purple] Teams in Cyber Defence · 33d ago Can one reveal the asterisks in an email? hacking: security in practice · 33d ago what certs have u seen in ai security related job posts ? cybersecurity · 33d ago How is the Security Architecture / Strategic IT Security process structured in your organization? cybersecurity · 33d ago Proxmark3 vs Proxmark5 Side by Side hacking: security in practice · 33d ago Should I go for it? hacking: security in practice · 33d ago What's happening in cybersecurity job market in US and Europe these days? cybersecurity · 33d ago Microsoft Warns of GPU Cryptojacking Campaign Spread Through AI Chatbot Links Malware Analysis & Reports · 33d ago Has any of you pivoted from GRC to CTI? cybersecurity · 33d ago Up-date-list of cybercrime types? cybersecurity · 33d ago HookNt: A Windows x64 tool to trace NT APIs by injecting an import-free DLL, installing ntdll trampolines, and streaming events over named pipes Reverse Engineering · 33d ago What else should I learn to build a strong cybersecurity foundation? cybersecurity · 33d ago zannotate: Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS) For [Blue|Purple] Teams in Cyber Defence · 33d ago Hackerone interview cybersecurity · 33d ago Ransomware in the AI Era | ft. Behnaz Karimi | Ep. 109 | ScaleToZero Podcast | Cloudanix cybersecurity · 33d ago The Deny ACE That Never Fires: Non-Canonical ACL Order in Active Directory For [Blue|Purple] Teams in Cyber Defence · 33d ago VerdantBamboo: Just Another BRICKSTORM in the Firewall For [Blue|Purple] Teams in Cyber Defence · 33d ago AzureRedOps: Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID For [Blue|Purple] Teams in Cyber Defence · 33d ago MXC Internals: How Microsoft's eXecution Containers Actually Isolate Agent Code For [Blue|Purple] Teams in Cyber Defence · 33d ago IronWorm Supply Chain Malware Hits npm For [Blue|Purple] Teams in Cyber Defence · 33d ago FSB’s matryoshka #3/3 - Gamaredon’s gifts that keeps unpacking - GammaSteel For [Blue|Purple] Teams in Cyber Defence · 33d ago FSB’s matryoshka #2/3 - Gamaredon’s gifts that keeps unpacking - GammaLoad For [Blue|Purple] Teams in Cyber Defence · 33d ago You do surprise me.exe: An unexpected executable in Hola Browser For [Blue|Purple] Teams in Cyber Defence · 33d ago Testing URL Rewriting? cybersecurity · 33d ago Got an internship in IAM with no qualifications and no soft skills cybersecurity · 33d ago Work Hours of DFIR/Cloud Security vs Pentest cybersecurity · 33d ago Narcissistic Tech Leader.... cybersecurity · 33d ago Anyone else's firewall logs just explode after midnight? cybersecurity · 33d ago I'm replacing myself.. at least the boring parts cybersecurity · 33d ago Anyone else dealing with these phantom login attempts from China? cybersecurity · 33d ago Multi-layer sandbox for native code execution on Linux with no external deps. Reverse Engineering · 33d ago Best way to fully clear windows and set everything up securely (pc, accounts etc) cybersecurity · 33d ago IBM, AT&T Accused by Whistleblower of Covering Up Foreign Hacks cybersecurity · 33d ago Soc analyst cybersecurity · 33d ago Do companies actually require cybersecurity insurance cybersecurity · 33d ago Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantage Recorded Future · 33d ago Is it possible to backdate emails, including the intermediate received dates, not just smtp sent date header hacking: security in practice · 33d ago Certification Questions | LIVE AMA | Summer of CCNA NetworkChuck · 33d ago Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability Cisco Security Advisory · 33d ago Hill Dems hammer GOP for $250M CISA budget cut CyberScoop · 33d ago Uncommon/Unusual CrowdStrike Alerts cybersecurity · 33d ago Cyber analyst: law firm or bank cybersecurity · 33d ago best free av and how do i properly setup passwords? cybersecurity · 33d ago Five 9 Vulnerability cybersecurity · 33d ago Failed to verify LHOST error for long links in metasploit hacking: security in practice · 33d ago CVE Lite CLI closes dependency gap — but won't stop modern threats cybersecurity · 33d ago Scope change cybersecurity · 33d ago We just stopped a social engineering attack on our service desk. Here’s how it played out. cybersecurity · 33d ago System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models Reverse Engineering · 33d ago System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models Technical Information Security Content & Discussion · 33d ago Your AI agent could become your biggest insider threat CyberScoop · 33d ago What is the most underestimated cybersecurity risk right now? cybersecurity · 33d ago Update: Company is paying for any certification, which should I obtain? Except Sans cybersecurity · 34d ago New paper: every AI model has a naturally occurring unforgeable fingerprint in how it ranks tokens, relevant to fake model detection and supply chain verification cybersecurity · 34d ago Anyone else's firewall vendor docs a total nightmare? cybersecurity · 34d ago Your opinions about a learning style cybersecurity · 34d ago Why Real-Time Fraud Prevention Is the Only Way to Stop AI-Driven Attacks cybersecurity · 34d ago New IronWorm malware hits 36 packages in npm supply-chain attack cybersecurity · 34d ago Is Marauder available for ESP32-S3 Mini? hacking: security in practice · 34d ago Anyone else see their firewall logs just explode after a cloud update? cybersecurity · 34d ago Gemini whatsapp hacking: security in practice · 34d ago Are certifications necessary to get a job in cybersecurity? cybersecurity · 34d ago China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa Proofpoint News Feed · 34d ago Part 2: Bulk-Injection / Back-dating Signature Found in Public Tech-Governance Dataset (RDB Constraint Bypass) cybersecurity · 34d ago Is retyping and translating textbooks too inefficient for CS/Cybersecurity? cybersecurity · 34d ago Free Microsoft Enterprise Security Assessment: Worth It cybersecurity · 34d ago Empty-ciphertext panic in aws-encryption-provider (CVD with AWS) Technical Information Security Content & Discussion · 34d ago How are organizations preparing for AI-generated phishing attacks? cybersecurity · 34d ago Re:CACHE - Excessive reflection, type confusion, and 0-click SXSS on Next.js Technical Information Security Content & Discussion · 34d ago Inside the race to adapt to an AI-powered security world cybersecurity · 34d ago 127.0.0.1 in eight headers: what attackers hide in X-Forwarded-For cybersecurity · 34d ago Inside the race to adapt to an AI-powered security world CyberScoop · 34d ago Microsoft blames unexpected Windows driver updates on caching issue cybersecurity · 34d ago Critical Ledger State-Machine Violation Found in Public Tech-Governance Node Dashboard (Debit Card Transaction Injected on 0 Balance) cybersecurity · 34d ago Enter the WasmForge: Compiling Sliver into WebAssembly Technical Information Security Content & Discussion · 34d ago Your CPU model leaks through the browser via WASM timing differences cybersecurity · 34d ago LSASS/Defender/CTFMON analysis For [Blue|Purple] Teams in Cyber Defence · 34d ago Segment With Purpose: A Zero Trust Blueprint For OT Network Segmentation In Manufacturing Cyber Defense Magazine · 34d ago Software supply chain attacks: check your dependencies For [Blue|Purple] Teams in Cyber Defence · 34d ago void-sniff: A lightweight x64 Native API syscall monitor with a custom inline hook engine and zero dependencies Reverse Engineering · 34d ago Chinese Cybercrime Group in Spotlight for Record Campaign Pace cybersecurity · 34d ago NAVTOR NavBox All CISA Advisories · 34d ago Hitachi Energy MACH HiDraw All CISA Advisories · 34d ago Hitachi Energy ITT600 Explorer All CISA Advisories · 34d ago B&R PPT30 Operating System All CISA Advisories · 34d ago Hitachi Energy RTU500 All CISA Advisories · 34d ago Extremely suspicious behaviour by memu emulator Malware Analysis & Reports · 34d ago Security Engineer 2 interview at Amazon coming up - What to expect? cybersecurity · 34d ago A researcher spent $1,500 testing if LLMs could hack a vulnerable app cybersecurity · 34d ago Help with university internship cybersecurity · 34d ago Are MCP servers becoming the next API security nightmare? cybersecurity · 34d ago Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator For [Blue|Purple] Teams in Cyber Defence · 34d ago What's the cybersecurity lesson you learned the hard way? cybersecurity · 34d ago ISO 27001 Surveillance audit vs Full recertification cybersecurity · 34d ago How important it is to get paid Cybersecurity certificates ? cybersecurity · 34d ago Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process cybersecurity · 34d ago Soc to Architecture cybersecurity · 34d ago Does "example file vulnerability" exists? cybersecurity · 34d ago VS code forces 2 hour cool down for most integrations. cybersecurity · 34d ago Company laptop isolated after Brave/Tor alert - should I be worried? cybersecurity · 34d ago Does anyone know how to send false positive to SOCradar ? virus total cybersecurity · 34d ago Looking for people to team up for Bug Bounties & CTFs cybersecurity · 34d ago Signal Without Smartphone cybersecurity · 34d ago I found a trojan on my pc and now im scared my private calls got leaked cybersecurity · 34d ago Meta, Microsoft & DOJ Smash Southeast Asia Scam Rings: 1.4 Million Accounts Removed, 63 Arrests cybersecurity · 34d ago CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog cybersecurity · 34d ago How do you change users behavior through awareness training? cybersecurity · 34d ago AI-built ransomware toolkit automates EDR evasion, AD discovery cybersecurity · 34d ago 29 open-source Sigma/Wazuh rules for Modbus, DNP3, IEC 104, MQTT, OPC-UA (OT/ICS detection) For [Blue|Purple] Teams in Cyber Defence · 34d ago Safe Rust API for wolfSSL/wolfCOSE hacking: security in practice · 34d ago Safe Rust API for wolfSSL/wolfCOSE cybersecurity · 34d ago Looking for feedback on my open-source OT detection ruleset (29 rules for Wazuh/Sigma) cybersecurity · 34d ago AMD GPU Users might be compromised cybersecurity · 34d ago [ Removed by Reddit ] cybersecurity · 34d ago Five Eyes Warn: Chinese Spies Using LinkedIn Recruitment Tactics to Access Sensitive Information cybersecurity · 34d ago CISA warns of cyberattacks targeting fuel tank monitoring systems cybersecurity · 34d ago [CTF] Struggling to extract RTSP stream from generic Chinese IP Cams (Altobeam SoC) via ONVIF cybersecurity · 34d ago how to get good at cyber security? cybersecurity · 34d ago Anyone use CrunchAtlas? cybersecurity · 34d ago Prompt monitoring laughs cybersecurity · 34d ago Malicious Payload in ai-sdk-ollama npm Package cybersecurity · 34d ago Can Someone Please ELI5 - "YellowKey" (CVE-2026-45585) to me? (an IT admin that survived the Great Global CrowdStrike Outage of 24) cybersecurity · 34d ago Resource Exhaustion hacking: security in practice · 34d ago what the HELL is dsztfso? cybersecurity · 34d ago Open Source - 2500 New MITRE Mutations For [Blue|Purple] Teams in Cyber Defence · 34d ago Yubikey Alternative....? cybersecurity · 34d ago Hiring cybersecurity · 34d ago Malware Malware Analysis & Reports · 34d ago CVE-2026-42897: Applying the Mitigation and Closing the Incident Are Not the Same Thing cybersecurity · 34d ago Threats to the 2026 FIFA World Cup Recorded Future · 34d ago Remembering Sir Alex Younger Recorded Future · 34d ago Agent-Ready: How to Prepare Your Site for AI-Driven Commerce Blog – Forter · 34d ago Certification Advice cybersecurity · 34d ago Question about Linux kernel TLS ULP disclosed June 2 to oss-security cybersecurity · 34d ago European authorities crack down on illegal streaming networks CyberScoop · 34d ago An IT guy basically stole my entire gmail account and probably posted it somewhere...how do I search for this? cybersecurity · 34d ago How to Rob a Data Center (new article on data center physical security) cybersecurity · 34d ago Hermes has a Home Assistant skill and it's unreal! NetworkChuck · 34d ago US: California Back & Pain Specialists Exposes 133GB of Patient Medical Records on Public Server cybersecurity · 34d ago Is it worth taking the EC councils masters program?? Are they legit /2026 cybersecurity · 34d ago Mid-level AppSec engineers: what do you actually study to prep for interviews? cybersecurity · 34d ago Automated Fault Injection Attack Framework Reverse Engineering · 34d ago Season VI of the US Games launches TOMORROW! Technical Information Security Content & Discussion · 34d ago Company is paying for any certification, which should I obtain? cybersecurity · 34d ago DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels CyberScoop · 34d ago Trusting Microsoft with your offensive security repos cybersecurity · 34d ago Automated Fault Injection Attack Framework cybersecurity · 34d ago Inside DesckVB Rat Analysis: From Malspam to In-Memory RAT For [Blue|Purple] Teams in Cyber Defence · 34d ago Bring Your Own RWX Region DLL (BYORWXDLL) For [Blue|Purple] Teams in Cyber Defence · 34d ago Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem For [Blue|Purple] Teams in Cyber Defence · 34d ago APT-C-26(Lazarus)组织利用CVE-2025-55182与Copperhedge组件的攻击行动分析 - Analysis of APT-C-26 (Lazarus) group's attack activities using CVE-2025-55182 and the Copperhedge component For [Blue|Purple] Teams in Cyber Defence · 34d ago NuGet Code Execution As A Service For [Blue|Purple] Teams in Cyber Defence · 34d ago aether: Aether is a Windows memory-forensics and threat hunting tool that scans live process memory for malicious pattern, detect injection techniques, implant signatures, reflectively loaded .NET assemblies For [Blue|Purple] Teams in Cyber Defence · 34d ago Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor For [Blue|Purple] Teams in Cyber Defence · 34d ago TA4922: The Suspected Chinese Crime Group is Going Global For [Blue|Purple] Teams in Cyber Defence · 34d ago [ Removed by Reddit ] For [Blue|Purple] Teams in Cyber Defence · 34d ago Physical Biometric device as a security measure..?? cybersecurity · 34d ago Espionage Campaign Targeted Stock Exchange Executive for Five Months For [Blue|Purple] Teams in Cyber Defence · 34d ago Cybersegurança cybersecurity · 34d ago Started Learning Cybersecurity cybersecurity · 34d ago InfraGard Application - Seeking Help | Student cybersecurity · 34d ago x86 assembly: Why you only need Paris to beat Pizza Tycoon (1994) Reverse Engineering · 34d ago Orientación en Ciberseguridad cybersecurity · 34d ago OnionAccelerator: multi-circuit / chunked download acceleration over Tor For [Blue|Purple] Teams in Cyber Defence · 34d ago Anthropic's coordinated vulnerability disclosure dashboard cybersecurity · 34d ago Hands Free: What LLM Driven Vulnerability Research Looks Like cybersecurity · 34d ago HazyBeacon and AWS Lambda Function URL Abuse For [Blue|Purple] Teams in Cyber Defence · 35d ago Real time Cybersecurity failures regarding Quantum computing/cryptography cybersecurity · 35d ago The Server Seizure That Affects Also Iran's Cyber Operations For [Blue|Purple] Teams in Cyber Defence · 35d ago How China's Cyber Operations – and the Contractors Behind Them – Target Critics Abroad For [Blue|Purple] Teams in Cyber Defence · 35d ago 🚨 PCPJack's SMTP Toolkit Dissected: 3 Deployer Generations, Multi-Arch Chisel, and a Full EHLO/STARTTLS Verification Loop Malware Analysis & Reports · 35d ago 🕵️♂️ PCPJack Hijacked 230 Cloud Servers to Send Email. Here's How They Did It. cybersecurity · 35d ago 🚨 🪱 How PCPJack Converted 230 Compromised Cloud Servers into a Hidden SMTP Relay Network For [Blue|Purple] Teams in Cyber Defence · 35d ago Wow64 implementation details: How is Wow64 implemented in Windows 11 25H2 Reverse Engineering · 35d ago A two-year-old RCE bug in Redis was just made public. An AI tool found it. The full exploit chain is out. cybersecurity · 35d ago Cisco Webex Meetings Cross-Site Scripting Vulnerability Cisco Security Advisory · 35d ago Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability Cisco Security Advisory · 35d ago Cisco Finesse Remote File Inclusion Vulnerability Cisco Security Advisory · 35d ago CISA warns of active attacks exploiting Android, Linux bugs cybersecurity · 35d ago Found some open ports on a govt site, should i report or stay quiet? cybersecurity · 35d ago What is a good way to keep track of passwords for programs that don't support password managers? cybersecurity · 35d ago ChatGPT Malvertising Campaign Malware Analysis & Reports · 35d ago Cybersecurity statistics of the week (May 25th - May 31st) cybersecurity · 35d ago ASN Emissions Index. Networks ranked by how much noise they create on the internet. cybersecurity · 35d ago Have you sold cve before? cybersecurity · 35d ago EU CRA mandatory vulnerability reporting enters into force September 11, 2026 — what the 24-hour obligation requires Technical Information Security Content & Discussion · 35d ago i want to become a pentester, but i don't know how to cybersecurity · 35d ago Recommendation Malware Analysis & Reports · 35d ago I’m not sure I’m in the right subreddit…. hacking: security in practice · 35d ago The OT Security Problem Nobody Wants to Own cybersecurity · 35d ago Don't Take Wednesday Off When You Manage Vulnerabilities cybersecurity · 35d ago I finally finished a production version after 4 yrds cybersecurity · 35d ago Support role pivot to cloud security cybersecurity · 35d ago Sysmon RegistryEvent exclude not overriding include rule for Event ID 13 For [Blue|Purple] Teams in Cyber Defence · 35d ago Took me a decade to turn quantum computing into what hackers can easily learn hacking: security in practice · 35d ago Welp, we got a VMware antidetect ransomware/spyware/trojan before GTA 6! Malware Analysis & Reports · 35d ago How do you manage your passwords? cybersecurity · 35d ago The Expanding Attack Surface And How Identity Is Now The Primary Breach Vector Cyber Defense Magazine · 35d ago Mad rush to produce AI driven slop cybersecurity · 35d ago O Tails é seguro para acessar links suspeitos? cybersecurity · 35d ago Took me a decade of work to turn Quantum Computing into a fun videogame hacking: security in practice · 35d ago Interesting- What LLM vuln research looks like Technical Information Security Content & Discussion · 35d ago Cyber Essentials plus + "legacy" network segments cybersecurity · 35d ago Red Hat npm supply chain attack "Miasma" — 32 @redhat-cloud-services packages, SLSA bypass via OIDC abuse, new GCP/Azure identity collectors For [Blue|Purple] Teams in Cyber Defence · 35d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 35d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 35d ago Hacking your PC using your speaker without ever touching it Reverse Engineering · 35d ago Hacking your PC using your speaker without ever touching it Technical Information Security Content & Discussion · 35d ago Insight for OPSWAT deep CDR cybersecurity · 35d ago Android vs iOS cybersecurity · 35d ago ShinyHunters leaks Charter Communications data: 4.9M customer records exposed via a social-engineering attack on an employee's Microsoft account cybersecurity · 35d ago Security Audits at an MSP cybersecurity · 35d ago [ Removed by Reddit ] cybersecurity · 35d ago Passkey registration breaks after moving off localhost.. cybersecurity · 35d ago Lessons for life: Why children’s data is a long-term identity risk WeLiveSecurity · 35d ago Lessons for life: Why children’s data is a long-term identity risk WeLiveSecurity · 35d ago Does your team hire fresh AI engineer who doesn't know anything about Security operations? cybersecurity · 35d ago UARs for Equation (banking system) cybersecurity · 35d ago Simple way how to bypass hotel WiFi? hacking: security in practice · 35d ago VS Code zero-day lets hackers steal GitHub tokens in one click hacking: security in practice · 35d ago Abusing iDEAL (Wero): how criminals weaponise legitimate payment links in phishing Technical Information Security Content & Discussion · 35d ago IoT pentesting cert cybersecurity · 35d ago Anthropic Expands Project Glasswing, Bringing AI Cyber Defense Tools to 150 More Organizations cybersecurity · 35d ago Experience with Tac Security cybersecurity · 35d ago Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content cybersecurity · 35d ago Golang code review notes II - elttam Technical Information Security Content & Discussion · 35d ago Using AI to Secure Its Generated Code Is a Ponzi Scheme Technical Information Security Content & Discussion · 35d ago Found Security Vulnerabilities in my university website cybersecurity · 35d ago burp-cc-bridge: Burp Suite Community REST API bridge (free alternative to Pro's REST API) hacking: security in practice · 35d ago Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign | Microsoft Threat Intelligence cybersecurity · 35d ago AI - Threat to the CyberSec Industry? cybersecurity · 35d ago Built a honeypot platform to catch lateral movement. How are you guys detecting this? cybersecurity · 35d ago How should small SaaS teams safely answer customer security questionnaires? cybersecurity · 35d ago Dependency Cooldowns - Dependency Cooldowns For [Blue|Purple] Teams in Cyber Defence · 35d ago Can AI Do Intelligence Analysis? Apparently Not. cybersecurity · 35d ago PROMPTPurify - 14MB Tiny Prompt Injection Guardrail Open Weight Model cybersecurity · 35d ago Regarding Certified Ethical Hacker (CEH Practical) exam cybersecurity · 35d ago Asking for advices on pursuing first CERTIFICATE cybersecurity · 35d ago I opened my own company and I can't find clients! cybersecurity · 35d ago ShinyHunters vaza dados de clientes da Spectrum após recusa de resgate da Charter cybersecurity · 35d ago C2 Frameworks - Threat Hunting in Action with YARA Rules For [Blue|Purple] Teams in Cyber Defence · 35d ago How big of a security risk or exploit would this be? hacking: security in practice · 35d ago Do you support the idea of creating a European commission that would issue special licenses for social media platforms, with standardized account creation rules and mandatory KYC (Know Your Customer) verification requirements across the EU? cybersecurity · 35d ago Anyone knows Quad9 dns ? cybersecurity · 35d ago KTO , Be the only one online -- on any WiFi network hacking: security in practice · 35d ago Ransomware tabletop For [Blue|Purple] Teams in Cyber Defence · 35d ago FREE coffee at Cisco Live (I'm giving it away) NetworkChuck · 35d ago I've a fullstack dev, I'm devleoping my own authentication for my application, Can anyone help me for it's security aspects ? cybersecurity · 35d ago Greynoise swarm cybersecurity · 35d ago SecOT+ certification for free cybersecurity · 35d ago How is the state of the job market for mid-level security engineers? cybersecurity · 35d ago Is anyone else still coding manually to learn? The market will continue to hire people that know what's going on even if you can now use AI to code many things cybersecurity · 35d ago WaSteal Update: Infrastructure Pivoting Reveals 57 Additional Extensions, Campaign Now at 183 Total cybersecurity · 35d ago Laid off from TPRM job - need help on the future of my career cybersecurity · 35d ago News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces The Last Watchdog · 35d ago Tracking APT28 PixyNetLoader: Evolutions from 2024 to 2026 For [Blue|Purple] Teams in Cyber Defence · 35d ago Tracking North Korea Nation-State APT Infrastructure: Kimsuky For [Blue|Purple] Teams in Cyber Defence · 35d ago 새벽에 온 암호화 손님 Endpoint(Midnight) 랜섬웨어 분석 - Analysis of Endpoint (Midnight) Ransomware: The Encrypted Guest That Arrived at Dawn For [Blue|Purple] Teams in Cyber Defence · 35d ago From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services For [Blue|Purple] Teams in Cyber Defence · 35d ago apparently bypassing school systems by playing games hacking: security in practice · 35d ago Anyone compared RoboShadow vs ConnectSecure for vulnerability management? cybersecurity · 35d ago Codex Discovered a Hidden HTTP/2 Bomb For [Blue|Purple] Teams in Cyber Defence · 35d ago Four coordinated npm supply chain campaigns active in May–June 2026 — TTPs, IOCs, and detection notes Technical Information Security Content & Discussion · 35d ago Top 5 Active Directory Pentesting Tools The Cyber Mentor · 35d ago Any one send vulnerability to MITRE? cybersecurity · 35d ago Need advice for a 30 min Security Apprenticeship interview cybersecurity · 35d ago Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs For [Blue|Purple] Teams in Cyber Defence · 35d ago Unpatched NTLM Coercion in Windows search: URI Handler, Same Bug, No CVE, No Fix For [Blue|Purple] Teams in Cyber Defence · 35d ago UltraViolet: your own Shodan, in Docker, with CVE/KEV/EPSS cybersecurity · 35d ago Microsoft insists Defender is enough for most PCs, but admits third‑party antivirus tools still offer extras it can’t match cybersecurity · 35d ago We Added a Detection Rule. We Were Not Expecting This. Technical Information Security Content & Discussion · 35d ago Introducing Microsoft Scout: Your always-on personal agent Microsoft 365 Blog · 35d ago Virustotal API as private data source cybersecurity · 35d ago DOD wants to integrate cyber in all operations, and integrate security into AI CyberScoop · 35d ago Resident Evil: Code Veronica X is now able 3D graphics from the decompiled source! Reverse Engineering · 36d ago Announcing the new Work IQ APIs Microsoft 365 Blog · 36d ago Microsoft Build 2026: Building agentic apps with Microsoft Fabric and Microsoft Databases Security | Microsoft Azure Blog | Microsoft Azure · 36d ago Trump administration releases scaled-back AI executive order CyberScoop · 36d ago Account Number Security Flaw cybersecurity · 36d ago Is Red Team Leaders Certification (RTL) actually useful for jobs or just for learning? cybersecurity · 36d ago A PoC to demonstrate that without PMF, MAC filtering at the AP level is the only thing stopping selective WiFi deauth cybersecurity · 36d ago Codex Lives In PowerShell Now NetworkChuck · 36d ago [ Removed by Reddit ] cybersecurity · 36d ago [ Removed by Reddit ] cybersecurity · 36d ago “Fellow practitioners — made some infosec merch that actually speaks our language. What security concepts would you want on a shirt?” For [Blue|Purple] Teams in Cyber Defence · 36d ago Phishing simulation platform cybersecurity · 36d ago 1-Click GitHub Token Stealing via a VSCode Bug Technical Information Security Content & Discussion · 36d ago Just task about OSI model cybersecurity · 36d ago FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential The Last Watchdog · 36d ago Need help improving DNS Spy from a security tool angle cybersecurity · 36d ago Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild cybersecurity · 36d ago Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild Technical Information Security Content & Discussion · 36d ago Oracle's first monthly patch update just dropped 77 CVEs. cybersecurity · 36d ago Cleaning up after a legacy service account breach. How are you handling automated secrets discovery? cybersecurity · 36d ago Airbus digital apprenticeship cybersecurity · 36d ago Built a decompiler for exotic legacy programming language opentext Gupta Team Developer Reverse Engineering · 36d ago Always-On Red Teams hacking: security in practice · 36d ago Anthropic expanding access to Project Glasswing CyberScoop · 36d ago Anthropic is expanding Project Glasswing — giving 150 more critical infrastructure orgs access to Claude Mythos to scan for vulnerabilities cybersecurity · 36d ago [An RX Global Event] Infosecurity Europe darkreading · 36d ago Officials Confirm Early Rollout Of CMMC Requirements At CMMC Northeast Summit Cyber Defense Magazine · 36d ago This is a scam and probably a malware/trojan. Path Of Exile 2 builder ... Malware Analysis & Reports · 36d ago Google fixes one actively exploited Android zero-day, 124 flaws cybersecurity · 36d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 36d ago CISA and Partners Urge Hardening Automatic Tank Gauge Systems All CISA Advisories · 36d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 36d ago Can elections be hacked? Modern day computational propaganda techniques described by the EU's East Stratcom Task Force cybersecurity · 36d ago Parsing Cisco IOS configs for CIS Auditing: Why regex fails on block contexts, and how are you handling offline static analysis? cybersecurity · 36d ago Security Architects who who actively use modelling - What's your approach? cybersecurity · 36d ago PAN-OS authentication bypass bug added to list of exploited vulnerabilities cybersecurity · 36d ago I have extreme anxiety about being hacked cybersecurity · 36d ago Fresher cybersecurity · 36d ago Iran is using Western AI services to help with phishing, malware support and military research while building a domestic platform at Sharif For [Blue|Purple] Teams in Cyber Defence · 36d ago Malicious Registrations in the Domain Name Market: An Analysis of gTLD Registrations and Cybercriminal Demand For [Blue|Purple] Teams in Cyber Defence · 36d ago Hackers Used Meta AI Bot to Hijack Instagram Accounts in Major Security Breach cybersecurity · 36d ago Career advice needed! cybersecurity · 36d ago LLMShare: using shared chatbot pages to distribute malware Malware Analysis & Reports · 36d ago GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure cybersecurity · 36d ago Google sr. security engineer interview cybersecurity · 36d ago Is offensive AI actually changing cybersecurity, or are we overestimating the impact? cybersecurity · 36d ago Multiple Red Hat NPM packages victim of Mini Shai-Hulud Miasma wave cybersecurity · 36d ago is emerald chat safe? cybersecurity · 36d ago Gamaredon’s gifts that keeps unpacking - GammaPhish and GammaWorm For [Blue|Purple] Teams in Cyber Defence · 36d ago Does anyone on this subreddit who has an VirusTotal premium account can help me with something important ? cybersecurity · 36d ago ClickJack in the wild cybersecurity · 36d ago NuGet Code Execution As A Service Technical Information Security Content & Discussion · 36d ago Thoughts on A.I assisted Malware Analysis? cybersecurity · 36d ago 19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access cybersecurity · 36d ago What articles do you use for cybersecurity news? (2026) cybersecurity · 36d ago Iran Expands Handala Brand to Physical Threats Recorded Future · 36d ago Is anyone using agents in regulated industries? How do you make sure sensitive data doesn't go back to the AI provider? cybersecurity · 36d ago Roadmap and Training Recommodation cybersecurity · 36d ago Attackers are exploiting Palo Alto Networks defect that initially flew under the radar CyberScoop · 36d ago I managed to pull the full system prompt for Meta's Support AI hacking: security in practice · 36d ago Les anti-triche de niveau noyau et leur risque de sécurité cybersecurity · 36d ago Harassing text messages hacking: security in practice · 36d ago Asked to Send Sensitive Documents via MMS cybersecurity · 36d ago SC-200 compared to CC (isc2) cybersecurity · 36d ago running custom firmware / patching the stock firmware of the soundcore headphones and running DOOM on it! Reverse Engineering · 36d ago Blind POST SSRF in phpBB 4.0.0-alhpa1 Web Push (CVD with phpBB) Technical Information Security Content & Discussion · 36d ago Every SaaS Company Is Accidentally Building Meta's Instagram Vulnerability Right Now cybersecurity · 36d ago Looking to move off KB4, what are people actually using these days? cybersecurity · 36d ago Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight CyberScoop · 36d ago Got my Security+. What's next? cybersecurity · 36d ago I'm Moderating My First Panel… Come see me at Cisco Live NetworkChuck · 36d ago Vulnerability Summary for the Week of May 25, 2026 cybersecurity · 36d ago RedSun: Exploiting Windows Defender's Remediation Workflow for Local Privilege Escalation For [Blue|Purple] Teams in Cyber Defence · 36d ago Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages For [Blue|Purple] Teams in Cyber Defence · 36d ago Cybersecurity (CYBER); Cyber Resilience Act (CRA); Cybersecurity requirements for routers, modems intended for the connection to the internet and switches For [Blue|Purple] Teams in Cyber Defence · 36d ago REMINDER: FINAL deadline for HOPE Talks & Workshops is TODAY! hacking: security in practice · 36d ago Malware cybersecurity · 36d ago Alternative Search Engine to Utilize in 2026? cybersecurity · 36d ago Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked cybersecurity · 36d ago Miasma: Supply Chain Attack Targeting RedHat npm Packages For [Blue|Purple] Teams in Cyber Defence · 36d ago USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order CyberScoop · 36d ago Switching back to Windows?!? NetworkChuck · 36d ago Windows Server vulnerability can grant system privileges with just a malformed packet — domain controllers are being exploited in the wild cybersecurity · 36d ago Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers cybersecurity · 36d ago Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts Krebs on Security · 36d ago Hacking Palo Alto Networks' GlobalProtect VPN with AI hacking: security in practice · 36d ago AI compliance cybersecurity · 36d ago Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm cybersecurity · 37d ago Is TeamPCP a Russian-affiliated APT? How can preventive security principles assist defending ecosystems against attacks on software supply chains? cybersecurity · 37d ago MacBook or Windows Laptop for Cybersecurity cybersecurity · 37d ago What's the most creative MFA bypass you've seen? cybersecurity · 37d ago @redhat-cloud-services npm scope backdoored with valid signed SLSA provenance; recovered the GitHub commit-search dead-drop C2 markers For [Blue|Purple] Teams in Cyber Defence · 37d ago Research Notes from Building a Windows Event Log Hunting Workflow cybersecurity · 37d ago Analyzed 24 months of ransomware leak-site posts. 84% land on weekdays, not at 3am. hacking: security in practice · 37d ago How to fix securityheaders scan X-Frame-Options and Content-Security-Policy ?? cybersecurity · 37d ago Free AI tools for TPRM? cybersecurity · 37d ago incomplete phone number from togo, need help reporting to police cybersecurity · 37d ago NPM packages from RedHat Compromised cybersecurity · 37d ago Linux Copy Fail CVE-2026-31431: KEV Privilege Escalation on Shared Build Hosts cybersecurity · 37d ago SOC Analyst working towards Threat Intelligence cybersecurity · 37d ago Is XSS possible through PDFs? cybersecurity · 37d ago Dutch Police and NCSC dismantle 17-million-device botnet running on 200 servers seized from local hosting provider Technical Information Security Content & Discussion · 37d ago r/netsec monthly discussion & tool thread Technical Information Security Content & Discussion · 37d ago The Next AI Governance Failure Won’t Be the Model cybersecurity · 37d ago Poisoning Claude Code: One GitHub Issue to Break the Supply Chain Technical Information Security Content & Discussion · 37d ago Microsoft MFA Is Down Again cybersecurity · 37d ago Started my first writeup - Sherlock NeuroSync-D (CVE-2025-29927) cybersecurity · 37d ago How I Found My First $3,000 AI Vulnerability NahamSec · 37d ago Stealing Passwords via HTML Injection Under a Strict CSP Technical Information Security Content & Discussion · 37d ago Computer logic or Science cybersecurity · 37d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 37d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 37d ago I am a Full Stack Developer but I want to switch to a cybersecurity centered position. Which positions should I prepare for? cybersecurity · 37d ago What C2s Are You Using cybersecurity · 37d ago Best AI LLM for Hacking related stuff hacking: security in practice · 37d ago PNPT Exam cybersecurity · 37d ago Election threats are focused on campaign systems, not voting machines CyberScoop · 37d ago What do you do when a supplier refuses or lacks a reporting clause on vendor incident notification? cybersecurity · 37d ago Feels like most people ignore the wireless layer until it bites them hacking: security in practice · 37d ago Any appsec engineer working in fortune 500? cybersecurity · 37d ago I'm developing an IDS/EDR. I need suggestions which blind spots I have, whats missing and what should be added next cybersecurity · 37d ago Anyone transition from AWS Data Center Operations to InfoSec? cybersecurity · 37d ago I think my account got hacked but it's weird cybersecurity · 37d ago Subnet discovery through multi-protocol TTL tracing Technical Information Security Content & Discussion · 37d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 37d ago current market for detecting deepfakes? cybersecurity · 37d ago Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts via prompt injection with bot - now patched For [Blue|Purple] Teams in Cyber Defence · 37d ago Worried about friend being doxxed on doxbin cybersecurity · 37d ago Tracking The Trackers: Commercial Surveillance Occurring on U.S. Army Networks For [Blue|Purple] Teams in Cyber Defence · 37d ago Meta AI Recovery Flow Reportedly Bypassed 2FA: A Lesson in Privilege Boundaries For [Blue|Purple] Teams in Cyber Defence · 37d ago how to shift from a service based company to a product based one in cybersecurity ? cybersecurity · 37d ago Meta AI Password Reset Flaw Reportedly Bypassed Instagram 2FA cybersecurity · 37d ago Cuál es el mejor curso (con certificado) que puedo hacer para empezar en el mundo del hacking? hacking: security in practice · 37d ago Sapphire Sleet Targets macOS in Multi-Stage Intrusion Campaign For [Blue|Purple] Teams in Cyber Defence · 37d ago Claude AI user data directory exfiltration via malicious npm package cybersecurity · 37d ago Need help as a beginner. How do I start with Ghidra? Any good guides to start? Is Ada Pro better? Etc. What do you recommend me to start from? Reverse Engineering · 37d ago Bitdefender blocking amd stuff? False positive or? cybersecurity · 37d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 37d ago Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet Trend Micro Research, News, Perspectives · 37d ago did they have my password?? what triggers this specific email??? instagram HELP. cybersecurity · 37d ago How to Unpack FlawedAmmyy - Malware Unpacking Tutorial Malware Analysis & Reports · 37d ago ATTENTION: Dashlane may have been breached. (Password manager). cybersecurity · 37d ago Can anyone figure out how to retrieve the recovery key in signal app? hacking: security in practice · 37d ago Norton blocked a “malicious script”? cybersecurity · 37d ago Need Advice: Ex Claims He Still Has Access to My Mac/iCloud After Resets and New Accounts cybersecurity · 37d ago Security researchers have uncovered a new attack technique that lets malicious websites spy on your browsing activity through hard drive. cybersecurity · 37d ago I wrote about the 5 biggest threats in 2026, curious what this community thinks. cybersecurity · 37d ago MSPs: What evidence do cyber insurance underwriters ask you for that is hardest to produce? cybersecurity · 37d ago Atomdrift - open-source malware detection for the software supply chain For [Blue|Purple] Teams in Cyber Defence · 37d ago Im new to cybersecurity and have a iPhone 7 (iOS 15.8.5) I wanna pentest, any suggestions? cybersecurity · 37d ago NetworkChuck cybersecurity · 37d ago LLM for creating phishing tool cybersecurity · 38d ago Why are we still treating IAM like a compliance checkbox? cybersecurity · 38d ago Polyfill pop up? cybersecurity · 38d ago ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding Technical Information Security Content & Discussion · 38d ago Building A Malware Lab From Scratch! Malware Analysis & Reports · 38d ago ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding Reverse Engineering · 38d ago SecAI+ difficulty question cybersecurity · 38d ago $730k+ raised on Proxmark5 with 2150 backers hacking: security in practice · 38d ago Could you guys give an honest feedback to a completely automated ssrf attack tool? cybersecurity · 38d ago tengo 61 y mi famila y amigos me espian I am 61 and my family and friends spy on me cybersecurity · 38d ago Microsoft Joined the DMARC Club cybersecurity · 38d ago Help. cybersecurity · 38d ago Vibe Coding Security cybersecurity · 38d ago I made an image SynthID remover, video and image phone/location metadata injector. Free to try! (this one actually works) hacking: security in practice · 38d ago Looking for a Company to Partner With cybersecurity · 38d ago Best reporting tools? cybersecurity · 38d ago What actually moved the needle on our alert fatigue (Wazuh + some automation, lessons after ~6 months) cybersecurity · 38d ago Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens For [Blue|Purple] Teams in Cyber Defence · 38d ago How Can Polyfill.io Still Act Maliciously? cybersecurity · 38d ago 179 npm Packages Target Cloud and Finance via oob.moika.tech For [Blue|Purple] Teams in Cyber Defence · 38d ago KB4853: Vulnerability Resolved in Veeam Service Provider Console 9.2.1 - "A vulnerability in Veeam Service Provider Console allows for remote code execution." - CVSS 9.4 For [Blue|Purple] Teams in Cyber Defence · 38d ago Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs For [Blue|Purple] Teams in Cyber Defence · 38d ago Hawk: Golang tool designed to exfiltrate passwords found via the sshd and su services For [Blue|Purple] Teams in Cyber Defence · 38d ago TinyLoad v7 - what i added :D (in memory protection using VEH and alot more) Reverse Engineering · 38d ago EvilTokens and OAuth Abuse: How Device Code Phishing Bypasses MFA For [Blue|Purple] Teams in Cyber Defence · 38d ago Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace For [Blue|Purple] Teams in Cyber Defence · 38d ago Signal macOS Desktop App Doesn't Actually Delete Messages When it Should For [Blue|Purple] Teams in Cyber Defence · 38d ago Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan For [Blue|Purple] Teams in Cyber Defence · 38d ago WHQL-signed kernel driver keylogger, likely deployed as an anti-cheat BYOVD For [Blue|Purple] Teams in Cyber Defence · 38d ago Any idea who's behind this hack? How to resolve it? hacking: security in practice · 38d ago Typosquatted npm packages used to steal cloud and CI/CD secrets For [Blue|Purple] Teams in Cyber Defence · 38d ago Need THM voucher code for cheap? Any known seller? cybersecurity · 38d ago Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2 For [Blue|Purple] Teams in Cyber Defence · 38d ago Malicious npm packages abuse dependency confusion to profile developer environments For [Blue|Purple] Teams in Cyber Defence · 38d ago Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257) For [Blue|Purple] Teams in Cyber Defence · 38d ago Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attack For [Blue|Purple] Teams in Cyber Defence · 38d ago CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities - "Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied." For [Blue|Purple] Teams in Cyber Defence · 38d ago Dissecting an Undocumented Lua-Wrapped Loader: The BoldTealLayer Campaign For [Blue|Purple] Teams in Cyber Defence · 38d ago SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks. For [Blue|Purple] Teams in Cyber Defence · 38d ago EDR Incident Response Playbook: Containing Local Account Incidents For [Blue|Purple] Teams in Cyber Defence · 38d ago Adversarial Oracles: LLM-Guided EDR Signature Reduction For [Blue|Purple] Teams in Cyber Defence · 38d ago One click—and you’re spied on: GFF files criminal complaint alongside journalist Trung Khoa Lê following spyware attack - GFF For [Blue|Purple] Teams in Cyber Defence · 38d ago proxy: A lightweight caching proxy for package registries. For [Blue|Purple] Teams in Cyber Defence · 38d ago How OLTs may have exposed entire ISP networks For [Blue|Purple] Teams in Cyber Defence · 38d ago Ghost passwords? cybersecurity · 38d ago Years ago, NSA released their own NSA Python training PDF . Today I created a curriculum around it hacking: security in practice · 38d ago A miner with a side of RAT: the unintended gift with your TV show or book - Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years For [Blue|Purple] Teams in Cyber Defence · 38d ago HunterAgent: Neuro-Symbolic Attack Trace Reconstruction under Anti-Forensics For [Blue|Purple] Teams in Cyber Defence · 38d ago Honeyval: A Comprehensive Evaluation Framework for LLM-powered HTTP Honeypots For [Blue|Purple] Teams in Cyber Defence · 38d ago Security of OpenClaw Agents: Fundamentals, Attacks, and Countermeasures For [Blue|Purple] Teams in Cyber Defence · 38d ago Lessons from Penetration Tests on Large-Scale Agent Systems For [Blue|Purple] Teams in Cyber Defence · 38d ago pydepgate: A zero dependency lightweight static analyzer designed for adversarial-shape code in python to detect supply chain attacks before they reach your interpreter. For [Blue|Purple] Teams in Cyber Defence · 38d ago [ Removed by Reddit ] Reverse Engineering · 38d ago Was a stipulation in my offer letter that I was required to obtain my CISM certification in 6 months... I did not. cybersecurity · 38d ago Snowboard Kids 2 is 100% Decompiled Reverse Engineering · 38d ago LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions Technical Information Security Content & Discussion · 38d ago LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions cybersecurity · 38d ago Anyone else having Chatgpt Strikes / Violations while learning cybersecurity? cybersecurity · 38d ago Blue Team tips? hacking: security in practice · 38d ago Working at Cisco, worth it? cybersecurity · 38d ago Want to Learn Cybersecurity in 2026 – Need Guidance, Roadmap, Tools, Resources & AI Advice cybersecurity · 38d ago usbsnoop — sniff and decode USB device traffic system-wide with eBPF, for reversing proprietary protocols (control/SCSI/HID, no bus analyzer) Reverse Engineering · 38d ago CIFSwitch: a non-universal Linux local root vulnerability For [Blue|Purple] Teams in Cyber Defence · 38d ago Are you pen testing AI Agents? cybersecurity · 38d ago Question of android malware cybersecurity · 38d ago External attack surface: how are you correlating DNS, SSL, and IP reputation today? cybersecurity · 38d ago edit certified pdf hacking: security in practice · 38d ago how do i properly setup 2fa and bitwarden? cybersecurity · 38d ago Hacking India's Largest Exam Evaluation Portal: From Authentication Bypass to Full Account Takeover (Covered by BBC) cybersecurity · 38d ago i need a partner to learn coding with me and have fun too,Hey, I'm 16 and just started learning cybersecurity and coding. I'm looking for a coding buddy around beginner level. We can learn Python, web development, and build small projects together. Anyone interested? cybersecurity · 38d ago Question for teams running parallel agents: Would you actually pay for a deterministic control plane, or are we all just building custom wrappers forever? cybersecurity · 38d ago I reverse engineered how Plex gates its Pass features, then wrote a tiny patch that flips them all on (Linux) Reverse Engineering · 38d ago Can Steam Cloud Files Transfer Malware cybersecurity · 38d ago I bought an old phone from 2018 and wanna destroy it with viruses for fun Malware Analysis & Reports · 38d ago HackTheBox - Interpreter IppSec · 39d ago Web-Based Indirect Prompt Injection To Push A Malicious Chrome Extension For [Blue|Purple] Teams in Cyber Defence · 39d ago Questions for the cloud security engineers cybersecurity · 39d ago DriverSentinel: DriverSentinel is a security tool developed in Go that detects malicious and vulnerable drivers on Windows systems by comparing them against the LOLDrivers.io database. For [Blue|Purple] Teams in Cyber Defence · 39d ago Visual Studio Extensions Revisited For [Blue|Purple] Teams in Cyber Defence · 39d ago Thoughts on this as a starter and doing bug bounty on the side cybersecurity · 39d ago Supply Chain Compromises Impact Nx Console and GitHub Repositories For [Blue|Purple] Teams in Cyber Defence · 39d ago How are new SC-200 candidates practicing labs without an E5 Developer tenant? cybersecurity · 39d ago Everyday hacking in our lives - transportation, work, finances, goods etc hacking: security in practice · 39d ago Digital Trap: Iran Uses Selective Internet Restoration to Track and Arrest January Protesters Technical Information Security Content & Discussion · 39d ago Getting OTP spammed from every app and website I've ever used. Should I be worried? cybersecurity · 39d ago BYOVD and Looting LSASS in the Modern EDR Era For [Blue|Purple] Teams in Cyber Defence · 39d ago A browser tool for checking contractor insurance certificates cybersecurity · 39d ago Am I getting screwed? cybersecurity · 39d ago SECODER | Security Coding Challenges for SOC Analysts & Detection Engineers cybersecurity · 39d ago PAN-OS added to KEV, Langflow exploit activity, and a surprising Windows EPSS jump — today's most actionable vulnerability signals [Threat Intel 2026/5/29} cybersecurity · 39d ago CTO at NCSC Summary: week ending May 31st cybersecurity · 39d ago CTO at NCSC Summary: week ending May 31st For [Blue|Purple] Teams in Cyber Defence · 39d ago BountyLabs — Bug Bounty Training with Labs, Challenges, and AI Mentorship cybersecurity · 39d ago OffensiveCon26 videos For [Blue|Purple] Teams in Cyber Defence · 39d ago Need suggestion cybersecurity · 39d ago Malware escaped browser without downloading files, then escaped a virtual machine Malware Analysis & Reports · 39d ago [INDIA] Need Advice: Shared mobile number risk on a joint minor account after a small P2P trade (P2P Fraud / Bank Freeze Anxiety) cybersecurity · 39d ago Was Dave Bittner interviewing an AI? cybersecurity · 39d ago CTF for complete beginner cybersecurity · 39d ago Hitting a plateau after 2 years in Web Security: How do I transition from standard OWASP bugs to finding CVEs and novel techniques? cybersecurity · 39d ago First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security Reverse Engineering · 39d ago AI-Era Cyber Risk Standards cybersecurity · 39d ago BEC Victim - Attacker replied inside a real email thread using a lookalike domain cybersecurity · 39d ago School Survey, (non-paid nothing its free its for my grades) For [Blue|Purple] Teams in Cyber Defence · 39d ago Question for those who transitioned from remote to work from anywhere cybersecurity · 39d ago Website Keeps Getting Falsely Flagged as Phishing/Malicious By Security Vendors cybersecurity · 39d ago Do you enjoy what you do or do you wish you could go back in time and change it? cybersecurity · 39d ago Is understanding how API keys, public/private keys, and secrets actually work necessary to work in cyber? cybersecurity · 39d ago A practical checklist for evaluating npm packages (supply chain attacks, slopsquatting, etc.) Technical Information Security Content & Discussion · 39d ago For those who made the jump to independent cybersecurity consulting, what was the hardest part of the first year? cybersecurity · 39d ago Name That Toon: Mark of (Cybersecurity) Progress darkreading · 39d ago Is a basic understanding of PKI and Public Key Cryptography necessary to work in cyber ? cybersecurity · 39d ago Do you think AI will make cybersecurity products/services cheaper over the next 5-10 years? cybersecurity · 39d ago Botnet of more than 17 million devices dismantled cybersecurity · 39d ago Exposed credentials on logs cybersecurity · 39d ago Do you think this is legit or has the website been compromised? hacking: security in practice · 39d ago Introducing Keyhog: The First GPU Accelerated secret scanner Technical Information Security Content & Discussion · 39d ago What do you think is the biggest cybersecurity risk for small businesses in 2026? cybersecurity · 39d ago Wanted to shift to cloud security, but have some questions cybersecurity · 39d ago OffensiveCon26 YouTube Playlist released Technical Information Security Content & Discussion · 39d ago Who actually owns the AI in your company? NetworkChuck · 39d ago Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments For [Blue|Purple] Teams in Cyber Defence · 39d ago LLMShare: how attackers are turning AI chatbot pages into malware delivery platforms For [Blue|Purple] Teams in Cyber Defence · 39d ago Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 CyberScoop · 39d ago Zero Trust is Overrated? Navigating the Complexity cybersecurity · 39d ago Test API post with flair cybersecurity · 39d ago Warning on MAD20 Subscriptions: $500 Blind Auto-Renewals and Hostage Certifications cybersecurity · 39d ago How Do You Handle the Massive Amount of Information in the CPTS Path? cybersecurity · 39d ago Wanna learn cybersecurity & ethical hacking hacking: security in practice · 39d ago LogMonitor — open-source Python tool for real-time failed login detection with multi-channel alerting For [Blue|Purple] Teams in Cyber Defence · 40d ago Help an upcoming cybersecurity engineer! cybersecurity · 40d ago Repeated Microsoft MFA attempts even after password change cybersecurity · 40d ago I’ve seen ppl get flamed online for ever thinking they’re hacked/being monitored but Malware Analysis & Reports · 40d ago Do you guys take paper notes or digital ones during studying ? hacking: security in practice · 40d ago What Is Device Intelligence and How Does It Stop Fraud? cybersecurity · 40d ago [FOSS Tool] WiFi-SpiderWeb V2.0: Active Cyber Defense for OpenWrt Routers with Live Radar Sweep (Python + SSE) cybersecurity · 40d ago Federal audit reveals NIST’s NVD is plagued by poor planning and duplication CyberScoop · 40d ago Ghidra 12.1.1 has been released! Reverse Engineering · 40d ago IBM commits $5 billion to secure open-source software cybersecurity · 40d ago Structuring an AI-Assisted Pentesting Homelab for a Final Year Project cybersecurity · 40d ago Are teams actually monitoring LLM traffic in production environments? cybersecurity · 40d ago How to protect passwords from memory scraping/API hooking on a compromised target machine during a remote session? (No Admin access, No 2FA) cybersecurity · 40d ago Raspberry pi cybersecurity · 40d ago Asia's Cyber Insurance Market Shows Signs of Life darkreading · 40d ago What is the biggest obstacle to using AI safely in a company? cybersecurity · 40d ago Advice going forward cybersecurity · 40d ago MCP Firewall help cybersecurity · 40d ago I wanted to shift to security but people told me the market is extremely bad, is that true? cybersecurity · 40d ago Best Personality Type/Traits for Working in Cyber Security cybersecurity · 40d ago Identifying attack patterns through kernel frame callstacks For [Blue|Purple] Teams in Cyber Defence · 40d ago A fake freelance job interview almost installed malware on my PC cybersecurity · 40d ago Is there a viable career path here or am I just being delusional? cybersecurity · 40d ago With Complex Cloud Integrations, Small Errors Lead to Major Compromises darkreading · 40d ago What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks cybersecurity · 40d ago Evaluation taxonomy for cyber threat intelligence (CTI) quality and conversion quality in workflows such as MISP/STIX exchange and CTI Transmute, covering relevance, accuracy, timeliness, clarity, specificity, format validity, conversion fidelity, and usefulness For [Blue|Purple] Teams in Cyber Defence · 40d ago 'The Com' Cyberattacks Support Violence & Sexploitation darkreading · 40d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 40d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 40d ago How do enterprises actually prevent developers from exfiltrating source code? cybersecurity · 40d ago I have a datastealer malware cybersecurity · 40d ago Dúvida de carreira. cybersecurity · 40d ago Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace cybersecurity · 40d ago Need Cloud Security Engineer simulator to learn the Job. I need to be more hands on with running tools ,Please advise thank you. Your resources are appreciated cybersecurity · 40d ago is SIEM really needed here ? cybersecurity · 40d ago Decompiled an app, found a bunch of secrets, what now? cybersecurity · 40d ago What safety boundary would you expect from a local AI incident investigation tool? For [Blue|Purple] Teams in Cyber Defence · 40d ago Can someone give me a correct method for learning reverse engineering? cybersecurity · 40d ago 1,001 IPs, 64 countries, one operation: mapping a botnet by its back end · HoneyLabs blog Technical Information Security Content & Discussion · 40d ago Authenticated RCE via Argument Injection in Gogs (NOT FIXED) For [Blue|Purple] Teams in Cyber Defence · 40d ago Critical Gogs Zero-Day RCE Remains Unpatched After 2+ Months cybersecurity · 40d ago GRC Advise cybersecurity · 40d ago [ Removed by Reddit ] cybersecurity · 40d ago Did something happen to haveibeenpwned? Any alternatives? cybersecurity · 40d ago I evaluated 5 LLM agents on patching real-world CVEs. Here is what I found. Technical Information Security Content & Discussion · 40d ago This month in security with Tony Anscombe – May 2026 edition WeLiveSecurity · 40d ago This month in security with Tony Anscombe – May 2026 edition WeLiveSecurity · 40d ago How do people actually modify mobile games to increase their power? hacking: security in practice · 40d ago Why I Built My Own LLM Benchmark for THOR Finding Triage For [Blue|Purple] Teams in Cyber Defence · 40d ago RAT SUSPECTED cybersecurity · 40d ago Casdoor contains multiple authentication bypass and access management vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 40d ago The approval prompt is lying: a critical coding agent security flaw - A symlink-hijack RCE in six AI coding agents For [Blue|Purple] Teams in Cyber Defence · 40d ago GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations For [Blue|Purple] Teams in Cyber Defence · 40d ago Inside a 176-Package npm Campaign Built to Beat Your Internal Dependencies For [Blue|Purple] Teams in Cyber Defence · 40d ago Malware seller hunted across three continents For [Blue|Purple] Teams in Cyber Defence · 40d ago Romanian National Sentenced for Selling Access to Networks of Oregon State Government Office and Other U.S. Victims For [Blue|Purple] Teams in Cyber Defence · 40d ago Law firm Wiley Rein hit with class action over data breach tied to Chinese hackers For [Blue|Purple] Teams in Cyber Defence · 40d ago Gezamenlijke actie politie en NCSC legt groot botnetwerk plat | Joint police and NCSC NL operation shuts down large bot network For [Blue|Purple] Teams in Cyber Defence · 40d ago How do people afford certificate s? cybersecurity · 40d ago I’m curious — what’s one cybersecurity tip you wish more people knew before getting hacked or scammed? cybersecurity · 40d ago Technical Brief of Planck-99: 34ns Deterministic Malware Classification on MCU-class Hardware (Zero FPU, 27KB footprint) Reverse Engineering · 40d ago Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations. cybersecurity · 40d ago Introducing Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet in plain English; get a narrative answer with containment recommendations. For [Blue|Purple] Teams in Cyber Defence · 40d ago Phone Forwarding cybersecurity · 40d ago Opinions on running Full Microsoft E5 Security Stack cybersecurity · 40d ago Claiming "XDR" cybersecurity · 40d ago Typosquatted npm packages used to steal cloud and CI/CD secrets cybersecurity · 40d ago Why Loyalty Programs Are Quietly Becoming a Security Blind Spot hacking: security in practice · 40d ago Fooling around with encrypted reasoning blobs Technical Information Security Content & Discussion · 40d ago CALIF: An AI audit of FreeBSD Technical Information Security Content & Discussion · 40d ago Microsoft security cybersecurity · 40d ago Need help regarding building a home lab cybersecurity · 40d ago Should I turn on passwordless accounts for all my Microsoft accounts? cybersecurity · 40d ago Transitioning from AWS Data Center Operations to Security Engineering cybersecurity · 40d ago CoreEvent GraphQL API – BOLA/IDOR exposing 10k+ records (PII, ticket QR codes) via unauthenticated queries Technical Information Security Content & Discussion · 40d ago Probably the wrong place. cybersecurity · 40d ago What after IT helpdesk? cybersecurity · 40d ago As Global Powers Explore Humanoid Robots, Cyber-Risk Looms darkreading · 40d ago News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit The Last Watchdog · 40d ago Ajuda pessoal hacking: security in practice · 40d ago VMP 3.5+ Internal Architecture & Heap Dispatch Analysis Reverse Engineering · 40d ago How are you security-testing API changes before production without slowing CI/CD? cybersecurity · 40d ago Are we trusting update repos or are you all extra paranoid now as well? cybersecurity · 40d ago Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops cybersecurity · 40d ago Prevent supply chain attacks cybersecurity · 40d ago The C-suite job that's burning people out faster than any other For [Blue|Purple] Teams in Cyber Defence · 40d ago New OSINTDomain Update: Domain OSINT Analysis with AI Agent Interpretation For [Blue|Purple] Teams in Cyber Defence · 40d ago Cybersecurity Authorities Issue Joint Guidance on the Adoption of Agentic AI Systems cybersecurity · 40d ago SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer For [Blue|Purple] Teams in Cyber Defence · 40d ago FBI warns of fake FIFA websites running World Cup fraud schemes cybersecurity · 40d ago Frieren: an open-source framework for WiFi Pineapple-style OpenWrt security appliances For [Blue|Purple] Teams in Cyber Defence · 40d ago Hackers are trying to steal Signal users' backups in new wave of phishing attacks cybersecurity · 40d ago The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN Technical Information Security Content & Discussion · 40d ago Samy Kamkar on building viruses, his arrest and privacy in the LLM era hacking: security in practice · 40d ago 2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface For [Blue|Purple] Teams in Cyber Defence · 40d ago Visual Studio Extensions Revisited Technical Information Security Content & Discussion · 40d ago Dutch Raid Fails to Dent Russian Bulletproof Host darkreading · 40d ago APT Activity Report: CONFLICT-INFORMED ESPIONAGE: MONITORING OIL SHIPMENTS, TARGETING DRONE MAKERS - October 2025-March 2026 For [Blue|Purple] Teams in Cyber Defence · 40d ago Incident Response Testing Preparation cybersecurity · 40d ago Introducing Microsoft 365 Business with Copilot: The new standard for small business Microsoft 365 Blog · 40d ago Kevin Mandia is speaking in NOVA on June 10 — probably the most candid you'll ever hear him outside of a major conference cybersecurity · 40d ago House panel poised to hold hearing centered on AI impact on cyber CyberScoop · 40d ago [Open-Source] WiFi-SpiderWeb: Turn any OpenWrt Router into an Active Cyber Defense & Honeypot System via USB 🕷️🔥 cybersecurity · 40d ago Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure For [Blue|Purple] Teams in Cyber Defence · 40d ago Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake For [Blue|Purple] Teams in Cyber Defence · 40d ago 3rd Party NFC cards.. secure? cybersecurity · 40d ago Vulnerability Management Tickets & SLA cybersecurity · 40d ago Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket CyberScoop · 40d ago Defending at Machine-Speed: Building AI Threat Readiness cybersecurity · 40d ago AI agents running in our environment have broader access than our sysadmins and ownership of that is unresolved cybersecurity · 40d ago HEAD request body processing leading cybersecurity · 40d ago Malicious npm Package Stole Files From Claude AI User Directory via GitHub cybersecurity · 40d ago Does anyone have an app like substack to keep being updated and engaging within the cyber domain? cybersecurity · 40d ago Zero Trust Implementation Guidelines For [Blue|Purple] Teams in Cyber Defence · 40d ago [ Removed by Reddit ] hacking: security in practice · 41d ago What’s an attack vector people massively underestimate in 2026? cybersecurity · 41d ago We security-reviewed our own free CVE tool and shipped the fixes - EPSS Lookup Tool v2.7 cybersecurity · 41d ago Threat Intel: Kemper Corporation Hit by ShinyHunters Salesforce Extortion Campaign (269k Accounts Ingested by HIBP) Technical Information Security Content & Discussion · 41d ago Is this considered a bug or something else entirely? hacking: security in practice · 41d ago Agentic AI Isn't Risky; the Way Orgs Deploy It Is darkreading · 41d ago A Deeper Look at GLASSWORM's Solana Variant Malware Analysis & Reports · 41d ago A Deeper Look at GLASSWORM's Solana Variant cybersecurity · 41d ago How 2004 RuneScape fit a multiplayer RPG into 56k dial-up Reverse Engineering · 41d ago Getting back deleted conversation from messanger hacking: security in practice · 41d ago Introducing a new design for Microsoft 365 Copilot Microsoft 365 Blog · 41d ago BlackToad: Network Manipulation in an AutoIt Payload For [Blue|Purple] Teams in Cyber Defence · 41d ago RVTools Masquerade: How a Signed Fake Installer Deploys a Modular Python RAT For [Blue|Purple] Teams in Cyber Defence · 41d ago Kimsuky's Advanced Attack Techniques: JSONPing, Webex Spoofing, and a New HttpSpy Variant For [Blue|Purple] Teams in Cyber Defence · 41d ago Calling Cyber Security Beginners cybersecurity · 41d ago Drupal PostgreSQL SQL Injection: From SELECT-Only to RCE Technical Information Security Content & Discussion · 41d ago Busco oportunidad laboral / consejos para iniciar en TI, ciberseguridad o análisis cybersecurity · 41d ago Building Omegle for Exposed Webcams hacking: security in practice · 41d ago built something for ai agents, ended up looking a lot like classic appsec cybersecurity · 41d ago Is Gophish still usable in 2026? cybersecurity · 41d ago Microsoft vs Chaotic Eclipse: three zero-days now actively exploited cybersecurity · 41d ago what do you think cybersecurity · 41d ago Why would be clicking a website, redirect me? cybersecurity · 41d ago Device Code Lab (DCL) — Deep Dive into a Device Code Phishing Toolkit For [Blue|Purple] Teams in Cyber Defence · 41d ago Zapier fixes bug chain that researchers say risked widespread account takeover cybersecurity · 41d ago AI Cyber Security vs Cyber Defense? In your opinions, which one would be better for a more immediate/stable/higher paying career? hacking: security in practice · 41d ago Writing cybersecurity policies is a waste of time cybersecurity · 41d ago Zapier fixes bug chain that researchers say risked widespread account takeover CyberScoop · 41d ago The GitHub Leak Situation Just Got Worse | Threat Wire Hak5 · 41d ago reverse engineering need for speed most wanted for modding sdk Reverse Engineering · 41d ago Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security darkreading · 41d ago Raising the Cybersecurity Stakes: Ante up for the Agentic Era. cybersecurity · 41d ago Supply Chain Compromises Impact Nx Console and GitHub Repositories Alerts · 41d ago ABB EIBPORT All CISA Advisories · 41d ago Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter All CISA Advisories · 41d ago ABB Busch-Welcome 2 Wire Door Opener Actuator All CISA Advisories · 41d ago Fourth Frontier Frontier X Mobile Application, Frontier X2 All CISA Advisories · 41d ago CP Plus 8 Ch. Network Video Recorder All CISA Advisories · 41d ago XCharge C6 All CISA Advisories · 41d ago KMW CCTV Security Cameras All CISA Advisories · 41d ago MacGregor Voyage Data Recorder (VDR) G4e All CISA Advisories · 41d ago Schnieider Electric EcoStruxure Machine Expert HVAC All CISA Advisories · 41d ago Supply Chain Compromises Impact Nx Console and GitHub Repositories All CISA Advisories · 41d ago Public CAs are exiting client authentication. Most organisations haven't inventoried what depends on it. cybersecurity · 41d ago [ Removed by Reddit ] cybersecurity · 41d ago Got hit by an infostealer via Discord - Need advice on full removal - ASUS TUF A15 Malware Analysis & Reports · 41d ago Released: Dataforge Honeypot cybersecurity · 41d ago Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks cybersecurity · 41d ago CEH-free cybersecurity · 41d ago Hottest cybersecurity open-source tools of the month: May 2026 cybersecurity · 41d ago Preparation tips for CPENT cybersecurity · 41d ago BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model darkreading · 41d ago FROST: Fingerprinting Remotely using OPFS-based SSD Timing For [Blue|Purple] Teams in Cyber Defence · 41d ago How do you handle AI tools in your organization? cybersecurity · 41d ago ESET APT Activity Report Q4 2025–Q1 2026 WeLiveSecurity · 41d ago ESET APT Activity Report Q4 2025–Q1 2026 WeLiveSecurity · 41d ago What scanners are actually trying against AI infrastructure Technical Information Security Content & Discussion · 41d ago I think i got scammed anybody can help me with that cybersecurity · 41d ago Nordic CISOs Handle Rising Cyber Threats Remarkably Well darkreading · 41d ago New phishing campaign targeting Japanese online banking users uses 'PayPoy' domain/branding typo cybersecurity · 41d ago Alert Number: I-052726-PSA | 27 May 2026 Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup For [Blue|Purple] Teams in Cyber Defence · 41d ago Is it safe to have passwords copied to clipboard on IOS temporarily? cybersecurity · 41d ago Developers working on anti-fraud systems deserve more credit cybersecurity · 41d ago Real Folks of Cyber | Dan Berger | Day in the Life The Cyber Mentor · 41d ago My company is moving to security clearance requirements but I am a foreign national. Anyone know time lines / realistic outcomes for me? Currently working as a sec analyst cybersecurity · 41d ago GitHub - cadela-dev/Anything-Reversal-Template: A Claude Code clean-room documentation workflow for reversing source structure into behavior-focused mirror docs. Reverse Engineering · 41d ago Security awareness training for AI heavy smb workflows? cybersecurity · 41d ago puck-security/puck-oss: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations. For [Blue|Purple] Teams in Cyber Defence · 41d ago Defense by accumulation Technical Information Security Content & Discussion · 41d ago Minimum Requirements for Helpdesk Role ? cybersecurity · 41d ago Reddit spear phishing cybersecurity · 41d ago Winbox server/client reverse engineered is opensource Reverse Engineering · 41d ago GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++ cybersecurity · 41d ago What to do cybersecurity · 41d ago What resources would you recommend for studying cysa+ cybersecurity · 41d ago Provenance of Data cybersecurity · 41d ago 5-year census of 65,907 exposed databases: 514 attacker BTC wallets traced, 62% received zero on-chain hacking: security in practice · 41d ago Websites have a new way to spy on visitors: analyzing their SSD activity cybersecurity · 41d ago 12 years in secops, military to vendor then internal. Internal feels like all loss and no win. Is this normal? cybersecurity · 41d ago OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms CyberScoop · 41d ago Russian Art Teacher - Hinder Security Clearance? cybersecurity · 41d ago Ransomware Actors Show Up In Person to Steal Law Firm Data darkreading · 41d ago FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person CyberScoop · 41d ago Who is Salt Typhoon Really? Unraveling the Attribution Challenge For [Blue|Purple] Teams in Cyber Defence · 41d ago EDR/MDR Vendor Questions cybersecurity · 41d ago Cybersecurity as a Highschooler? cybersecurity · 41d ago New department created, would love your input cybersecurity · 41d ago What are the dangers of posting? hacking: security in practice · 41d ago OWASP Vienna - anyone going? cybersecurity · 41d ago Interview with Upstart cybersecurity · 41d ago 18, immigrant in Portugal (no Portuguese), failing high school. Need a stable path to Hardware/Network Cyber. cybersecurity · 41d ago Is cloud security engineer viable with my current position? cybersecurity · 41d ago UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace CyberScoop · 41d ago Cloudflare Access users: what would actually make JIT useful for you? cybersecurity · 41d ago Looking for resources on end-to-end APT attack flow summaries for detection engineering For [Blue|Purple] Teams in Cyber Defence · 41d ago Kali365 Activity Surges: Device Code Phishing Is Scaling Fast Malware Analysis & Reports · 41d ago eBPF to Detect Unexpected Control-Plane Traffic Inside GTP-U Tunnels cybersecurity · 41d ago The War Between Wars: How an IRGC Cyber Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire For [Blue|Purple] Teams in Cyber Defence · 41d ago Questions regarding Ubuntu 24 LTS hardening cybersecurity · 41d ago Cómo puedo interferir señal de un dispositivo que está cerca de mí para que no le funcione la señal de wifi a la que él está conectado, cómo puedo protegerme? Se me tipos de cómo protegerme, soy nuevo en esto, me gusta mucho. cybersecurity · 41d ago Honest question about OT Security Engineer work life in India cybersecurity · 41d ago Who is using CVE Lite CLI? Share your use case (OWASP Incubator Project for JS/TS dependency scanning) cybersecurity · 41d ago AI Security cybersecurity · 41d ago Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor cybersecurity · 42d ago durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP For [Blue|Purple] Teams in Cyber Defence · 42d ago 🚨 Exposed Global Smishing Operation Hitting 19 Countries Across 3 Continents cybersecurity · 42d ago Latin American Cybercriminals Hoover Up Government Data darkreading · 42d ago Exposing a Smishing campaign across 19 countries: 1,628 malicious URLs tied to a single 128-char HTML fingerprint For [Blue|Purple] Teams in Cyber Defence · 42d ago AI-Assisted Exploit Development Outpaces Scanner Detection darkreading · 42d ago Building Detection Engineering on AWS from scratch — roast my plan cybersecurity · 42d ago Building Detection Engineering on AWS from scratch — roast my plan For [Blue|Purple] Teams in Cyber Defence · 42d ago New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault Technical Information Security Content & Discussion · 42d ago Academic Survey - AI in Cybersecurity Governance and Regulatory Compliance cybersecurity · 42d ago Flipper Zero Users, What's Your Take? hacking: security in practice · 42d ago Large company with a bit of an issue free stuff hacking: security in practice · 42d ago I went to prison for internet piracy and hacking; my FBI profiler sent me a message on LinkedIn when I got out, and now we’re presenting at SLEUTHCON. I'm Josh Brody and I ran HeheStreams: AMA. cybersecurity · 42d ago Research: All three major eBPF security monitors (Falco, Tracee, Tetragon) can be silently disabled via BPF map poisoning cybersecurity · 42d ago Final Year Project: Looking for non-generic IAM project ideas that solve real problems cybersecurity · 42d ago MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware Technical Information Security Content & Discussion · 42d ago GlassWorm takedown: year-long developer supply chain campaign using VS Code extensions and npm packages dismantled. cybersecurity · 42d ago MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware For [Blue|Purple] Teams in Cyber Defence · 42d ago Breaking out of IT Helpdesk - how? cybersecurity · 42d ago A year in Cybersecurity — Where Do I Go From Here? cybersecurity · 42d ago MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware cybersecurity · 42d ago MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware Malware Analysis & Reports · 42d ago 22, SOC Analyst experience + certs, still no interviews since January - looking for honest advice from people in cyber cybersecurity · 42d ago FBI: Silent Ransom Group Turns to IT Support Ploy cybersecurity · 42d ago A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate Technical Information Security Content & Discussion · 42d ago How do machine builders track Siemens/Rockwell security advisories? cybersecurity · 42d ago CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain CyberScoop · 42d ago GlassWorm Developer Supply-Chain Botnet Takedown cybersecurity · 42d ago The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN cybersecurity · 42d ago Active Exploitation - LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0: Root Privilege Escalation added to KEV cybersecurity · 42d ago (URGENT), i need help reversing uber's api in order to always mark the 4 seated vehicles as always on the road and not available for a specified account, while the vans remain active Reverse Engineering · 42d ago Got cybersec work what next ? cybersecurity · 42d ago Hi everyone! I’m a doctoral student conducting research on how people’s cybersecurity concerns affect their use of technologies like Apple Pay, smart devices, wearables. I’m looking for adults (18+) who currently use or have recently used these types of technology; smart devices or smart wearables cybersecurity · 42d ago Ekoparty Miami - Interface Anti-Patterns: Exploiting Insecure Navigation in 3rd Party Android App Lockers cybersecurity · 42d ago HN Security - AI Reporter - Let's automate reporting in Burp Suite! Technical Information Security Content & Discussion · 42d ago Trying to understand the scope of NVIDIA's attestation (NRAS), what am I missing? cybersecurity · 42d ago GitHub - facebook/mcpguard-dynamic: Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP) cybersecurity · 42d ago nightmare eclipse is probably French here is why cybersecurity · 42d ago Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines cybersecurity · 42d ago Measuring performance of JA4/JA4H AI Model cybersecurity · 42d ago Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security darkreading · 42d ago What things are you really focused on this year? cybersecurity · 42d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog Alerts · 42d ago CISA Adds Three Known Exploited Vulnerabilities to Catalog All CISA Advisories · 42d ago Deep structural file analysis with MITRE ATT&CK mapping, from the original ClamAV authors (clens.io) Malware Analysis & Reports · 42d ago Designing secure access with ZTNA For [Blue|Purple] Teams in Cyber Defence · 42d ago Hypothetical EDR spoofer Reverse Engineering · 42d ago Hypothetical EDR spoofer cybersecurity · 42d ago ISO 27001 Audit Stage 1 cybersecurity · 42d ago Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records Technical Information Security Content & Discussion · 42d ago Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That. cybersecurity · 42d ago What to consider before asking an AI chatbot for health advice WeLiveSecurity · 42d ago What to consider before asking an AI chatbot for health advice WeLiveSecurity · 42d ago Looking for Hacker Friends to Learn☺️ cybersecurity · 42d ago Comptes Instagram et Facebook piratés et désactivés cybersecurity · 42d ago RCE in Strix Agent(Sandbox): A practical guide to prompt injections with impact Technical Information Security Content & Discussion · 42d ago How to safely disinfect a USB stick from potential malware files? cybersecurity · 42d ago Proofpoint Introduces Active Exploits Protection to Help Organizations Prioritize Vulnerability Patching for Real-World Attacks in the AI Era Proofpoint News Feed · 42d ago Champion ethical hacker warns AI tools like Mythos will make competing harder. hacking: security in practice · 42d ago MSIT Launches Early “Incident Investigation Review Committee” for Proactive Security Incident Response For [Blue|Purple] Teams in Cyber Defence · 42d ago White House: Ensuring Effective and Efficient Agency Logging and Network Visibility to Defend Against Evolving Cyber Threats For [Blue|Purple] Teams in Cyber Defence · 42d ago Advisory X41-2026-002: Request Host Header not Validated in Starlette For [Blue|Purple] Teams in Cyber Defence · 42d ago Top ethical hacker Chompie warns AI tools could put her out of business For [Blue|Purple] Teams in Cyber Defence · 42d ago 浅谈AI Agent的行为检测思路 -A Brief Discussion on Behavior Detection Approaches for AI Agents For [Blue|Purple] Teams in Cyber Defence · 42d ago Samy Kamkar talking about how Jeffrey Epstein wanted him to be his hacker. hacking: security in practice · 42d ago YoroTrooper组织针对独联体及周边区域的攻击活动分析 - Analysis of YoroTrooper's Attacks Against the CIS and Surrounding Regions For [Blue|Purple] Teams in Cyber Defence · 42d ago CERT-IN: Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure - patch between 12 hours and 5 days they state For [Blue|Purple] Teams in Cyber Defence · 42d ago The Evolution of Chinese-language Phishing Services For [Blue|Purple] Teams in Cyber Defence · 42d ago Silent Ransom Group Impersonating IT Personnel through Social Engineering For [Blue|Purple] Teams in Cyber Defence · 42d ago Is anyone else concerned about how quickly AI is outpacing cloud security? cybersecurity · 42d ago The epoll UAF - an epoll uaf race in fs/eventpoll.c For [Blue|Purple] Teams in Cyber Defence · 42d ago Tycoon 2FA AiTM detection for Entra ID and Google For [Blue|Purple] Teams in Cyber Defence · 42d ago Microsoft Copilot Cowork Exfiltrates Files For [Blue|Purple] Teams in Cyber Defence · 42d ago What's a CyberSecurity job like? cybersecurity · 42d ago Microsoft Live credential stuffing cybersecurity · 42d ago I am on placement and part of a lab where we use cyber security and do research what jobs are similar to this? cybersecurity · 42d ago Security architects- summarize your responsibilities and role cybersecurity · 42d ago Finding Work in OSINT cybersecurity · 42d ago State of SDLC Security 2026 cybersecurity · 42d ago Reported to police for coding html cybersecurity · 42d ago there's a toll in the hall now hacking: security in practice · 42d ago I Reverse Engineered Need for Speed Most Wanted Server Reverse Engineering · 42d ago Am I crazy or is something off about this Google OAuth login via Calendly hacking: security in practice · 42d ago [Open Source] Desarrollé un mutador de huellas TLS en Rust para evadir sistemas Anti-Bot (JA3/JA4 scrambling) cybersecurity · 42d ago I open-sourced KernelEye — an eBPF/XDP-based Linux server security monitoring project cybersecurity · 42d ago Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover cybersecurity · 42d ago Shai-Hulud Hackers TeamPCP: Lucky or Skilled Operators? cybersecurity · 42d ago KnowledgeDeliver flaw exploited as a zero-day to install web shells cybersecurity · 42d ago GUEST ESSAY: AI pipelines are shattering network security — most companies haven’t even noticed yet The Last Watchdog · 42d ago Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos darkreading · 42d ago Apple open-sources quantum-resistant encryption code CyberScoop · 42d ago Breaking GROK'S DEFENSES to make it HACK Real Public Websites cybersecurity · 42d ago GitHub Actions Cache Poisoning is eating open source cybersecurity · 42d ago State Cyber Leaders Push Congress for More Funding, Support darkreading · 42d ago Nightmare-Eclipse has also been banned on GitLab :DD cybersecurity · 42d ago Shai-Hulud Hackers TeamPCP: Lucky or Skilled? darkreading · 42d ago For Enterprises, Security Remains Agentic AI's Biggest Challenge darkreading · 42d ago Do we still have time before we are in the Age of the movie "Minority Report"? ↓ cybersecurity · 42d ago SimHub (popular sim racing dashboard software) appears to silently disable Windows Defender via hidden Group Policy file cybersecurity · 42d ago Unpatched Sparx vulnerabilties For [Blue|Purple] Teams in Cyber Defence · 42d ago What Software Supply Chain, Water Filters, and Power Grids Have in Common cybersecurity · 42d ago QA engineer trying to move into AppSec — does this plan hold up? cybersecurity · 42d ago Not a security person... got hit by an undocumented macOS stealer campaign, reverse engineered it, and tried to take the whole operation down. Malware Analysis & Reports · 42d ago Is work from anywhere really impossible to find?? cybersecurity · 43d ago Navigating Lax Load Balancers: When an Intersection Gets You Inside Technical Information Security Content & Discussion · 43d ago New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences Microsoft 365 Blog · 43d ago Cybersecurity statistics of the week (May 18th - May 24th) cybersecurity · 43d ago Engineering a Post Quantum Fortress Inside the Citadel Archite cybersecurity · 43d ago Cyber Security Analyst cybersecurity · 43d ago Environmental consulting firm pushing heavy AI adoption despite employee concerns over environmental impact and data governance cybersecurity · 43d ago Two layer email security tool thesis cybersecurity · 43d ago Encrypted DNS in 2026: DoH, DoT, DoQ and DoH3 protocol comparison — including DNS hijacking attack vectors and what each protocol actually prevents Technical Information Security Content & Discussion · 43d ago sylvia: iOS Syscall Explorer for IDA 9.X For [Blue|Purple] Teams in Cyber Defence · 43d ago Ultima Online T2A client recreated from Origin's 2.0.7 client decompilation Reverse Engineering · 43d ago OTP lockout state leaked valid-code signal, enabling OLX account takeover Technical Information Security Content & Discussion · 43d ago When OTP rate limiting fails: OLX account takeover with persistent sessions cybersecurity · 43d ago When “try again later” still tells you the OTP was correct: an account takeover story. hacking: security in practice · 43d ago Entra ID sessions revoke cybersecurity · 43d ago Anyone who attended GPCSSI before? Need some clarification cybersecurity · 43d ago Lost on my career path. cybersecurity · 43d ago How journalists rely on VPNs to protect press freedom Technical Information Security Content & Discussion · 43d ago EU-based folks: external pentest vs mandatory data/security training? cybersecurity · 43d ago help needed from experienced people cybersecurity · 43d ago How do you evaluate whether a privacy service is actually privacy-respecting? cybersecurity · 43d ago Which one Intellipaat or coursera which one to choose cybersecurity · 43d ago How random program can cause most of antiviruses close himself without telling himself to close Malware Analysis & Reports · 43d ago Sylvia — IDA 9.x plugin that finds & documents iOS AArch64 syscalls with live man-page fetching Reverse Engineering · 43d ago ShadowCat: Universal optical file transfer, single html file, browser to camera hacking: security in practice · 43d ago Analyzing the Taiwan High-Speed Rail (THSR) TETRA incident (part 1) Technical Information Security Content & Discussion · 43d ago CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks cybersecurity · 43d ago India's CERT-In just mandated patching critical vulnerabilities within 12 hours. That sounds good — but is it actually realistic? cybersecurity · 43d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 43d ago ABB Terra AC All CISA Advisories · 43d ago ABB LVS MConfig All CISA Advisories · 43d ago ABB Ability Camera Connect All CISA Advisories · 43d ago Eppendorf BioFlo 320 All CISA Advisories · 43d ago ABB AbilityTM Zenon Remote Transport Vulnerability All CISA Advisories · 43d ago ABB AC500 V2 All CISA Advisories · 43d ago ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) All CISA Advisories · 43d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 43d ago Audited 20 production repos after the May supply chain attack. Every single one had at least 3 of the 8 misconfigs. cybersecurity · 43d ago Did anyone pass the SC-200 certificate recently? cybersecurity · 43d ago Honeypot cybersecurity · 43d ago passkeys, MFA, biometrics, and you can still reset everything with access to one gmail account cybersecurity · 43d ago Career in IAM as a fresher cybersecurity · 43d ago CISA orders feds to patch actively exploited Drupal vulnerability cybersecurity · 43d ago Telegram's Hidden Gatekeeper? OCCRP Probe Puts Spotlight on Shadowy Engineer Linked to App's Infrastructure cybersecurity · 43d ago GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered” cybersecurity · 43d ago Cyber security tool cybersecurity · 43d ago Ababil of Minab: An Iran-Linked Destruction and Exfiltration Campaign Targeting the U.S. and the Middle East For [Blue|Purple] Teams in Cyber Defence · 43d ago GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip For [Blue|Purple] Teams in Cyber Defence · 43d ago JOMANGY: INJ3CTOR3's Self-Healing FreePBX Toll Fraud Campaign For [Blue|Purple] Teams in Cyber Defence · 43d ago Saw this tool and it has potential cybersecurity · 43d ago 🚨 14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-26): Critical Worms, Parse Server DoS, and AI RCEs cybersecurity · 43d ago 7-Zip CVE-2026-48095: NTFS Heap Overflow Leads to Vtable Hijack For [Blue|Purple] Teams in Cyber Defence · 43d ago How I Tried to Parse a Replay from Dawn of War: Definitive Edition Reverse Engineering · 43d ago 7-Zip CVE-2026-48095: NTFS Heap Overflow Can Trigger Through Renamed Files cybersecurity · 43d ago Follow up : showing Claude install random pacakage in its vm instance without asking or prompting cybersecurity · 43d ago BTMOB: A stealthy RAT burrowing deep into Android devices WeLiveSecurity · 43d ago BTMOB: A stealthy RAT burrowing deep into Android devices WeLiveSecurity · 43d ago Update Starlette Now. New severe vulnerability dropped. Technical Information Security Content & Discussion · 43d ago Seeing alot of SSH honeypot attacks on "root:fjbdfdjkdsfs541544AA@@" For [Blue|Purple] Teams in Cyber Defence · 43d ago The practice of cyber-threat intelligence in organizations: A socio-technical case study of a mature financial organization For [Blue|Purple] Teams in Cyber Defence · 43d ago ¿Is safe? cybersecurity · 43d ago Need help cybersecurity · 43d ago What is the best tool for masking in kali cybersecurity · 43d ago What are the best tools other than ghostTracker? cybersecurity · 43d ago y2jb un able to enject payloads hacking: security in practice · 43d ago TrapDoor Cross-Ecosystem Crypto Stealer Campaign cybersecurity · 43d ago Follow up : Steal Your Files Claude AI installing package because internet say so cybersecurity · 43d ago New to Cybersecurity: Looking for general advice & help with Nmap cybersecurity · 43d ago GitHub - mrexodia/ida-pro-mcp: AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP. For [Blue|Purple] Teams in Cyber Defence · 43d ago Open sourcing our hardware red team RF toolkit: the Crimson Flipper Arsenal cybersecurity · 43d ago Dropping the Crimson Flipper Arsenal soon. 500+ vehicle signals. LoRa. Cellular. Vending. All validated. hacking: security in practice · 43d ago Looking for tech role references cybersecurity · 43d ago Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet Trend Micro Research, News, Perspectives · 43d ago How do you balance Paw? cybersecurity · 43d ago I'm a security professional who has dealt with ransomware. AMA about incident response and business continuity. cybersecurity · 43d ago The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire Malware Analysis & Reports · 43d ago The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire Technical Information Security Content & Discussion · 43d ago Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability For [Blue|Purple] Teams in Cyber Defence · 43d ago From Stuxnet to Handala: The reverse-engineering of a nation-state cyber weapon and its implications for ICS/SCADA security cybersecurity · 43d ago Ghost CMS flaw being actively exploited to compromise 700+ sites and serve malware to visitors through fake CAPTCHAs. Patch has been out since February cybersecurity · 43d ago What Companies are Legit? cybersecurity · 43d ago start learning cybersecurity from scratch cybersecurity · 43d ago Follow-up: measuring LLM-agent failures with replay evidence cybersecurity · 43d ago Follow-up: measuring LLM-agent failures with replay evidence cybersecurity · 43d ago WhatsApp users on alert after hacker drops massive dataset cybersecurity · 43d ago 17 years old going into CS — what certs should I start going after now? cybersecurity · 43d ago CVE-2026-20700: A controlled exploration of dyld's page-in linking and chained fixup machinery as a PAC signing oracle, in the context of CVE-2026-20700. For [Blue|Purple] Teams in Cyber Defence · 43d ago i want to hire an osint expert cybersecurity · 43d ago Open University pros/cons cybersecurity · 43d ago How important do you think browser/device fingerprinting has become for modern fraud detection compared to traditional bot detection? cybersecurity · 43d ago Career in IAM as a fresher cybersecurity · 43d ago Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo cybersecurity · 43d ago Need Advice cybersecurity · 43d ago Why did Hack Forums lose popularity? hacking: security in practice · 43d ago Nocturne - A bin2bin code virtualizer for x86-64 PE binaries Reverse Engineering · 43d ago Before going to college, what certifications should I get to prepare myself for cyber security as a person with no experience with cyber security at all? cybersecurity · 43d ago Someone from Germany on iOS keeps trying to login to my MSFT account cybersecurity · 43d ago AI cautionary tale... cybersecurity · 43d ago [Project Onyx] Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing Reverse Engineering · 43d ago AI powered red vs blue teaming cybersecurity · 44d ago Starting a security analyst student apprenticeship next week, need advice cybersecurity · 44d ago Why CVE Does Not Work for AI Agents, but AVE? cybersecurity · 44d ago SC-200 or Security+ — which actually helps land a security title cybersecurity · 44d ago How about AI having access to your hard drive. cybersecurity · 44d ago How a Date Tag Hijacks macOS via ExifTool cybersecurity · 44d ago Need ideas for final year cybersec project : “CodeSafe” MCP for AI coding tools cybersecurity · 44d ago Tracing CVE-2021-21735 through ZTE H168N QuickSetup whitelist and Lua wizard routing Reverse Engineering · 44d ago How credential brokering prevents AI agents from compromising credentials via prompt injection Technical Information Security Content & Discussion · 44d ago How credential brokering prevents AI agents from compromising credentials via prompt injection cybersecurity · 44d ago Built a tiny daily cyber puzzle game during evenings/weekends cybersecurity · 44d ago Crypto4A launches quantum-safe rival to AWS Secrets Manager cybersecurity · 44d ago CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth Technical Information Security Content & Discussion · 44d ago ZTE rated this router leak 3.5 Low. NVD rated it 6.5 Medium. The impact explains why. cybersecurity · 44d ago Cyber Sec project cybersecurity · 44d ago ZTE router “info leak” exposed PPPoE/Wi-Fi secrets that could lead to admin compromise hacking: security in practice · 44d ago CySA+ cybersecurity · 44d ago Anyone tried Morgancyberhelp ? cybersecurity · 44d ago As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free cybersecurity · 44d ago YouTube SMS Blaster Ad Displays Scam Messages That Impersonate Telcos For [Blue|Purple] Teams in Cyber Defence · 44d ago Why are most of the dfir tools built to be used in windows cybersecurity · 44d ago OnlyFans mega leak reveals 340M user records, hackers claim cybersecurity · 44d ago Perplexity BumbleBee cybersecurity · 44d ago Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks Krebs on Security · 44d ago Cisco patches critical 10.0 flaw in Secure Workload APIs cybersecurity · 44d ago Suspicious ass website asking to run a terminal command (MacOS) Malware Analysis & Reports · 44d ago Shellcide: A shellcode IDE hacking: security in practice · 44d ago Stalker has my phonenumber cybersecurity · 44d ago I Show How the Survival Mode of the Flash Game Gun Mayhem 2 More Mayhem is Built Reverse Engineering · 44d ago Need some guidance cybersecurity · 44d ago Are you currently allocating budget to services that remove executive PII from B2B data brokers? cybersecurity · 44d ago Threat Intel: ShinyHunters Leaks 9.4GB Database of 7-Eleven Franchisee Systems Post-Extortion Refusal Technical Information Security Content & Discussion · 44d ago About CEHv13 book cybersecurity · 44d ago delimiter-less string obfuscation powered by compile-time AES Reverse Engineering · 44d ago Open sourced the part of our SOC tool that can nuke your endpoints, so you can read it before trusting it For [Blue|Purple] Teams in Cyber Defence · 44d ago We open-sourced the most dangerous part of our security startup on purpose. cybersecurity · 44d ago Which conference(s) result in the most people finding jobs? cybersecurity · 44d ago My discord account has been hacked second time even after enabling two factor authentication and resetting password cybersecurity · 44d ago What's the most efficient way to learn cloud governance and compliance cybersecurity · 44d ago honeyslop: Code canaries to quickly triage hallucinated ('slop') vulnerability reports For [Blue|Purple] Teams in Cyber Defence · 44d ago Apex One and Vision One – Standard Endpoint Protection (SEP) May 2026 Security Bulletin - TrendAI has observed at least one instance of an attempt to actively exploit one of these vulnerabilities in the wild. For [Blue|Purple] Teams in Cyber Defence · 44d ago Putin appoints Rostec cybersecurity specialist linked to GRU hackers from Fancy Bear as aide to Sergei Shoigu in Russia’s Security Council For [Blue|Purple] Teams in Cyber Defence · 44d ago RemotePE: The Lazarus RAT that lives in memory For [Blue|Purple] Teams in Cyber Defence · 44d ago Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer For [Blue|Purple] Teams in Cyber Defence · 44d ago Paved With Intent: ROADtools and Nation-State Tactics in the Cloud For [Blue|Purple] Teams in Cyber Defence · 44d ago Twee mannen aangehouden voor phishing - Two men arrested for phishing For [Blue|Purple] Teams in Cyber Defence · 44d ago Sharp Eyes: Mass surveillance of foreigners in China For [Blue|Purple] Teams in Cyber Defence · 44d ago Does anyone know C2 framwork and free hosting to host C2? cybersecurity · 44d ago Finding bot account hacking: security in practice · 44d ago relay_bible: Technical Reference to multiple relay techniques For [Blue|Purple] Teams in Cyber Defence · 44d ago CIS-CAT Assessor for assessment Windows server 2022 and 2025 cybersecurity · 44d ago Fix: CVE-2025-33073 NTLM reflection not exploitable on pre-NT10.0 systems by azoxlpf · Pull Request #1245 · Pennyw0rth/NetExec For [Blue|Purple] Teams in Cyber Defence · 44d ago The Gold Mine Red Teamers Never Touch - "read the Windows source code. Both Windows XP and Server 2003." [to make their tools blend in] For [Blue|Purple] Teams in Cyber Defence · 44d ago SYLK 文件格式的武器化滥用 – Weaponization and abuse of the SYLK file format For [Blue|Purple] Teams in Cyber Defence · 44d ago North Korean cyber hackers and masterminds behind gambling sites... Sentenced to 5 years in prison in the first trial For [Blue|Purple] Teams in Cyber Defence · 44d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 44d ago Auditor wants a specific access report format and our IAM tool can't produce it, how do you handle this cybersecurity · 44d ago Installed BlueStacks, 3 hours later "new login on your google account" and its from the same city as me and a samsung s22 galaxy that i did not authorize, does this have any relation to bluestacks? cybersecurity · 44d ago Recent adoption of AI taught me what is Cybersecurity. cybersecurity · 44d ago The Pentagon Changed the Rules for Cybersecurity Compliance cybersecurity · 44d ago Can someone explain to a noob like me what the implications of this exploit are? cybersecurity · 44d ago SHub's "Reaper" Variant Seen Bypassing New macOS Terminal Protections cybersecurity · 44d ago Window between zero-day CVE and a patch! cybersecurity · 44d ago Is it risky when a website puts on technology components with versions they used in their website? cybersecurity · 44d ago Anyone else losing their mind over this "AI Cybersecurity" hype? cybersecurity · 44d ago URL parsing behavior in a canonical tag lab cybersecurity · 44d ago How to hacking: security in practice · 44d ago Would an open source CLI tool that audits GitHub repos for supply chain attacks be useful to you? cybersecurity · 44d ago Any tips for me pls cybersecurity · 44d ago How do you minimize legal liability as a solo contractor? cybersecurity · 44d ago How does your MSSP handle fine-tuning detection rules for false positives? (e.g. "Guest" policy hitting UDP/TCP scan alerts) — do you verify with the customer before suppressing? cybersecurity · 44d ago nmap on Linux: Guide to Network Scanning and Discovery Technical Information Security Content & Discussion · 44d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 44d ago Made a cyberpunk-style encryption tool in Python (novelty) during my guard shift. hacking: security in practice · 44d ago Provenance: A survival toolkit for an AI dominant information landscape cybersecurity · 44d ago Nmap Mastery: The Complete Guide to Network Reconnaissance hacking: security in practice · 44d ago Google wallet virtual card cloned hacking: security in practice · 44d ago [ Removed by Reddit ] cybersecurity · 44d ago Active Drupal SQLi exploitation is a real „patch now“ moment cybersecurity · 44d ago machscope — macOS XPC, Mach services, launchd, and trust relationship explorer (zero-dependency, terminal-native) cybersecurity · 44d ago Need suggestions and input; not a promotion cybersecurity · 44d ago Need advice! cybersecurity · 44d ago New Zealand is becoming a focal point for AI-driven superhacking threats. cybersecurity · 44d ago Staged publishing and new install-time controls for npm - GitHub Changelog For [Blue|Purple] Teams in Cyber Defence · 44d ago nmap on Linux: Guide to Network Scanning and Discovery cybersecurity · 44d ago TrapDoor supply-chain campaign hits npm, PyPI, and Crates.io with AI-assistant poisoning angle cybersecurity · 45d ago How would Phishing look like in the future? (targeting agents, not humans) cybersecurity · 45d ago Best beginner/intermediate book for system security (blue team / defense / audits)? cybersecurity · 45d ago Why is on-prem and air-gapped asset inventory still such a mess? cybersecurity · 45d ago keep getting MS authentication sign in attempts? cybersecurity · 45d ago Updated UAC-0057 toolkit: OYSTERFRESH, OYSTERSHUCK and OYSTERBLUES For [Blue|Purple] Teams in Cyber Defence · 45d ago Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud For [Blue|Purple] Teams in Cyber Defence · 45d ago Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow For [Blue|Purple] Teams in Cyber Defence · 45d ago The Future and Past of Residential Proxies For [Blue|Purple] Teams in Cyber Defence · 45d ago Tracking TamperedChef Clusters via Certificate and Code Reuse For [Blue|Purple] Teams in Cyber Defence · 45d ago Machine Overmatch: What Salt Typhoon Reveals About China’s Data-Centric Intelligence Strategy For [Blue|Purple] Teams in Cyber Defence · 45d ago Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware For [Blue|Purple] Teams in Cyber Defence · 45d ago A fraudulent scheme to obtain and use code signing certificates to deceive victims into downloading dangerous malware under the false belief that it is trusted software For [Blue|Purple] Teams in Cyber Defence · 45d ago Prompt Injection finally broke my brain a little. My first article as a security student. Technical Information Security Content & Discussion · 45d ago Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows For [Blue|Purple] Teams in Cyber Defence · 45d ago Suricata 8.0.5 and 7.0.16 released! - fixed various critical and high severity vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 45d ago Phantom Killer: Reverse Engineering and Weaponizing a Lenovo Driver to Terminate EDR Processes For [Blue|Purple] Teams in Cyber Defence · 45d ago mkPIVM: Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode. For [Blue|Purple] Teams in Cyber Defence · 45d ago keyhog: The fastest, most accurate secret scanner. 896 detectors, Hyperscan SIMD, GPU acceleration, 96% recall. Built in Rust. For [Blue|Purple] Teams in Cyber Defence · 45d ago np-audit: Static security analysis for npm packages. Detects obfuscated code, malicious patterns, and known vulnerabilities before installation. For [Blue|Purple] Teams in Cyber Defence · 45d ago Ledger: An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed and what still needs to be cleaned up. For [Blue|Purple] Teams in Cyber Defence · 45d ago OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++ For [Blue|Purple] Teams in Cyber Defence · 45d ago Megalodon: Mass GitHub Repo Backdooring via CI Workflows For [Blue|Purple] Teams in Cyber Defence · 45d ago Silly issue cybersecurity · 45d ago FatGid - FreeBSD 14.x kernel LPE For [Blue|Purple] Teams in Cyber Defence · 45d ago Manage [VSCode] extensions in enterprise environments For [Blue|Purple] Teams in Cyber Defence · 45d ago angr: A powerful and user-friendly binary analysis platform! For [Blue|Purple] Teams in Cyber Defence · 45d ago Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware For [Blue|Purple] Teams in Cyber Defence · 45d ago How Attackers Force Microsoft to Send Phishing Emails For [Blue|Purple] Teams in Cyber Defence · 45d ago Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects For [Blue|Purple] Teams in Cyber Defence · 45d ago Microsoft Authenticator App Details now exposed in Entra SignInLogs For [Blue|Purple] Teams in Cyber Defence · 45d ago Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting For [Blue|Purple] Teams in Cyber Defence · 45d ago How China-linked threat actors obtain zero-day vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 45d ago How to practice cybersecurity while studying prograaming ? cybersecurity · 45d ago Fast and Furious - Nimbus Manticore Operations During the Iranian Conflict - Check Point Research For [Blue|Purple] Teams in Cyber Defence · 45d ago How to Use Claude AI: A Complete Technical Beginner's Guide Technical Information Security Content & Discussion · 45d ago [AI Security] Exploring Behavioral AI for Runtime Threat Detection cybersecurity · 45d ago Podman and krun: is it pointless to harden quadlets? cybersecurity · 45d ago Monitoring for vssadmin.exe delete shadows is an absolute bare minimum For [Blue|Purple] Teams in Cyber Defence · 45d ago Infostealers Just Spawned a 5,000+ Repo GitHub Supply Chain Attack For [Blue|Purple] Teams in Cyber Defence · 45d ago How a consultant and a concert pianist from the Netherlands aided pro-Russian hackers For [Blue|Purple] Teams in Cyber Defence · 45d ago How to handle security researchers (and firms) without a bounty program? cybersecurity · 45d ago CVE-2026-48029: Two grid-decode bugs in libheif For [Blue|Purple] Teams in Cyber Defence · 45d ago GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++ Reverse Engineering · 45d ago workcell: Bounded local runtime and policy boundary for coding agents For [Blue|Purple] Teams in Cyber Defence · 45d ago OpenShell: OpenShell is the safe, private runtime for autonomous AI agents. For [Blue|Purple] Teams in Cyber Defence · 45d ago Product analytics is becoming a third-party breach surface cybersecurity · 45d ago How can i learn and get into red teaming? cybersecurity · 45d ago Governments increasingly assume they’ll use offensive cyber tools as part of state power | Federal News Network cybersecurity · 45d ago I got hacked cybersecurity · 45d ago What are the ways of cracking wpa2/wpa3 without the usual dictionary/wordlist.txt method? hacking: security in practice · 45d ago Soc analysts in big companies, how it looks like? cybersecurity · 45d ago Has anyone manage to reverse the macked dylib? Reverse Engineering · 45d ago CTO at NCSC Summary: week ending May 24th cybersecurity · 45d ago Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automation For [Blue|Purple] Teams in Cyber Defence · 45d ago Built a SOC from scratch with no prior SOC experience For [Blue|Purple] Teams in Cyber Defence · 45d ago These special phone and app features can help protect you from spyware cybersecurity · 45d ago Is there a tool that lets you automatically rotate all your ssh keys and k8s creds and whatever else with a click of a button? cybersecurity · 45d ago Capcha Code Malware cybersecurity · 45d ago getting lost when hunting cybersecurity · 45d ago How to find information behind an account? cybersecurity · 45d ago Reverse engineering circuitry in a Spacelab computer from 1980 Reverse Engineering · 45d ago Theoretical Design Concept for Post-Exploitation Browser Defense cybersecurity · 45d ago Google Certifications... cybersecurity · 45d ago How to continue when finding a possible Vulnerability but local law prohibits me from investigating further cybersecurity · 45d ago Netherlands seizes 800 servers of hosting firm enabling cyberattacks cybersecurity · 45d ago Is the CISSP still a reputable cert for getting jobs? cybersecurity · 45d ago Which of these gоv roles would fare better in the private sector? cybersecurity · 45d ago Laravel Lang packages hijacked to deploy credential-stealing malware cybersecurity · 45d ago Mapping binaries to EDR feature spaces cybersecurity · 45d ago Lost my number + WhatsApp account — worried about old chats, photos, and videos cybersecurity · 45d ago Proxmark5 campaign unlocked the $600k stretch goal hacking: security in practice · 45d ago ☔️🌅 STÖK · 45d ago what is the most painful or time-consuming part of your work right now?" cybersecurity · 45d ago Anthropic says Mythos has already found more than 10,000 vulnerabilities cybersecurity · 45d ago What is the experience needed for “entry level” cybersecurity jobs? cybersecurity · 45d ago Browser extension testing. cybersecurity · 45d ago GitHub - vigolium/vigolium: Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed, modularity, and precision hacking: security in practice · 45d ago Interviewer ask me if you observe port scanning from internal ip , the scanning ip is not authorised for scanning. How will you investigate it and how will you find attackers ip? cybersecurity · 45d ago Open-source reverse engineering of PerimeterX (HUMAN Security) Web SDK — pure-algo cookie generators, dual-site live HTTP 200, 10-chapter methodology Reverse Engineering · 45d ago Have you ever had your face or voice misused by AI? I’m building a free reporting tool and need feedback cybersecurity · 45d ago Prompt Injection finally broke my brain a little. My first article as a cybersecurity student, cat approved edition cybersecurity · 46d ago Can someone recommend me some good, large universities to study cybersecurity? cybersecurity · 46d ago New guy khikhi cybersecurity · 46d ago Examples of intentional backdoors being breached? cybersecurity · 46d ago Non-Compliant Vocab cybersecurity · 46d ago CTO at NCSC Summary: week ending May 24th For [Blue|Purple] Teams in Cyber Defence · 46d ago HackTheBox - MonitorsFour IppSec · 46d ago VPN Exploitation When Patched Doesn't Mean Protected For [Blue|Purple] Teams in Cyber Defence · 46d ago Cybercriminal VPN used by ransomware actors dismantled in global crackdown – VPN service featured in almost every major Europol-supported cybercrime investigation For [Blue|Purple] Teams in Cyber Defence · 46d ago Drupal Core SQL injection flaw actively exploited less than 48 hours after patch. 15,000 attack attempts already recorded across 6,000 sites cybersecurity · 46d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure For [Blue|Purple] Teams in Cyber Defence · 46d ago CLR-Stomp: .NET CLR-Stomping For [Blue|Purple] Teams in Cyber Defence · 46d ago infostealers just spawned a 5,000+ repo github supply chain attack cybersecurity · 46d ago The latest Megalodon campaign against GitHub leveraged a spray of fake PRs targeting CI workflows. Here's the complete analysis cybersecurity · 46d ago Doom running on a Kids Video Walkie Talkie hacking: security in practice · 46d ago GRO frag cybersecurity · 46d ago We audited 12K n8n templates: most have critical vulnerabilities cybersecurity · 46d ago Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm. cybersecurity · 46d ago Taking the PSAA - Practical SOC Analyst Associate by TCM Security next week cybersecurity · 46d ago Mitigated Vulnerabilities by Vendor as Feed cybersecurity · 46d ago From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence For [Blue|Purple] Teams in Cyber Defence · 46d ago Introducing Showboat: A new malware family taunts defenses and targets international telecom firms For [Blue|Purple] Teams in Cyber Defence · 46d ago Open Directory, Open Season: Inside Red Lamassu’s JFMBackdoor For [Blue|Purple] Teams in Cyber Defence · 46d ago Kash Patel-Linked Merchandise Site Goes Dark After Hack Allegedly Spread Malware to Visitors cybersecurity · 46d ago A new GitHub attack dubbed Megalodon compromised more than 5.5K repositories cybersecurity · 46d ago Where can I find the tools freely on internet to practice for soc analyst cybersecurity · 46d ago Query builder for Google Dorks, Shodan, Crt.sh and Wayback CDX. hacking: security in practice · 46d ago Pardon MIE?: how Mythos did not bypass Apple MIE Technical Information Security Content & Discussion · 46d ago residential proxies cybersecurity · 46d ago Recommendations for getting started in cybersecurity cybersecurity · 46d ago Linux mint or Ubuntu for complete beginner cybersecurity · 46d ago Indirect prompt injection is jokingly trivial. AI is social engineering a toddler with the knowledge of the world. cybersecurity · 46d ago Pentesting company recommendation cybersecurity · 46d ago Have you ever failed a certification exam? cybersecurity · 46d ago AI Chatbot Security Research – Prompt Injection Behavior in Financial Context (Seeking Responsible Disclosure Guidance cybersecurity · 46d ago This ID Verification company store users biometrics? (FaceTec) hacking: security in practice · 46d ago What do i need to learn to get into application security? Which Degrees/Certs cybersecurity · 46d ago RSAC online membership? Is it worth it? cybersecurity · 46d ago Playwright version that lets AI-Agents navigate the web hacking: security in practice · 46d ago Can someone give me a detailed roadmap for becoming a SOC Analyst? cybersecurity · 46d ago Puedo conseguir trabajo? cybersecurity · 46d ago How do i learn networking for cyber security? cybersecurity · 46d ago What's going to be Hacking and Cybersecurity's future is gonna be like? cybersecurity · 46d ago Cyber security placement - Interview Help cybersecurity · 46d ago CVE-2026-9256 - "nginx-poolslip", another new vulnerability in the rewrite module Technical Information Security Content & Discussion · 46d ago Anonymous revendique le piratage de satellites chinois pour protester contre les lois sur la vérification de l'âge cybersecurity · 46d ago AI security CTF from a CNCF project - useful for understanding LLM/agent attack patterns from the defense side (June 17-22) For [Blue|Purple] Teams in Cyber Defence · 46d ago CTF with AI/LLM reverse engineering angles - intercepting streamed responses, replaying tokens, finding hidden endpoints (June 17-22) Reverse Engineering · 46d ago AI Security CTF (free, open) - prompt injection, agent workflow hijacking, guardrail bypass - June 17-22 Technical Information Security Content & Discussion · 46d ago Feedback needed cybersecurity · 46d ago GitHub - perplexityai/bumblebee: Read-only inventory collector for package, extension, and developer-tool metadata on macOS and Linux developer endpoints, built for fast supply-chain exposure checks. For [Blue|Purple] Teams in Cyber Defence · 46d ago Handoff Transition cybersecurity · 46d ago Where to learn the ins and outs of the computer itself hacking: security in practice · 46d ago Just added an interactive security map to my project NoEyes showing exactly what the server sees (and doesn't) Technical Information Security Content & Discussion · 46d ago Just added an interactive security map showing exactly what the server sees (and doesn't) cybersecurity · 46d ago Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns For [Blue|Purple] Teams in Cyber Defence · 46d ago Trend Micro warns of Apex One zero-day exploited in the wild cybersecurity · 47d ago Lawmakers Demand Answers as CISA Tries to Contain Data Leak cybersecurity · 47d ago Tired of searching different websites, blogs, Reddit posts, and docs just to learn KQL? For [Blue|Purple] Teams in Cyber Defence · 47d ago Lawmakers Demand Answers as CISA Tries to Contain Data Leak Krebs on Security · 47d ago https://www.reuters.com/business/finance/morgan-stanley-asks-bankers-carry-separate-phone-china-trips-source-says-2026-05-20/ cybersecurity · 47d ago Harvard and 140 other legitimate websites compromised Malware Analysis & Reports · 47d ago Harvard and 140 other legitimate websites compromised cybersecurity · 47d ago Votre Satisfaction Dans Votre Travail cybersecurity · 47d ago Soft Skills for the Job Market: Communication The Cyber Mentor · 47d ago 5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit. cybersecurity · 47d ago Browser session theft is quietly becoming more dangerous than password theft Malware Analysis & Reports · 47d ago US states urge Congress to renew cybersecurity grants cybersecurity · 47d ago Restoring Testability: Handling Complex Scenarios in Burp Suite with a Custom Extension Technical Information Security Content & Discussion · 47d ago Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours Malware Analysis & Reports · 47d ago Rebuilding Zyxel’s super-admin password flow in HTML from firmware/runtime notes Reverse Engineering · 47d ago The CISO's Guide to IDE Security in 2026 cybersecurity · 47d ago Help with evilginx cybersecurity · 47d ago Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks Proofpoint News Feed · 47d ago Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets Technical Information Security Content & Discussion · 47d ago Watching AI Brain Drain on Attackers in Real Time cybersecurity · 47d ago Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm. cybersecurity · 47d ago api-rta cyberwarfare labs cybersecurity · 47d ago Zyxel super-admin password leak across CPE/ONT/LTE routers + rebuilt password generator hacking: security in practice · 47d ago I got tired of guessing which LOLBAS binaries exist on a host at my privilege level, so I wrote a small Go scanner For [Blue|Purple] Teams in Cyber Defence · 47d ago The Worm That Deletes Your Entire Computer | Threat Wire Hak5 · 47d ago Does Security Implement Fixes? cybersecurity · 47d ago Ultimate Cybersecurity without needing AV ect? cybersecurity · 47d ago Hack your corrupt company. Sell their secrets to the black market hacking: security in practice · 47d ago User Onboarding with IAM cybersecurity · 47d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 47d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 47d ago Data breach in name of protest Technical Information Security Content & Discussion · 47d ago qslcl.bin v0.6.8: minor fixes to improve size stability to avoid useless zero fill in EOF (Actually i trim it from 128 kb to 80 kb) Reverse Engineering · 47d ago pnpm 11 Might Finally Be a Better Default Than npm Technical Information Security Content & Discussion · 47d ago pnpm 11 Might Finally Be a Better Default Than npm cybersecurity · 47d ago 14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-22): Critical Worms, Credential Harvesting, and RCEs cybersecurity · 47d ago Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria cybersecurity · 47d ago AI-generated reporting: Lessons learned from Cisco Talos Incident Response For [Blue|Purple] Teams in Cyber Defence · 47d ago CrabLoader: A PoC Cobalt Strike UDRL written in Rust For [Blue|Purple] Teams in Cyber Defence · 47d ago The 429 Microsoft Graph Mystery For [Blue|Purple] Teams in Cyber Defence · 47d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security For [Blue|Purple] Teams in Cyber Defence · 47d ago Azure Tenant Enumeration is Dead For [Blue|Purple] Teams in Cyber Defence · 47d ago A Deep Dive into Codex Windows Sandbox For [Blue|Purple] Teams in Cyber Defence · 47d ago Striga: Lifting x86 to LLVM IR with Python For [Blue|Purple] Teams in Cyber Defence · 47d ago Millions of NGINX Servers Face Fresh Zero-Day Concerns After Recent Rift Patch dubbed "nginx-poolslip" cybersecurity · 47d ago Looking for a cybersecurity professional to interview for a university project (interview in French) cybersecurity · 47d ago Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise WeLiveSecurity · 47d ago Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise WeLiveSecurity · 47d ago veilgate: Asymmetric defense against AI red-team agents. VeilGate scores every request, diverts likely agents into a per-IP-coherent fake application, and measures the cost it imposes on the attacker. For [Blue|Purple] Teams in Cyber Defence · 47d ago Windows BitLocker Security Feature Bypass Vulnerability For [Blue|Purple] Teams in Cyber Defence · 47d ago CVE-2026-28910: Breaking macOS App Sandbox Data Containers, TCC, and Hijacking Apps Using Archive Utility For [Blue|Purple] Teams in Cyber Defence · 47d ago Google API keys keep working after you delete them long enough to be exploited For [Blue|Purple] Teams in Cyber Defence · 47d ago Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both? For [Blue|Purple] Teams in Cyber Defence · 47d ago North Korean-Linked Threat Actor Targets Developers with New npm Infostealer RAT For [Blue|Purple] Teams in Cyber Defence · 47d ago Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit For [Blue|Purple] Teams in Cyber Defence · 47d ago Safe read-only check script for Copy Fail / CVE-2026-31431 cybersecurity · 47d ago New to GRC at an MSSP startup. Want to build a local AI on an RTX 3050 to automate documentation without leaking data. Possible? cybersecurity · 47d ago Quick heads-up if you're writing KQL for LSASS dumping (stop filtering on process names) For [Blue|Purple] Teams in Cyber Defence · 47d ago [TOOL] CLR-Stomp – BOF-Based .NET CLR Stomping for Stealthy inlineExecuteAssembly cybersecurity · 47d ago Cisco used AI to write security incident reports, with mixed results cybersecurity · 47d ago [TOOL] QSLCL v2.1.4 - Universal Silicon Communication Layer (DFU/EDL/BROM) cybersecurity · 47d ago Reverse Engineered Google reCAPTCHA Reverse Engineering · 47d ago Cyber Insurance Actuary Looking for Educational Resources cybersecurity · 47d ago As a bank , how do i give protected access to claude to my team? cybersecurity · 47d ago Can seasonal Apple Store employees apply for internal IT/cybersecurity roles? cybersecurity · 47d ago Reliable IP reputation check tools besides IPQS?(for work) cybersecurity · 47d ago 🜂 Codex Minsoo — Scroll Ξ-6.1 "Inducing Long-Term Goal Coherence Across Stateless Instances": How to create continuity in a system designed to forget hacking: security in practice · 47d ago Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility (5/2026) cybersecurity · 47d ago Time to Switch: How to Set Up Passkeys Before Microsoft Ditches SMS 2FA Logins cybersecurity · 47d ago Hacked by Rat Tools for 2.5 years. cybersecurity · 47d ago Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware Trend Micro Research, News, Perspectives · 47d ago A TL;DR on Dirty Frag #cybersecurity #threatwire @endingwithali Hak5 · 47d ago Google’s Silent AI Install: What They’re Hiding in Your Files #cybersecurity @endi Hak5 · 47d ago Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada CyberScoop · 47d ago Google API Keys Remain Active After Deletion cybersecurity · 47d ago Alert Number: I-052126-PSA | 21 May 2026 Kali365 Phishing-as-a-Service Kit Hijacks Microsoft 365 Access Tokens For [Blue|Purple] Teams in Cyber Defence · 47d ago how do cyber sec consultants and pentesters actually get new clients? cybersecurity · 47d ago Post Incident Paranoia? cybersecurity · 47d ago Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector cybersecurity · 47d ago Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada Krebs on Security · 47d ago Upcoming CS Student: What OS approach is best to balance university coding and learning cybersecurity? cybersecurity · 47d ago Sensing ‘renewed outbreak’ of war, Iran hackers vow ‘dozens’ of ‘devastating’ infrastructure attacks ready cybersecurity · 47d ago You can counter MEMZ with Krotten in XP cybersecurity · 47d ago What are the most effective ways to do Blackbox testing? cybersecurity · 47d ago Npm registry sets stage for more secure package publishing cybersecurity · 47d ago Need a Wi-Fi Adapter for Better Range + Wi-Fi Pentesting Support cybersecurity · 47d ago Megalodon: CI/CD Malware Spreading Across GitHub Repositories For [Blue|Purple] Teams in Cyber Defence · 47d ago Lawmakers from both parties say CISA cuts have gone too far CyberScoop · 47d ago durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP | same Mini Shai-Hulud payload as last week's TanStack wave Technical Information Security Content & Discussion · 47d ago Basira - open source AI code reviewer with OWASP audit, 0 CVEs, BYOK cybersecurity · 47d ago Is the Cybercorps SFS still worth it? cybersecurity · 47d ago Microsoft warns hackers are exploiting password resets to gain access to user accounts cybersecurity · 47d ago Unpopular opinion: the GitHub breach is 100% predictable and the security industry deserves the blame cybersecurity · 47d ago How TeamPCP's Python Toolkit Survives a C2 Takedown: FIRESCALE, GitHub, and the Victim's Own Account Malware Analysis & Reports · 47d ago WORM USB drives cybersecurity · 47d ago An OWASP-aligned launch gate for AI agents — Would you please share critique on the threat model? cybersecurity · 47d ago Trump postpones executive order focused on AI security CyberScoop · 47d ago CISOs - Holding the Line cybersecurity · 47d ago [Analysis] CISA contractor left AWS GovCloud admin keys, plaintext passwords, SAML certs, and Kubernetes configs on a public GitHub repo for 183 days — with secret scanning deliberately disabled Technical Information Security Content & Discussion · 47d ago Post-Quantum Cryptographic Algorithm Examined in Developmental Ransomware Reverse Engineering · 47d ago A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale cybersecurity · 47d ago Security Scroll Down? cybersecurity · 47d ago mass github repo backdooring via CI workflows(Megalodon) cybersecurity · 47d ago I got so sick of Android taking forever to calculate folder sizes, I built a custom C++/Rust storage visualizer to bypass MTP Reverse Engineering · 47d ago 📡 One telecom carrier accounts for 72% of all Middle East-hosted C2 activity. For [Blue|Purple] Teams in Cyber Defence · 47d ago CISA chief frets about open-source vulnerabilities, delayed security improvements CyberScoop · 48d ago Threat Modeling Autonomous Dev Agents: How do we cryptographically prove a human actually reviewed a commit? cybersecurity · 48d ago Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks For [Blue|Purple] Teams in Cyber Defence · 48d ago Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude Proofpoint News Feed · 48d ago GitHub Actions Cache Poisoning is eating open source Technical Information Security Content & Discussion · 48d ago European authorities take down prolific cybercrime VPN service CyberScoop · 48d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox Reverse Engineering · 48d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox For [Blue|Purple] Teams in Cyber Defence · 48d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox cybersecurity · 48d ago CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox Technical Information Security Content & Discussion · 48d ago CVE-2026-34474: Pre-auth credential disclosure in ZTE H298A / H108N via ETHCheat Technical Information Security Content & Discussion · 48d ago beacon-hunter: open source detector for phi-structured C2 beacons that evade RITA For [Blue|Purple] Teams in Cyber Defence · 48d ago FatGid - FreeBSD 14.x kernel LPE Technical Information Security Content & Discussion · 48d ago DNS blocked by Cisco Umbrella, but symantec EDR & Event Viewer are completely blind cybersecurity · 48d ago FaceTec (ID verification) company appears to store user biometrics cybersecurity · 48d ago Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082) Technical Information Security Content & Discussion · 48d ago CVE-2026-34474: ZTE H298A / H108N routers expose credentials before authentication cybersecurity · 48d ago CVE-2026-34474: ZTE H298A / H108N credential exposure through ETHCheat hacking: security in practice · 48d ago It seems that FaceTec (ID Verification company) allows for storage of user biometrics cybersecurity · 48d ago Two Microsoft Defender vulnerabilities actively exploited. One grants full SYSTEM access. CISA has a June 3 federal deadline. Here is what to check. cybersecurity · 48d ago Can I block outbound connections to Google cloud on my host firewall? What port? What IP range? Any advice. Trying to prevent Google spying and collecting data cybersecurity · 48d ago This ID verification company allows for storage of biometric data? hacking: security in practice · 48d ago What Questions Do You Ask During SSP Control Interviews? cybersecurity · 48d ago Feed The Cat BackDoor cybersecurity · 48d ago Flipper One - Asking for help from the community cybersecurity · 48d ago Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading For [Blue|Purple] Teams in Cyber Defence · 48d ago Tracking TamperedChef Clusters via Certificate and Code Reuse For [Blue|Purple] Teams in Cyber Defence · 48d ago Living off the Land with VS Code: Inside a Sophisticated Phishing Campaign For [Blue|Purple] Teams in Cyber Defence · 48d ago Flipper One — tech specs cybersecurity · 48d ago Architecture Zero Trust détaillée cybersecurity · 48d ago I made a 909.49 ZiB file (1,073,736,273,126,278.38 GB, in other words: about 1.2 quadrillion GB) file. I was bored :) hacking: security in practice · 48d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 48d ago ABB Terra AC Wallbox All CISA Advisories · 48d ago Hitachi Energy GMS600 All CISA Advisories · 48d ago ABB B&R Automation Studio All CISA Advisories · 48d ago ABB B&R Automation Runtime All CISA Advisories · 48d ago ABB B&R PCs All CISA Advisories · 48d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 48d ago Cybersecurity in Healthcare cybersecurity · 48d ago Staged publishing for npm packages | npm Docs cybersecurity · 48d ago 9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros (Yes there is another one, only a CVS 5.5 though this time, still looks pretty bad though) cybersecurity · 48d ago Neither MFA, Passkey, nor trusted IP help here cybersecurity · 48d ago cyber security remote cybersecurity · 48d ago Database of Malicious Browser Extensions Malware Analysis & Reports · 48d ago SeekYou — one input, 15 recon sources, one report. hacking: security in practice · 48d ago I built 99 adversarial PE fixtures to stress‑test parsers — here’s what they reveal about malformed binaries Reverse Engineering · 48d ago CSIRT incident response cybersecurity · 48d ago The readiness paradox: Why a false sense of cyber confidence is becoming a liability CyberScoop · 48d ago Trying to find a graduate role cybersecurity · 48d ago bypass internet restrictions hacking: security in practice · 48d ago GitHub ~3,800 internal repos compromised through a malicious VS Code extension Technical Information Security Content & Discussion · 48d ago I’ve got 99 problems, and IOCX isn’t one. Malware Analysis & Reports · 48d ago Microsoft warns of new Defender zero-days exploited in attacks cybersecurity · 48d ago From Y2K to Patch Tuesday 2025: 25 Years of Bugs in the Windows 2000 Source Tree For [Blue|Purple] Teams in Cyber Defence · 48d ago How a single image takes control of a Mac understanding an ExifTool vulnerability (CVE-2026-3102) For [Blue|Purple] Teams in Cyber Defence · 48d ago Iran-linked Operators Suspected in ATG Breaches For [Blue|Purple] Teams in Cyber Defence · 48d ago Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident | Grafana Labs For [Blue|Purple] Teams in Cyber Defence · 48d ago Compromised Nx Console version 18.95.0 For [Blue|Purple] Teams in Cyber Defence · 48d ago CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path For [Blue|Purple] Teams in Cyber Defence · 48d ago From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat For [Blue|Purple] Teams in Cyber Defence · 48d ago Webworm: New burrowing techniques For [Blue|Purple] Teams in Cyber Defence · 48d ago New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205) For [Blue|Purple] Teams in Cyber Defence · 48d ago what is the best security app option for pixel8a? cybersecurity · 48d ago How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102) cybersecurity · 48d ago IoT Security cybersecurity · 48d ago GitHub links repo breach to TanStack npm supply-chain attack cybersecurity · 48d ago Another working Linux LPE exploit is out. How are teams treating local-only bugs now? cybersecurity · 48d ago Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks cybersecurity · 48d ago The IBM X-Force Index 2026 explains all three in one finding. Technical Information Security Content & Discussion · 48d ago Google publishes exploit code threatening millions of Chromium users cybersecurity · 48d ago landing a remote Vulnerability Management role cybersecurity · 48d ago Three low-hanging vulns in a Rails SaaS: unauthenticated S3 uploads, rate-limit bypass via proxy pool, and OAuth route leaking internals. Full authorized case. cybersecurity · 48d ago I feel like the past month has been more optimistic than in the past with AI taking jobs. Has the market been the same for those hunting? cybersecurity · 48d ago Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit cybersecurity · 48d ago Can someone unlock a list of the 500-1000 most visited websites online? hacking: security in practice · 48d ago The Vulnerability Flood Is Now a Board Conversation. Here's How to Lead It. Recorded Future · 48d ago Operation Dragon Whistle: UNG0002 Targets Chinese Academia via Weaponized Institutional Lure For [Blue|Purple] Teams in Cyber Defence · 48d ago Adaptive Fingerprinting: HTTP-Basma's Multi-Stage Probing for Granular Server Differentiation For [Blue|Purple] Teams in Cyber Defence · 48d ago Wordlist generator based on WordNet graphs + LLM hacking: security in practice · 48d ago What volume of TPRM do you handle per month? cybersecurity · 48d ago GitHub’s Fake Engagement Problem Is Hiding in Plain Sight For [Blue|Purple] Teams in Cyber Defence · 48d ago Statecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR) For [Blue|Purple] Teams in Cyber Defence · 48d ago GeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam) Reverse Engineering · 48d ago safest virtual machine? cybersecurity · 48d ago Second Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltration cybersecurity · 48d ago Meet Rampart and Clarity, Microsoft’s new red team combo AI agents CyberScoop · 48d ago wordpress memberpress hacking: security in practice · 48d ago Cybercrime service disrupted for abusing Microsoft platform to sign malware cybersecurity · 48d ago Zer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triage For [Blue|Purple] Teams in Cyber Defence · 48d ago GitHub notifications cybersecurity · 48d ago The Open Source USB Drive Built for Privacy hacking: security in practice · 48d ago Is there no more privacy left in the world? cybersecurity · 48d ago AI Agents defeat obfuscated JavaScript in 10 minutes Reverse Engineering · 48d ago Microsoft Edge had a password blunder, and it raises a bigger browser trust problem cybersecurity · 48d ago Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network cybersecurity · 48d ago Aconselhamento / mini texto cybersecurity · 48d ago CISA with an absolutely embarrassing data leak. cybersecurity · 48d ago Microsoft is pulling the plug on SMS codes, wants you to switch to passkeys cybersecurity · 48d ago Anyone else feeling like static AppSec workflows are starting to hit limits? cybersecurity · 49d ago Is someone trying to hack me? hacking: security in practice · 49d ago What is it Wednesdays: Episode 0002 Reverse Engineering · 49d ago GitHub breach highlights developer tools as part of attack surface cybersecurity · 49d ago Why do some malware use unique user-agent strings? cybersecurity · 49d ago Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability Cisco Security Advisory · 49d ago Cisco Secure Workload Unauthorized API Access Vulnerability Cisco Security Advisory · 49d ago Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability Cisco Security Advisory · 49d ago Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability Cisco Security Advisory · 49d ago Encrypted emails bypassing email security tool cybersecurity · 49d ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era For [Blue|Purple] Teams in Cyber Defence · 49d ago GitHub says internal repositories were impacted in poisoned VS Code extension attack CyberScoop · 49d ago Ctf groups cybersecurity · 49d ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era cybersecurity · 49d ago Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era Technical Information Security Content & Discussion · 49d ago cpu backdoor hacking: security in practice · 49d ago CVE-2026-45585: Windows BitLocker — YellowKey Recovery Bypass Analysis Technical Information Security Content & Discussion · 49d ago [ Removed by Reddit ] Technical Information Security Content & Discussion · 49d ago Opensource that automatically scans your git repos for breaches cybersecurity · 49d ago 5 credential access detection rules beyond LSASS — KQL + Sigma, production-ready For [Blue|Purple] Teams in Cyber Defence · 49d ago TinyLoad v5 - encrypted strings, obfuscated opmap, IAT wiping, payload depends on stub (implemented feedback from last post) Reverse Engineering · 49d ago Tracing CVE-2026-34472 auth bypass through decompiled ZTE H188A firmware and Lua wizard routing Reverse Engineering · 49d ago CVE-2026-34472: Pre-auth credential exposure and auth bypass in ZTE H188A V6 routers Technical Information Security Content & Discussion · 49d ago Iran Wants to Tax the Internet Flowing Through the Strait of Hormuz While Restricting Its Own Citizens Online Technical Information Security Content & Discussion · 49d ago CVE-2026-34472: According to ZTE, an unauthenticated auth bypass is just a 'customer-specific low-risk requirement.' MITRE disagreed. cybersecurity · 49d ago Your developers are deploying agents in your production environment right now. You have no governance for it. cybersecurity · 49d ago Technical analysis of CVE-2026-34472 in ZTE H188A router firmware hacking: security in practice · 49d ago ¿Como me preparo para EC-Council CSA? cybersecurity · 49d ago The IBM X-Force Index 2026 explains all three in one finding. cybersecurity · 49d ago The IBM X-Force Index 2026 explains all three in one finding. Technical Information Security Content & Discussion · 49d ago Securing iPad's question cybersecurity · 49d ago Cybersecurity 101 cybersecurity · 49d ago What would this job role be? cybersecurity · 49d ago MSPs & MSSPs suck cybersecurity · 49d ago CISA Adds Seven Known Exploited Vulnerabilities to Catalog Alerts · 49d ago CISA Adds Seven Known Exploited Vulnerabilities to Catalog All CISA Advisories · 49d ago [ Removed by Reddit ] cybersecurity · 49d ago GitHub hit by a compromised VSCode extension Technical Information Security Content & Discussion · 49d ago Crossroads cybersecurity · 49d ago Advice regarding "SOC" job that automates everything cybersecurity · 49d ago Is this Medium article about "NetMirror" malware legit? cybersecurity · 49d ago AI silently removed human-in-the-loop security checks during a large refactor. Is this a known phenomenon? cybersecurity · 49d ago Developer tooling is part of the attack surface before a project is even run cybersecurity · 49d ago How to build .NET obfuscator Reverse Engineering · 49d ago botguard-token-generator / a google botguard token gen using only requests...? Reverse Engineering · 49d ago Remote Process Read Primitive via NtCreateThreadEx Exit Code For [Blue|Purple] Teams in Cyber Defence · 49d ago GUEST ESSAY: AI can speed up communication, but it can also weaken human connection The Last Watchdog · 49d ago How the hell do you manage developers, their code, their apps? cybersecurity · 49d ago Hackers Spent Nearly 3 Months Inside the New York City Health System Before Anyone Noticed cybersecurity · 49d ago aimap: Discover Exposed AI Services For [Blue|Purple] Teams in Cyber Defence · 49d ago FalkorDB: A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation. For [Blue|Purple] Teams in Cyber Defence · 49d ago Ongoing development hacking: security in practice · 49d ago Webworm: New burrowing techniques WeLiveSecurity · 49d ago Webworm: New burrowing techniques WeLiveSecurity · 49d ago Why China Is Now a Peer Competitor to the United States in Cyberspace For [Blue|Purple] Teams in Cyber Defence · 49d ago When Filenames Become Attack Surfaces: Weaponizing NASA's CFITSIO Extended Filename Syntax Technical Information Security Content & Discussion · 49d ago Do people still rely on antivirus software in 2026, or is built-in security enough now? cybersecurity · 49d ago For cybersecurity folks working remotely, do you end up working the entire shift, or do you get time to relax and take breaks? hacking: security in practice · 49d ago GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories cybersecurity · 49d ago Automatic CLI for spinning up vulnerable labs + objectives cybersecurity · 49d ago Hackers found a way around Intel CET—PLaTypus locks down library jumps hacking: security in practice · 49d ago ISO/IEC 27701 scenario question cybersecurity · 49d ago Discord rolls out end-to-end encryption on voice, video calls cybersecurity · 49d ago nginx-rift-private-lab: Private Nginx Rift ASLR lab, exploit chain, and demo recordings For [Blue|Purple] Teams in Cyber Defence · 49d ago GitHub investigates internal repositories breach claimed by TeamPCP cybersecurity · 49d ago Built a Linux persistence hunting & artifact collection tool in Bash - persisthunt For [Blue|Purple] Teams in Cyber Defence · 49d ago We are investigating unauthorized access to GitHub’s internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. For [Blue|Purple] Teams in Cyber Defence · 49d ago Two AI-based science assistants succeed with drug-retargeting tasks cybersecurity · 49d ago GitHub investigates internal repositories breach claimed by TeamPCP hacking: security in practice · 49d ago Extended Cyber Kill Chain for AI-Era Threats: a defender-side framework mapping LLM and agentic attacks to kill-chain stages (MITRE ATLAS + OWASP LLM Top 10 mappings) For [Blue|Purple] Teams in Cyber Defence · 49d ago America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames cybersecurity · 49d ago An AI coding assistant installed malware into production environments. Nobody typed the command. AMA on what "supply chain attack" means now. cybersecurity · 49d ago We audited 12K n8n templates: most have critical vulnerabilities Technical Information Security Content & Discussion · 49d ago Veilgate - Deception proxy Technical Information Security Content & Discussion · 49d ago Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild For [Blue|Purple] Teams in Cyber Defence · 49d ago New to cybersecurity cybersecurity · 49d ago Anyone interview or work with Moxfive? cybersecurity · 49d ago A stealth Firefox version that passes all anti-bot and CAPTCHA cybersecurity · 49d ago mkPIVM - a polymorphic position-independent shellcode virtualizer cybersecurity · 49d ago Started in IT and need a Cybersecurity Roadmap with my Useless Degree! cybersecurity · 49d ago GitHub announces internal data breached. cybersecurity · 49d ago Roadmap to Cybersecurity roles cybersecurity · 49d ago Hackers: What age did you start? Where did you start, especially in practicing your skills? hacking: security in practice · 49d ago CISA credential leak raises alarms, and Capitol Hill demands answers CyberScoop · 49d ago Malware installed without literally doing anything? cybersecurity · 49d ago CTFs cybersecurity · 49d ago Can't access anything Malware Analysis & Reports · 49d ago How to watch a private video on Youtube? hacking: security in practice · 49d ago Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches CyberScoop · 49d ago Sleeping Agent: Silent persistent C2 through Web Push Technical Information Security Content & Discussion · 49d ago Crossroads cybersecurity · 49d ago Canara Bank SuRaksha Cyber Hackathon 2.0, cybersecurity · 49d ago Eight Leading U.S. Communications Firms Form C2 ISAC For [Blue|Purple] Teams in Cyber Defence · 49d ago Can I do anything cool with this network controller? hacking: security in practice · 49d ago News alert: Orchid Security study finds invisible identities now outnumber managed accounts The Last Watchdog · 49d ago Anti BOT Tipps und Tricks gesucht. cybersecurity · 49d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security cybersecurity · 49d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security For [Blue|Purple] Teams in Cyber Defence · 49d ago GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security Technical Information Security Content & Discussion · 49d ago New to Cybersecurity cybersecurity · 49d ago Micro controller safety? hacking: security in practice · 49d ago Is the ISC2 Certified in Cybersecurity worth it? cybersecurity · 49d ago Average Days to Close by Source CNAPP Severity Tag 2026 cybersecurity · 49d ago I want free nmap resource cybersecurity · 49d ago If I clear browser history regularly, does it reduce the chances of malware that target browser data? cybersecurity · 49d ago What is next after 1.5 Year as Security Analyst? cybersecurity · 49d ago Analysis advice cybersecurity · 49d ago Stop me if you heard this one before... (YellowKey related) cybersecurity · 49d ago UAC-0184: From HTA to a Signed Network Stack For [Blue|Purple] Teams in Cyber Defence · 50d ago Can you be protected from yellowkey by disabling WinRe? does it work from support os then WinRe? cybersecurity · 50d ago Math at Scale: Reversing The Construction Of The Perspective-Projection Matrix (Game Engine Reversing) Reverse Engineering · 50d ago Looking for advice: where should I post/publish CVE write-ups? cybersecurity · 50d ago CISA Admin Leaked AWS GovCloud Keys on Github hacking: security in practice · 50d ago New GMKtec M7 Ultra appears to be infected. Beware of the malware! Malware Analysis & Reports · 50d ago Cybersecurity statistics of the week (May 11th - May 17th) cybersecurity · 50d ago How can I test my website locally for cybersecurity? cybersecurity · 50d ago Mini Shai-Hulud returns, compromising hundreds of npm packages CyberScoop · 50d ago Use of coding in security operations cybersecurity · 50d ago Decompilation of DSP Code using IDA Pro hacking: security in practice · 50d ago Iran demands Big Tech pay fees for undersea Internet cables in Strait of Hormuz cybersecurity · 50d ago Microsoft disrupts cybercrime service that abused software verification systems en masse cybersecurity · 50d ago I've built an open source honeypot probe database accessible via curl, http and mcp cybersecurity · 50d ago New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here For [Blue|Purple] Teams in Cyber Defence · 50d ago Deep dive into the object creation flow in Windows - PART 4: Handle table internals. Reverse Engineering · 50d ago 6,000+ Automatic Tank Gauges Exposed With No Authentication cybersecurity · 50d ago Twice in two days I've had a MS Auth request from a random device, I changed my password after the first, what more can I do to protect my email? cybersecurity · 50d ago How Storm-2949 turned a compromised identity into a cloud-wide breach For [Blue|Purple] Teams in Cyber Defence · 50d ago Microsoft disrupts cybercrime service that abused software verification systems en masse CyberScoop · 50d ago How Storm-2949 turned a compromised identity into a cloud-wide breach Technical Information Security Content & Discussion · 50d ago If humans are the weakest link, why won't companies evolve? cybersecurity · 50d ago Someone asks "How much does a VAPT cost?" or "Do we really need a penetration test?" cybersecurity · 50d ago Entra ID: PIM for Groups Review For [Blue|Purple] Teams in Cyber Defence · 50d ago Cloudflare's CISO gives his hands on review of Anthropic's new Mythos LLM cybersecurity · 50d ago Local transcription vs cloud transcription, which actually feels safer? cybersecurity · 50d ago Why do governments and militaries still use what amounts to giant preshared electronic codebooks when we have really good encryption today? cybersecurity · 50d ago Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise cybersecurity · 50d ago TeamPCP compromises NPM maintainer with over 540 packages For [Blue|Purple] Teams in Cyber Defence · 50d ago Shai-Hulud source leak is turning npm malware into a copycat problem cybersecurity · 50d ago Framework for Preventing Secret Ideas from Leakage cybersecurity · 50d ago Kieback & Peter DDC Building Controllers All CISA Advisories · 50d ago Siemens RUGGEDCOM APE1808 Devices All CISA Advisories · 50d ago ABB CoreSense HM and CoreSense M10 All CISA Advisories · 50d ago ScadaBR All CISA Advisories · 50d ago ZKTeco CCTV Cameras All CISA Advisories · 50d ago Local LLM for building AI Security platform cybersecurity · 50d ago SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access cybersecurity · 50d ago Emerging Cyber security niches cybersecurity · 50d ago ISO/IEC 27701 cybersecurity · 50d ago Tracing CVE-2026-34473 pre-auth DoS through decompiled CGILua request parsing in ZTE H-series firmware Reverse Engineering · 50d ago Solo dev building a terminal-heavy hacking game inspired by corporate security cybersecurity · 50d ago Symantec has published its analysis of Fast16: a pre-Stuxnet sabotage tool built to subvert nuclear weapons simulations cybersecurity · 50d ago Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments Technical Information Security Content & Discussion · 50d ago CVE-2026-34473: Pre-auth ZTE H-series router DoS via CGILua request-body parsing Technical Information Security Content & Discussion · 50d ago CS/IT Student Looking to Grow My LinkedIn Network 😃 cybersecurity · 50d ago CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models) hacking: security in practice · 50d ago Open-source Hermes bytecode decompiler for React Native apps (Rust) Reverse Engineering · 50d ago CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models) cybersecurity · 50d ago Is Amazon Cognito a good choice long term? Alternatives? cybersecurity · 50d ago Was hacking easier in the 80s and 90s and early 2000s? cybersecurity · 50d ago Need some Advice in SOAR heavy environment cybersecurity · 50d ago Trying to find serious builders in cybersecurity - not just “let’s build” conversations cybersecurity · 50d ago Hermes bytecode decompiler (Rust) - sharing my friend’s project Reverse Engineering · 50d ago RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields hacking: security in practice · 50d ago RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields Technical Information Security Content & Discussion · 50d ago Active Supply Chain Attack Compromises @antv Packages on npm... For [Blue|Purple] Teams in Cyber Defence · 50d ago AI Phishing cybersecurity · 50d ago The quest for greater tech independence WeLiveSecurity · 50d ago One Hacked Login Led to a Massive Cloud Breach, Microsoft Reveals cybersecurity · 50d ago When DMCA Comes Knocking - A YouTube Creator Phishing Kit For [Blue|Purple] Teams in Cyber Defence · 50d ago [Cloudflare] Project Glasswing: what Mythos showed us For [Blue|Purple] Teams in Cyber Defence · 50d ago vpn explained the simple version that actually makes sense Malware Analysis & Reports · 50d ago How easy is it to get into the cyber security field? cybersecurity · 50d ago Forza Designer 6 Reverse Engineering · 50d ago 314 npm packages just got compromised, 271 @antv, echarts-for-react, size-sensor, timeago.js cybersecurity · 50d ago Built a full disassembler & decompiler for Reverse Engineering | Free and open source. hacking: security in practice · 50d ago Built a full disassembler & decompiler | Free and open source. Reverse Engineering · 50d ago Slopinator - a poisoned GitHub repository generator hacking: security in practice · 50d ago Frontend SWE (3-4 YOE) looking to pivot to AppSec. Where should I start? cybersecurity · 50d ago New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205) Technical Information Security Content & Discussion · 50d ago ‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub — Gizmodo cybersecurity · 50d ago CEH/CPENT vs OSCP vs GPEN cybersecurity · 50d ago ntroducing Yokai Linux — A Cyberpunk Security-Focused Linux Distro” cybersecurity · 50d ago CISA Contractor Admin Leaked AWS GovCloud Keys on Github cybersecurity · 50d ago Made a shell greeter that generates a unique rocket every time you open a terminal tab hacking: security in practice · 50d ago Suspecious activity in my account cybersecurity · 50d ago At Mythos Speed: A Defender's Playbook for the AI Vulnerability Surge in 2026 Recorded Future · 50d ago Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud Trend Micro Research, News, Perspectives · 50d ago Is it safe to use my first name and middle name on platforms? cybersecurity · 50d ago Stuck choosing a cybersecurity specialization — especially with a local market context (Senegal). Need honest advice. cybersecurity · 50d ago Just received an email from shinyhunters about their amtrack hack cybersecurity · 50d ago Just received an email from shinyhackers about their amtrack hack hacking: security in practice · 50d ago Flipper Zero (or Alternatives)? hacking: security in practice · 50d ago Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access cybersecurity · 50d ago Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access hacking: security in practice · 50d ago Bywaf: an auditable Python commandlet framework for chained pentest workflows cybersecurity · 50d ago For anyone currently working in a SOC: cybersecurity · 50d ago Fellow Tier 1 SOC/Security Analysts - What does your day to day look like? cybersecurity · 50d ago The quiet death of behavioral anti-bot and the pivot to hardware ZKPs Technical Information Security Content & Discussion · 50d ago SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain For [Blue|Purple] Teams in Cyber Defence · 50d ago AI might cut false positives, but it won’t stop the slop CyberScoop · 50d ago Recent WhatsApp hacks hacking: security in practice · 50d ago Snowboard Kids 2 is 100% Decompiled Reverse Engineering · 50d ago How do you threat hunt for RMM tools in environments where RMM is all over the place? cybersecurity · 50d ago Decompilation projects and N64 Recompiled PC ports (May 2026) Reverse Engineering · 50d ago Microsoft - "your single use code" email when it was not requested by yourself cybersecurity · 50d ago Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa CyberScoop · 50d ago Directory of vendor security questionnaires cybersecurity · 50d ago Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised cybersecurity · 50d ago I wrote an async scanner that runs about 9x faster than nmap for discovery. hacking: security in practice · 50d ago MCA student with 2 yrs SOC/VAPT experience struggling to land interviews — looking for guidance/referrals cybersecurity · 50d ago AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems Technical Information Security Content & Discussion · 50d ago Glass - A fast and free interactive disassembler Reverse Engineering · 50d ago ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12. Technical Information Security Content & Discussion · 50d ago Microsoft Exchange 0-Day Exploit Sparks Emergency Warning — Hackers Are Attacking Unpatched Servers hacking: security in practice · 50d ago Cybersecurity job market in Phoenix (East/West Valley?) – looking for local insight cybersecurity · 51d ago Rekomendacja Pełnomocnika Rządu ds. Cyberbezpieczeństwa dotycząca komunikatora Signal - Recommendation of the Government Plenipotentiary for Cybersecurity regarding the Signal messenger For [Blue|Purple] Teams in Cyber Defence · 51d ago Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible | CNN Politics For [Blue|Purple] Teams in Cyber Defence · 51d ago How is AI affecting the cybersecurity market? cybersecurity · 51d ago MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech stack The Last Watchdog · 51d ago MCP security cybersecurity · 51d ago YellowKey Mitigation cybersecurity · 51d ago CrystalX: unpacking a Go RAT through three encrypted layers For [Blue|Purple] Teams in Cyber Defence · 51d ago Anyone else on the receiving end of ShinyHunters extortion email? cybersecurity · 51d ago Ultimate irony: Microsoft researchers say you shouldn’t trust AI with work docs cybersecurity · 51d ago Benchmarking LLMs for malware triage and static unpacking with Malcat Reverse Engineering · 51d ago Benchmarking LLMs for malware triage and static unpacking with Malcat Malware Analysis & Reports · 51d ago What’s the biggest mistake people still make about online security in 2026? cybersecurity · 51d ago Anthropic shuts the EU out of its most advanced cyber AI model cybersecurity · 51d ago Most AI agent governance playbooks still assume you can turn the agent off... Once its wired into production that stops being true [Rethinking AI security through a dimmer switch lens] cybersecurity · 51d ago Best hotel for attending all three conferences in Vegas? cybersecurity · 51d ago What's your company's actual PQC migration plan? Not the one on paper - the real one. cybersecurity · 51d ago The down fall of bug bounties Technical Information Security Content & Discussion · 51d ago The Boring Stuff is Dangerous Now darkreading · 51d ago This GitHub README Hijacks Your AI and Spreads Like a Virus NahamSec · 51d ago New video: hacking AI coding assistants and IDEs. #bugbounty #ai NahamSec · 51d ago Does buying local cybersecurity (services/products/etc) matter to you? cybersecurity · 51d ago LinkedIn user hides AI prompt injection in bio to force recruitment spam to be sent in Olde English prose cybersecurity · 51d ago Detection Engineering AI Maturity Framework cybersecurity · 51d ago Microsoft code cybersecurity · 51d ago TanStack Supply Chain Attack (And How to Lock Down GitHub Actions) Technical Information Security Content & Discussion · 51d ago Microsoft confirms Windows 11 security update install issues cybersecurity · 51d ago Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ cybersecurity · 51d ago Exploit available for new DirtyDecrypt Linux root escalation flaw cybersecurity · 51d ago Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware cybersecurity · 51d ago Suspicious with a company offer letter cybersecurity · 51d ago The Canvas breach proved that prevention is no longer enough CyberScoop · 51d ago Direct external access to CyberArk PVWA vs. enforcing a VDI/Jump Box first? cybersecurity · 51d ago Attacking Cloud Service Providers (ACSP) - An interactive textbook on control-plane intrusion and breaking cross-tenant isolation Technical Information Security Content & Discussion · 51d ago Why do some recovery workflows still require full wallet uploads? cybersecurity · 51d ago Netmirror exposed - The Free Movie App That Was Robbing You Blind Malware Analysis & Reports · 51d ago Need help with interview for soc l1 cybersecurity · 51d ago Feeling stuck in SOC want to moving toward Detection Engineering & Cloud Security (need guidance & cert roadmap) cybersecurity · 51d ago HexWalk 2.0.0 Hex analyzer new major release, new binary analyzer hexdig support added, better select mode, works both on Windows, Linux and MacOs, give it a try! Reverse Engineering · 51d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 51d ago Autonomous AI Penetration Testing with Consent-First Ethical Framework — Research Paper + Working Implementation Technical Information Security Content & Discussion · 51d ago Reverse engineering no dep x64 masm AI IDE Reverse Engineering · 51d ago New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released cybersecurity · 51d ago carrer path in cybersecurity for a btech stud cybersecurity · 51d ago Agents usage in production cybersecurity · 51d ago ‘Q-Day’ is almost here. It could unleash a cybersecurity crisis far worse than Y2K cybersecurity · 51d ago Former CISA nominee Sean Plankey named US CEO of defense startup CyberScoop · 51d ago Are teams still finding AI API keys in public repos? cybersecurity · 51d ago Can Laws Stop Deepfakes? South Korea Aims to Find Out darkreading · 51d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 51d ago Agentic Governance: Why It Matters Now Trend Micro Research, News, Perspectives · 51d ago Mean time-to-exploit just hit 2.1 days. Critical vulnerabilities everywhere. Is the AI apocalypse here? cybersecurity · 51d ago Does the CBP bug phones? cybersecurity · 51d ago What We Learned Building Runtime Visibility for Modern Telco Networks cybersecurity · 51d ago Ive got my Spotify account hacked! How do I solve this? cybersecurity · 51d ago The Politics of AI Transparency cybersecurity · 51d ago A million baby monitors and security cameras were easily viewable by hackers cybersecurity · 51d ago NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE cybersecurity · 51d ago Does anyone know if this file is still accessible to download? hacking: security in practice · 51d ago Is cybersecurity becoming more behavioral than technical? cybersecurity · 51d ago Questions About Promo Items for a Cybersecurity Conference cybersecurity · 51d ago DirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Write For [Blue|Purple] Teams in Cyber Defence · 51d ago Dois-je m'inquiéter ? cybersecurity · 51d ago I am dying to work abroad , rate my journey so far cybersecurity · 51d ago FlowerStorm unleashes the KrakVM: PhaaS operators turn to VM-based obfuscation For [Blue|Purple] Teams in Cyber Defence · 51d ago Microsoft - "Your single use code" email when it was not requested cybersecurity · 51d ago Security / Compliance work going Agentic? cybersecurity · 51d ago High school students organized a Jeopardy CTF competition - give it a try hacking: security in practice · 51d ago Don't believe the media, specially in cybersec cybersecurity · 51d ago Microsoft account keeps getting Authenticator requests? cybersecurity · 51d ago [Tool] Grafana Final Scanner - Mass CVE Testing Script with All Public CVEs Aggregated. cybersecurity · 51d ago Ansible security and compliance guide Technical Information Security Content & Discussion · 52d ago Malware learning Malware Analysis & Reports · 52d ago Struggling to generate security bulletins — any ideas? cybersecurity · 52d ago Certs to go into Security Engineer/architect cybersecurity · 52d ago 18882745552 beware of email with this number cybersecurity · 52d ago Transition from traditional penetration testing into AI security cybersecurity · 52d ago Seeking advice on next career steps cybersecurity · 52d ago Official Miasma Poison Tar Pit Docker Image Now Available hacking: security in practice · 52d ago Will the analyst role become obsolete? cybersecurity · 52d ago LID: LID — Linux Integrity Drift: Bypassing AppArmor via eBPF pathname rewriting. Pre-LSM syscall argument manipulation with zero audit footprint. "Linux is Dying" For [Blue|Purple] Teams in Cyber Defence · 52d ago Alert Fatigue cybersecurity · 52d ago Best path into cybersecurity for a high schooler? cybersecurity · 52d ago Static Kitten APT Adversary Simulation For [Blue|Purple] Teams in Cyber Defence · 52d ago 🔴 [PAYLOAD REVIEW] WiFi Pineapple Pager 📟🍍 Hak5 · 52d ago Why Is Cybersecurity Now A Business Priority, Not Just An IT Function? Cyber Defense Magazine · 52d ago Keep getting hacked cybersecurity · 52d ago Eimeria: five layers from RAR5 to RunPE For [Blue|Purple] Teams in Cyber Defence · 52d ago ghosttype: Local forensic scanner that extracts credentials from AI tool conversation history. For authorized red team and DLP use only. For [Blue|Purple] Teams in Cyber Defence · 52d ago Instrumenting QT6 desktop apps with Frida - Part 2: Building the Bypass Chain Technical Information Security Content & Discussion · 52d ago How Do I implement sessions management in a vibe coded app ? Also suggest sessions management best practices cybersecurity · 52d ago I’m interested in joining the Red Team Hackers Academy in Bangalore. cybersecurity · 52d ago openDCIM exploitation For [Blue|Purple] Teams in Cyber Defence · 52d ago PE packer/crypter with random VM ISA per build Reverse Engineering · 52d ago A clueless teenager 💔 cybersecurity · 52d ago HASBL CTF - A Jeopardy-Style CTF Organized by High School Students! For [Blue|Purple] Teams in Cyber Defence · 52d ago Complete beginner looking to learn cybersecurity for personal/everyday use. Where to start? cybersecurity · 52d ago Am I overthinking Claude Code security or is this actually a risk? cybersecurity · 52d ago is someone know about shadow ai and can give me an explain about this im junior in cyber and i hear about this cybersecurity · 52d ago ISO/IEC 27701 ( SoA ) Applicability cybersecurity · 52d ago Security Executive Playbook cybersecurity · 52d ago This article about AI allucinations written by thehackernews, is literally written with AI lol... We need to do something to stop this phenomenon cybersecurity · 52d ago We Have Packet Capture at Home For [Blue|Purple] Teams in Cyber Defence · 52d ago I feel crazy I hope someone has insight . cybersecurity · 52d ago Suspected China-Linked Threat Actor Targets Global Manufacturer with Undocumented TencShell Malware For [Blue|Purple] Teams in Cyber Defence · 52d ago HWMonitor Trojanized for STX RAT DLL Sideloading For [Blue|Purple] Teams in Cyber Defence · 52d ago awesome-dfir-skills: Admiralty System for CTI Claude skill For [Blue|Purple] Teams in Cyber Defence · 52d ago Mullvad exit IPs as a fingerprinting vector For [Blue|Purple] Teams in Cyber Defence · 52d ago Does anybody know where I may stumble upon some Sh1mmer bin downloads hacking: security in practice · 52d ago Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools For [Blue|Purple] Teams in Cyber Defence · 52d ago Popular node-ipc npm Package Infected with Credential Steale... For [Blue|Purple] Teams in Cyber Defence · 52d ago An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests. For [Blue|Purple] Teams in Cyber Defence · 52d ago Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files For [Blue|Purple] Teams in Cyber Defence · 52d ago Chinese APT Campaign Targets Entities with Updated FDMTP Backdoor For [Blue|Purple] Teams in Cyber Defence · 52d ago Sandworm Activity in Industrial Environments: What the Data Reveals For [Blue|Purple] Teams in Cyber Defence · 52d ago Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign For [Blue|Purple] Teams in Cyber Defence · 52d ago "Shadowserver-in-a-box" IntelMQ + ELK Solution For [Blue|Purple] Teams in Cyber Defence · 52d ago Stenloader: Steganography Shellcode Loader For [Blue|Purple] Teams in Cyber Defence · 52d ago AsmResolver: a library for reading, modifying and reconstructing Portable Executable (PE) files. It supports PE images running natively on Windows, as well as images containing managed (.NET) metadata - after 2 years of development, v6.0.0 is out For [Blue|Purple] Teams in Cyber Defence · 52d ago Somebody backdoored the package `bfunky/http-parser` on packagist with a stealer - package not touched since 2018 For [Blue|Purple] Teams in Cyber Defence · 52d ago Our response to the TanStack npm supply chain attack For [Blue|Purple] Teams in Cyber Defence · 52d ago QEMUtiny is a memory corruption vulnerability in QEMU's implementation of CXL Type-3 device emulation, reported against QEMU master 007b29752e and confirmed working against 5e61afe (May 11, 2026). For [Blue|Purple] Teams in Cyber Defence · 52d ago We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase. For [Blue|Purple] Teams in Cyber Defence · 52d ago APT-C-55(Kimsuky)组织依托GitHub+Dropbox分发恶意载荷的攻击活动分析 - Analysis of APT-C-55 (Kimsuky) group's attack activities involving the distribution of malicious payloads via GitHub and Dropbox. For [Blue|Purple] Teams in Cyber Defence · 52d ago oss-security - Logic bug in the Linux kernel's __ptrace_may_access() function - exploits out see yesterday For [Blue|Purple] Teams in Cyber Defence · 52d ago Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations For [Blue|Purple] Teams in Cyber Defence · 52d ago ΡHANTΟΜ Al-Powered Pentesting Command Center cybersecurity · 52d ago Interview Assessments cybersecurity · 52d ago We built a blue-team mode for AI security training — you write a defensive prompt, we throw 12 attack probes at it cybersecurity · 52d ago Questions about data blockers cybersecurity · 52d ago A Tale of Two File Names Reverse Engineering · 52d ago PE reconstruction Reverse Engineering · 52d ago OtterCookie: JavaScript RAT shifting fake-interview campaigns from credential theft to live surveillance For [Blue|Purple] Teams in Cyber Defence · 52d ago Post Implementation task cybersecurity · 52d ago The Gentlemen Ransomware Group — Leak Analysis For [Blue|Purple] Teams in Cyber Defence · 52d ago Mythos, MOAK, CTEM and the End of CVE Chasing cybersecurity · 52d ago Cyber security jobs in Austria cybersecurity · 52d ago Leader of Ukrainian Hacking Group: GRU Bribed Kyivstar Employee to Hack Company’s Network hacking: security in practice · 52d ago Personal favorite deception layer. cybersecurity · 52d ago Estudiar Ciberseguridad cybersecurity · 52d ago Learning way cybersecurity · 52d ago A File Format Uncracked for 20 Years: Part 2 Reverse Engineering · 52d ago How do you report large volume detections to a CISO without making the BPA report a SOC story? cybersecurity · 52d ago HDD Firmware Hacking Part 1 For [Blue|Purple] Teams in Cyber Defence · 52d ago Can anyone share bugbase platform screenshot having professional usage on dashboard? cybersecurity · 52d ago ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels. For [Blue|Purple] Teams in Cyber Defence · 52d ago CTO at NCSC Summary: week ending May 17th For [Blue|Purple] Teams in Cyber Defence · 52d ago CTO at NCSC Summary: week ending May 17th cybersecurity · 52d ago GZDoom in the browser hacking: security in practice · 52d ago Vidar v1.5 in Go: same family, new language, heavy sandbox checks For [Blue|Purple] Teams in Cyber Defence · 53d ago Developer credential-theft campaign exposed operator-side self-infection For [Blue|Purple] Teams in Cyber Defence · 53d ago Security Executive Playbook cybersecurity · 53d ago Tired of tab-switching between CTI tools - here's what we put together cybersecurity · 53d ago I contributed to an open-source Bluetooth stress testing tool that just got a major algorithm refactor cybersecurity · 53d ago Resident Evil: Code Veronica X is able to use inventory and view files from the decompiled PS2 source! Reverse Engineering · 53d ago Help-Desk Lures Drop KongTuke's Evolved ModeloRAT For [Blue|Purple] Teams in Cyber Defence · 53d ago Welcome to BlackFile: Inside a Vishing Extortion Operation For [Blue|Purple] Teams in Cyber Defence · 53d ago HackTheBox - Pterodactyl IppSec · 53d ago In Cybersecurity cybersecurity · 53d ago AI-assisted cyberattacks are changing the threat landscape faster than most organizations realize. Technical Information Security Content & Discussion · 53d ago DoublePulsar: A User-Defined Reflective Loader in the Crystal Palace and Tradecraft Garden Era For [Blue|Purple] Teams in Cyber Defence · 53d ago Stop Being Weird — Life After Call Stack Spoofing Under CET For [Blue|Purple] Teams in Cyber Defence · 53d ago Anyone else feel like most MSP tooling is either overkill or painfully manual? cybersecurity · 53d ago Thinkpad vs Macbook pro endpoint security cybersecurity · 53d ago Any more affordable alternatives to “IntelligenceX”? cybersecurity · 53d ago Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran cybersecurity · 53d ago tanstack checker github action cybersecurity · 53d ago Drivers Alpha AWUS036AXML cybersecurity · 53d ago Splunk download for free cybersecurity · 53d ago The Security Mistakes Being Repeated With Ai Cyber Defense Magazine · 53d ago Funnel Builder WordPress plugin bug exploited to steal credit cards cybersecurity · 53d ago Anyone here using pager duty? cybersecurity · 53d ago Scammer targeting posters cybersecurity · 53d ago Anyone know how to bypass these school laptop pins? hacking: security in practice · 53d ago Seeking advice cybersecurity · 53d ago Microsoft MDASH found 16 Windows RCEs — here's exactly how the 100-agent pipeline works Technical Information Security Content & Discussion · 53d ago Looking for Free Cybersecurity Conferences & Meetups in Europe (September 2026) cybersecurity · 53d ago Just got an email about a single use code, maybe someone was trying to log in? cybersecurity · 53d ago Can a background in DevOps enter the cybersecurity field? cybersecurity · 53d ago [CrackMe] PyVMP v7 : The vault. Important info : the server is now live, take a look inside the gofile link. Reverse Engineering · 53d ago Triggering the Secure Boot Certificate Update with Intune Remediations For [Blue|Purple] Teams in Cyber Defence · 53d ago How to enable HTTPS support for Microsoft Connected Cache for Enterprise and Education - Starting on June 16th, 2026, or soon after, Intune will enforce HTTPS content delivery for customers using Microsoft Connected Cache For [Blue|Purple] Teams in Cyber Defence · 53d ago Addressing Exchange Server May 2026 vulnerability CVE-2026-42897 For [Blue|Purple] Teams in Cyber Defence · 53d ago One Is a Fluke, 3 Is a Pattern: MCP Back-End Vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 53d ago CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED) For [Blue|Purple] Teams in Cyber Defence · 53d ago Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities For [Blue|Purple] Teams in Cyber Defence · 53d ago FamousSparrow APT Targets Azerbaijani Oil and Gas Industry For [Blue|Purple] Teams in Cyber Defence · 53d ago Disclosing new PebbleDash-based tools by Kimsuky For [Blue|Purple] Teams in Cyber Defence · 53d ago FrostyNeighbor: Fresh mischief and digital shenanigans For [Blue|Purple] Teams in Cyber Defence · 53d ago Kazuar: Anatomy of a nation-state botnet For [Blue|Purple] Teams in Cyber Defence · 53d ago OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments For [Blue|Purple] Teams in Cyber Defence · 53d ago NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys For [Blue|Purple] Teams in Cyber Defence · 53d ago Hacker Ringleader Extradited for 38 Billion Won Theft For [Blue|Purple] Teams in Cyber Defence · 53d ago Alert Number: I-051526-PSA | 15 May 2026 ShinyHunters: Cyber Criminal Group Attacks Learning Management System For [Blue|Purple] Teams in Cyber Defence · 53d ago Fragnesia (CVE-2026-46300) is a universal Linux local privilege escalation exploit For [Blue|Purple] Teams in Cyber Defence · 53d ago The Mythos We Have At Home: A Patch-Diffing Pipeline for N-Day Generation For [Blue|Purple] Teams in Cyber Defence · 53d ago FFFFirefox - A One-Day Wonder Renderer Exploit For [Blue|Purple] Teams in Cyber Defence · 53d ago MiniPlasma, a powerful LPE For [Blue|Purple] Teams in Cyber Defence · 53d ago Using ai in learning cybersecurity · 53d ago Exploiting Toshiba Qiomem.sys vulnerable driver Reverse Engineering · 53d ago Avanzamento area Blue Team/SOC cybersecurity · 53d ago Please what could be helpful cybersecurity · 53d ago HDD Firmware Hacking Part 1 Reverse Engineering · 53d ago CVE exploit chain cybersecurity · 53d ago What are the widely accepted SaaS security accreditations/audits an app should seek in fintech cybersecurity · 53d ago Preparing for The Quantum Era: AT&T Business Debuts Post-Quantum Cryptography Secure SD-WAN, Powered by Cisco cybersecurity · 53d ago Region-based binary diff tool for firmware analysis Reverse Engineering · 53d ago Major flaw in Indian Cyber and IT assurance landscape cybersecurity · 53d ago Red Team Ops Ⅱ ( CRTL ) exam preparation cybersecurity · 53d ago Recomendations cybersecurity · 53d ago A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens Reverse Engineering · 53d ago Recommended cybersecurity certification for a UX designer new to the domain? cybersecurity · 53d ago แก้ไขปัญหา Frida 17.9.10 บน Termux (Android ARM64) - ไม่มีข้อผิดพลาด Toolchain 404 และ _Py_NoneStruct อีกต่อไป! Reverse Engineering · 53d ago insdubai.com: Motor insurance policies, data of insured persons was exposed on an unprotected server cybersecurity · 53d ago Career path cybersecurity · 53d ago Merit America offers a program that gets you into cyber security roles. cybersecurity · 53d ago Brovan — Open-source x86/x64 user-mode binary emulator written in C# Reverse Engineering · 53d ago Brovan: Binary user-mode emulator for x86_64 Reverse Engineering · 53d ago Brovan: Binary user-mode emulator for x86_64 Malware Analysis & Reports · 53d ago Brovan: Binary user-mode emulator for x86_64 cybersecurity · 53d ago AmEx Interview! cybersecurity · 53d ago A stealth Playwright (Firefox) version that passes all anti-bot and CAPTCHA hacking: security in practice · 53d ago Developer credential-stealing pipeline also collected operator workstations cybersecurity · 53d ago need help building a case. cybersecurity · 53d ago Colorado governor commutes prison sentence for election denier Tina Peters CyberScoop · 53d ago Personal favorite SIEM platform? cybersecurity · 53d ago Cardputer ADV cybersecurity · 53d ago Alternative for Qualys cybersecurity · 53d ago I have a friend who looks like he’s a stalker I’m scared he will know I stalk him hacking: security in practice · 53d ago The 4th Linux kernel flaw this month can lead to stolen SSH host keys cybersecurity · 53d ago Congress Puts Heat on Instructure After Canvas Outage darkreading · 53d ago Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live Technical Information Security Content & Discussion · 53d ago Stack Buffer Overflow Explained (Using a Classic Doom Bug) cybersecurity · 53d ago [Tutorial] How to hack DOS games: Reversing Prince of Persia hacking: security in practice · 53d ago Here’s how the FTC plans to enforce the Take It Down Act CyberScoop · 53d ago Understanding Stack Buffer Overflows Through Doom and C++ Reverse Engineering · 53d ago Confused about cybersecurity career cybersecurity · 53d ago What is it Wednesdays: Episode 0001 Reverse Engineering · 53d ago Transferring from pen test consulting to application security? cybersecurity · 53d ago Curso de especializacion de Ciberseguridad cybersecurity · 53d ago Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox? For [Blue|Purple] Teams in Cyber Defence · 53d ago Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox? cybersecurity · 53d ago Lost, tempted to throw in the towel cybersecurity · 53d ago Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own cybersecurity · 53d ago I open-sourced a Docker security scanner I use to audit all my websites cybersecurity · 53d ago Testing Deception Technique cybersecurity · 53d ago A malware got into my account and spread spam ad to my friends and relatives cybersecurity · 54d ago North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems Technical Information Security Content & Discussion · 54d ago North Korean Hackers Now Using AI? Kaspersky Warns of New Cyber Threat Targeting South Korean Govt Systems cybersecurity · 54d ago Most pentest reports I review are padded with garbage findings cybersecurity · 54d ago Is dns spoofing dead?? hacking: security in practice · 54d ago Cyber Essentials and use of third party websites - MFA cybersecurity · 54d ago Rapid 7 and Cisa Kev cybersecurity · 54d ago Deep dive into the object creation flow in Windows - PART 3: Post-initialization and Name Lookup Reverse Engineering · 54d ago Deepdive into the object creation flow in Windows -PART 2 : access check internals Reverse Engineering · 54d ago Deep dive into the object creation flow in Windows -PART1 : Allocation and Pre-Initialization Reverse Engineering · 54d ago Anyone know much about MS Defender? cybersecurity · 54d ago My Privacy Focused USB Drive hacking: security in practice · 54d ago Cisco zero-day under ongoing attack by persistent threat group CyberScoop · 54d ago EN18031 for IoT: struggling to see the big picture — advice from experienced people? cybersecurity · 54d ago Japan’s 3DS Mandate: One Year In Blog – Forter · 54d ago Automating code security reviews with Claude Mythos-level capabilities Technical Information Security Content & Discussion · 54d ago Automating Code Security Reviews cybersecurity · 54d ago [Tool] IOCX — deterministic static IOC extraction for PE binaries For [Blue|Purple] Teams in Cyber Defence · 54d ago New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available cybersecurity · 54d ago [Tool] IOCX - deterministic static IOC extraction for PE binaries (17-second demo) Reverse Engineering · 54d ago Proxmark5 - Next-Gen Open Source RFID Research Tool (Iceman Edition) hacking: security in practice · 54d ago AI coding tools on developer machines — looking for input on how you're handling it cybersecurity · 54d ago Chrome 148 Update Patches Critical Vulnerabilities cybersecurity · 54d ago The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract Cyber Defense Magazine · 54d ago Microsoft warns of Exchange zero-day flaw exploited in attacks cybersecurity · 54d ago I need help. i am lost cybersecurity · 54d ago Novel Evilginx Frontend - Lowering the barrier for token theft reuse For [Blue|Purple] Teams in Cyber Defence · 54d ago Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defence cybersecurity · 54d ago Cyber Pioneers Ponder Past as Prologue darkreading · 54d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 54d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 54d ago Physical red teaming: 7 low‑tech paths we keep finding into ‘secure’ environments cybersecurity · 54d ago SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not? cybersecurity · 54d ago SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not? For [Blue|Purple] Teams in Cyber Defence · 54d ago I'm going crazy. At the application level what I can actually do to prevent DDos? cybersecurity · 54d ago yarax_android: The first Android implementation of yara-x. Blazing fast pattern matching swiss knife running natively on Android. Reverse Engineering · 54d ago Is anyone enrolled in Intellipaat's cybersecurity course? cybersecurity · 54d ago Will AI Replace Cybersecurity Jobs? cybersecurity · 54d ago Why geopolitical turmoil is a gift for scammers, and how to stay safe WeLiveSecurity · 54d ago What's best certification choice after OSWE cybersecurity · 54d ago TinyLoad v4 — added opaque predicates, anti-debug, and section obfuscation to my PE packer hacking: security in practice · 54d ago Facebook Page Call Slipping through Sleep mode cybersecurity · 54d ago ssh-keysign-pwn: Linux LPE allows unprivileged users to read root-owned files. PoC with SSH server privkey cybersecurity · 54d ago New Linux LPE allows local users to read any file, including privkeys cybersecurity · 54d ago A fix for the previous Linux kernel critical exploit has seemingly introduced another critical local privilege escalation exploit, a third in two weeks. cybersecurity · 54d ago Your experience as IT Admin on Alerts cybersecurity · 54d ago Slow-drip responses as a bot defense: streaming fake credentials 3 bytes at a time cybersecurity · 54d ago Maximum Severity Cisco SD-WAN Bug Exploited in the Wild cybersecurity · 54d ago GitHub - jetnoir/metis: Automated binary vulnerability triage for macOS, Linux, and Windows targets Reverse Engineering · 54d ago GitHub - jetnoir/poppy: Dynamic XPC Observability & Fault Injection for macOS Reverse Engineering · 54d ago Instrumenting QT6 desktop apps with Frida - Part 1 Technical Information Security Content & Discussion · 54d ago From Vercel Typosquatting to an Obfuscated macOS Malware Loader Technical Information Security Content & Discussion · 54d ago Discord VC lag Exploit cybersecurity · 54d ago FrostyNeighbor: Fresh mischief and digital shenanigans cybersecurity · 54d ago Bug FB - Inicio de sesion por password cybersecurity · 54d ago Does anyone know how to configure EVILGINX for testing cybersecurity · 54d ago Trafexia V2 - Mobile Traffic Interceptor Toolkit Reverse Engineering · 54d ago How long does it take to get familiar with a tool cybersecurity · 54d ago Scam website cybersecurity · 54d ago ANTS Hack: 19 million records exposed in French ID agency breach cybersecurity · 54d ago has anyone used tail os here? hacking: security in practice · 54d ago Is it really that easy to obtain SMS codes using an SS7 attack? cybersecurity · 54d ago AI coding tools are shipping code faster than security can review it. What's your team doing about it cybersecurity · 54d ago Interview for AI security engineer position at a fortune 500 company cybersecurity · 54d ago How’s the job market for Senior AppSec Engineers? How are the interviews? cybersecurity · 54d ago Has anyone read "The Art of Deception"? How does it hold up to now? cybersecurity · 54d ago Run this washer/dryer sans coin? hacking: security in practice · 54d ago WAF Evasion Engine For [Blue|Purple] Teams in Cyber Defence · 54d ago Is metadata protection becoming more important than traditional endpoint security for ordinary users? cybersecurity · 54d ago Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems darkreading · 54d ago Inspecting a DLL file trying to figure out if it really is malware Malware Analysis & Reports · 54d ago Zero trust in hybrid environments - what's actually worked for you cybersecurity · 54d ago Have you encountered issues with CSAF advisories in practice? cybersecurity · 54d ago Zero trust in hybrid environments - what's actually working for you cybersecurity · 54d ago I built an open-source Burp alternative hacking: security in practice · 54d ago OpenAI confirms security breach in TanStack supply chain attack cybersecurity · 54d ago Bachelors Degree Options cybersecurity · 54d ago HighBoy hacking: security in practice · 54d ago Innovator Spotlight: Klever Compliance Cyber Defense Magazine · 54d ago Thus Spoke…The Gentlemen For [Blue|Purple] Teams in Cyber Defence · 54d ago Innovator Spotlight: Radware Cyber Defense Magazine · 54d ago SecurityScorecard Snags Driftnet to Level Up Threat Intelligence darkreading · 54d ago npm supply chain compromise on a Next.js app — XMRig miner bundled into webpack output Malware Analysis & Reports · 54d ago Pentagon cyber official calls advanced AI ‘revolutionary warfare’ CyberScoop · 54d ago Maximum Severity Cisco SD-WAN Bug Exploited in the Wild darkreading · 54d ago White House cyber official: identity security matters more than ever in the age of AI CyberScoop · 54d ago I need help protecting my privacy cybersecurity · 54d ago Free Threat Intellegence cybersecurity · 54d ago What discovery in cybersecurity amazed you the most? cybersecurity · 54d ago Scholarship for Service cybersecurity · 54d ago Reading Siemens CT raw data hacking: security in practice · 54d ago KQLab - open-source query manager for SOC teams For [Blue|Purple] Teams in Cyber Defence · 54d ago For teams archiving logs outside the SIEM: how often do you actually query them, and for what reasons? cybersecurity · 54d ago How I use Hermes agent to turn Patch Tuesday into Windows exploit research hacking: security in practice · 54d ago Another day, another supply chain cybersecurity · 54d ago How often do you actually see SSRF exploited in real incidents vs just discussed in CTFs/blogs? cybersecurity · 54d ago Teaching Linux+ & CEH..... cybersecurity · 54d ago Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon cybersecurity · 54d ago How TeamPCP's Python Toolkit Survives a C2 Takedown For [Blue|Purple] Teams in Cyber Defence · 54d ago Innovator Spotlight: JScrambler Cyber Defense Magazine · 54d ago Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon hacking: security in practice · 54d ago SIEM use case development cybersecurity · 54d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode Technical Information Security Content & Discussion · 54d ago JFrog vs Mend as Scanners cybersecurity · 54d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode Reverse Engineering · 54d ago KQLab - open-source query manager for SOC teams cybersecurity · 54d ago Which Vendors Publish the Best (or Worst) Security Advisories? cybersecurity · 54d ago Tips for a beginner noob that wants to learn hacking: security in practice · 54d ago 'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine darkreading · 55d ago Synthetic training data vs. real attack telemetry — does it actually matter? cybersecurity · 55d ago Microsoft AntiSSRF For [Blue|Purple] Teams in Cyber Defence · 55d ago Operative IT-Sicherheit | SIEM & Splunk cybersecurity · 55d ago Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability Cisco Security Advisory · 55d ago Cisco Catalyst SD-WAN Manager Vulnerabilities Cisco Security Advisory · 55d ago Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state Technical Information Security Content & Discussion · 55d ago Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state For [Blue|Purple] Teams in Cyber Defence · 55d ago Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory Cisco Security Advisory · 55d ago SOC not for junior level? cybersecurity · 55d ago Major tech manufacturer Foxconn confirms cyberattack hit North American factories CyberScoop · 55d ago Cybersecurity at MSG cybersecurity · 55d ago pii-tools.com reputable? cybersecurity · 55d ago Hey all! sharing this week's issue I wrote on the TeamPCP supply chain compromise cybersecurity · 55d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure For [Blue|Purple] Teams in Cyber Defence · 55d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure Reverse Engineering · 55d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure Malware Analysis & Reports · 55d ago VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure Technical Information Security Content & Discussion · 55d ago Contract jobs worth the risk? cybersecurity · 55d ago HackTheBoxAcademy vs LetsDefend vs CyberDefenders cybersecurity · 55d ago Automating code security reviews with Claude: near Mythos-level capabilities at lower cost cybersecurity · 55d ago Making Right Career Decision? cybersecurity · 55d ago AI Drives Cybersecurity Investments, Widening 'Valley of Death' darkreading · 55d ago I tried using apparmor (linux security) but it doesn't seem to work very well cybersecurity · 55d ago Level Effect AMA! Former NSA Operators turned EDR developers and trainers in 2020. We’ve seen a lot of trends over the years and want to start being active in r/cybersecurity giving back. Ask us anything! cybersecurity · 55d ago Struggling to Stay Up to Date With Vulnerabilities cybersecurity · 55d ago CVE-2026-44338: Scanners Target PraisonAI Within Four Hours of Disclosure Technical Information Security Content & Discussion · 55d ago How to Check Computer Activity: 2026 Guide for Windows and Mac Technical Information Security Content & Discussion · 55d ago Strix — first public beta of the spiritual successor to cSploit/dSploit hacking: security in practice · 55d ago 🔴 [LIVE] Payload Review & 1M Subs! Hak5 · 55d ago How fast is autonomous AI cyber capability advancing? For [Blue|Purple] Teams in Cyber Defence · 55d ago Foxconn Attack Highlights Manufacturing's Cyber Crisis darkreading · 55d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 55d ago Siemens Siemens ROS# All CISA Advisories · 55d ago Siemens gWAP All CISA Advisories · 55d ago Siemens SIMATIC All CISA Advisories · 55d ago Siemens Ruggedcom Rox All CISA Advisories · 55d ago Siemens Ruggedcom Rox All CISA Advisories · 55d ago Siemens Simcenter Femap All CISA Advisories · 55d ago Universal Robots Polyscope 5 All CISA Advisories · 55d ago Siemens Ruggedcom Rox All CISA Advisories · 55d ago Siemens Teamcenter All CISA Advisories · 55d ago Siemens Solid Edge All CISA Advisories · 55d ago Siemens SENTRON 7KT PAC1261 Data Manager All CISA Advisories · 55d ago Siemens Opcenter RDnL All CISA Advisories · 55d ago Siemens Ruggedcom Rox All CISA Advisories · 55d ago Siemens SIMATIC S7 PLC Web Server All CISA Advisories · 55d ago Siemens Industrial Devices All CISA Advisories · 55d ago Siemens SIMATIC All CISA Advisories · 55d ago Siemens SIPROTEC 5 All CISA Advisories · 55d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 55d ago How to Transfer files Safely from a Compromised (work) Device cybersecurity · 55d ago Two brothers deleted 96 federal databases after being fired – one googled how to hide the evidence afterward cybersecurity · 55d ago Multiple data breaches in one week cybersecurity · 55d ago Whatsapp hacking: security in practice · 55d ago How are small security teams handling vulnerability overload now? cybersecurity · 55d ago Concerns mount that EU will demand age verification for VPNs cybersecurity · 55d ago Automating code security reviews: Claude Mythos-level capabilities with lower cost cybersecurity · 55d ago The Rare Patch: A Digital Sovereignty Challenge cybersecurity · 55d ago Advise cybersecurity · 55d ago CVE-2026-42945 : NGINX Heap Buffer Overflow in rewrite module - Writeup and PoC Technical Information Security Content & Discussion · 55d ago Face ID bypass with avatar hacking: security in practice · 55d ago GRC cybersecurity · 55d ago Admins and Engineers cybersecurity · 55d ago Microsoft's multi-agent AI system tops Anthropic's Mythos on cybersecurity benchmark cybersecurity · 55d ago Ghidra 12.1 has been released! Reverse Engineering · 55d ago Prompt injection in browser coding agents is the threat model nobody is ready for cybersecurity · 55d ago FrostyNeighbor: Fresh mischief and digital shenanigans WeLiveSecurity · 55d ago New Fragnesia Linux flaw lets attackers gain root privileges cybersecurity · 55d ago Transition from MSP to Network Engineering? cybersecurity · 55d ago YellowKey: YellowKey Bitlocker Bypass Vulnerability For [Blue|Purple] Teams in Cyber Defence · 55d ago Reverse Engineering Slither.io’s Network Protocol Reverse Engineering · 55d ago So called “off grid” method cybersecurity · 55d ago Convince me I’m not paranoid: a unique hacking situation. cybersecurity · 55d ago Hunting the Behavior Behind npm Supply Chain Attacks cybersecurity · 55d ago Hunting the Behavior Behind npm Supply Chain Attacks hacking: security in practice · 55d ago Question for AppSec Members cybersecurity · 55d ago Hunting the Behavior Behind npm Supply Chain Attacks Technical Information Security Content & Discussion · 55d ago LIVE: 🕵️ HTB Sherlocks! | Cybersecurity | Blue Team The Cyber Mentor · 55d ago Beginners guide to Google Dorks by Heisenberg cybersecurity · 55d ago I got a desktop notification, saying I had a security oversight. What's odd, is that the notification said Windows Security and it looked very believable... Malware Analysis & Reports · 55d ago Alguém sabe algo sobre raven eye technology cybersecurity · 55d ago Gophish Porject - Requirement cybersecurity · 55d ago Security Team Won’t Assess Risk cybersecurity · 55d ago Trusted Unknown Apps Protocol (TUAP) – A Global Behavior‑Based Security Framework cybersecurity · 55d ago Microsoft’s new multi-model agentic security system tops leading industry benchmark cybersecurity · 55d ago Proxmark5 Day 3 Update - $357K+ funded (715% of goal) hacking: security in practice · 55d ago Researchers say AI just broke every benchmark for autonomous cyber capability CyberScoop · 55d ago Microsoft MDASH Deployment Identifies 16 Windows Flaws via 100+ AI Agents cybersecurity · 55d ago Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks CyberScoop · 55d ago Overwhelmed on how to enter the job market. cybersecurity · 55d ago Social media scam bill targets tech giants as New Yorkers lose billions cybersecurity · 55d ago What are the biggest technical & cultural hurdles you’re facing right now? cybersecurity · 55d ago CISSP / CCSP training - Experienced engineer cybersecurity · 55d ago WaSteal: 126 Chrome extensions, 148K installs, one Brazilian operator silently sending WhatsApp user data and ad cookies to its servers Technical Information Security Content & Discussion · 55d ago I Reverse-engineering Need for Speed Underground 2 Server Reverse Engineering · 55d ago Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live Technical Information Security Content & Discussion · 55d ago Checkbox Assessments Aren't Fit to Measure Risk darkreading · 55d ago Attackers Weaponize RubyGems for Data Dead Drops darkreading · 55d ago Innovators Spotlight: OPSWAT Cyber Defense Magazine · 55d ago Vulnerability in Canvas/Instructure Support Tickets had part in breach? cybersecurity · 55d ago Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak darkreading · 55d ago Are There Really Ethical Hackers? I've Yet To Meet One hacking: security in practice · 55d ago Tinker Tailor Soldier: Paper Werewolf’s latest toolkit For [Blue|Purple] Teams in Cyber Defence · 55d ago On vendor disclosure timelines, bounty programme incentive misalignment, and the psychological contract Technical Information Security Content & Discussion · 55d ago /sbin/ping -G sweepmax has no bounds check on macOS: deterministic BSS out-of-bounds write, confirmed by Apple Technical Information Security Content & Discussion · 55d ago Apple's smbd has no FSCTL_SRV_COPYCHUNK limit enforcement: 256 bytes in, 64 GiB disk I/O out Technical Information Security Content & Discussion · 55d ago 126 Chrome extensions, all secretly the same product, taking 148K users' WhatsApp data and ad cookies For [Blue|Purple] Teams in Cyber Defence · 55d ago DOJ releases legal rationale for nationwide voter data collection CyberScoop · 55d ago is malwarefox legit? cybersecurity · 55d ago what lab to learn zero trust? cybersecurity · 55d ago Anyone else got a bunch of emails leaked by Samsung? cybersecurity · 55d ago Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape darkreading · 55d ago This is what some the world's largest banks of malware look like stacked as hard drives cybersecurity · 55d ago I need feedback on my project please cybersecurity · 55d ago would like to understand the role of "Cyber Insurance UnderWriters" cybersecurity · 55d ago Weaponized AI: The new frontier of fraud and identity spoofing CyberScoop · 55d ago clens.io - new public threat & data intel service Malware Analysis & Reports · 55d ago Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad For [Blue|Purple] Teams in Cyber Defence · 55d ago Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise For [Blue|Purple] Teams in Cyber Defence · 55d ago I made a video explaining CPU registers for people learning binary exploitation — x86 vs x64 differences included Reverse Engineering · 55d ago Free on-device tool for monitoring AI traffic on macOS — visibility before policy cybersecurity · 55d ago Is secure evidence handling and controlled derivative file sharing needed? cybersecurity · 55d ago Will Adding Some Certifications Help Me in the Job Market? cybersecurity · 55d ago Linux driver posted for Intel Silicon Security Engine Interface "ISSEI" cybersecurity · 55d ago Hello guys I am hearing everywhere Cybersecurity is the most demanding Subject. If it is true then where can I learn and get certified? cybersecurity · 56d ago Fragnesia made public as latest Linux local privilege escalation vulnerability cybersecurity · 56d ago HP ZBook Fury G8 vs ThinkPad T Series for Cybersecurity? cybersecurity · 56d ago trying to learn patching hacking: security in practice · 56d ago NIST is surrendering to the amount of CVEs coming in cybersecurity · 56d ago [HOMELAB] Built a SOC investigation console on two old Dell boxes For [Blue|Purple] Teams in Cyber Defence · 56d ago Military Veteran looking to get into the Cyber Field cybersecurity · 56d ago Android Intrusion Logging as a new source of data for consensual forensic analysis For [Blue|Purple] Teams in Cyber Defence · 56d ago Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor cybersecurity · 56d ago Granny’s Compromised Android Firmware Malware Analysis & Reports · 56d ago On-prem vs IaaS vs PaaS vs SaaS for self-hosted IAM (Keycloak case study) Technical Information Security Content & Discussion · 56d ago Post-quantum audit substrate for critical national infrastructure. The NCSC 2031 high-priority deadline reframed as an operator-side playbook. cybersecurity · 56d ago Shai-Hulud: Another Wave and Going Open Source For [Blue|Purple] Teams in Cyber Defence · 56d ago Cve apis for a database cybersecurity · 56d ago Empresas de Cyberseguridad en Mexico (Reacciones) cybersecurity · 56d ago Joined a new company: GRC landscape advice cybersecurity · 56d ago Removing admin rights cybersecurity · 56d ago a leak from "the gentleman" ransomware group confirms Infostealers were often used to establish initial access cybersecurity · 56d ago A stealth approach to Process Injection - EntryPoint Hijacking For [Blue|Purple] Teams in Cyber Defence · 56d ago A stealth approach to Process Injection - EntryPoint Hijacking Technical Information Security Content & Discussion · 56d ago FamousSparrow's evolved DLL sideloading - execution gated behind the host app's normal control flow cybersecurity · 56d ago Golden years for cyber security about to start? cybersecurity · 56d ago A stealth approach to Process Injection - EntryPoint Hijacking cybersecurity · 56d ago Detecting CopyFail and DirtyFrag by thinking outside the box cybersecurity · 56d ago Daybreak is OpenAI’s answer to the AI arms race in cybersecurity CyberScoop · 56d ago Adaptive Behavioral Identity: A Human‑First Model for Symbiotic Security cybersecurity · 56d ago The Board Is Asking The Wrong Security Question Cyber Defense Magazine · 56d ago LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly darkreading · 56d ago China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm darkreading · 56d ago Career advice cybersecurity · 56d ago LW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push back The Last Watchdog · 56d ago A year of Apple Security Bounty research — 16 closed findings, full disclosure Technical Information Security Content & Discussion · 56d ago [Tool] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible) Malware Analysis & Reports · 56d ago The exponential rise of economic damage caused by cyber-crime continues cybersecurity · 56d ago [Claude Code] Android Reverse engineering Skill being updated with tracker/AD neutralization features Reverse Engineering · 56d ago Today's cybersecurity systems are not ready for AI cybersecurity · 56d ago Are certifications worth it, or do practical skills matter more? cybersecurity · 56d ago [Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible) cybersecurity · 56d ago [Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible) For [Blue|Purple] Teams in Cyber Defence · 56d ago Claude Mythos technical breakdown: CVE-2026-4747 ROP chain, OpenBSD SACK integer overflow, Linux 1-bit OOB-to-root, and what AISLE's reproductions actually showed cybersecurity · 56d ago Apple Supplier Foxconn in Taiwan Confirms Cyberattack After Ransomware Gang Claims 8TB Data Theft cybersecurity · 56d ago What to do after security+ cybersecurity · 56d ago AI-Generated Fake Marketplaces Are Poisoning Search Results and Stealing Card Data cybersecurity · 56d ago AI-Coded App Vulnerability Checklist - 33 LLM-specific items with detection methods Technical Information Security Content & Discussion · 56d ago LAN-LOK: Living as a sysadmin at an isolated Antarctic research station in the early 90s [DOS game -- would like to collab to reverse engineer] Reverse Engineering · 56d ago Service Principal Sign-Ins: A blind spot that a lot are missing For [Blue|Purple] Teams in Cyber Defence · 56d ago Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub cybersecurity · 56d ago Is it realistic to move from Tech Risk/GRC into technical cybersecurity? cybersecurity · 56d ago My Analysis of a Bandook RAT PCAP For [Blue|Purple] Teams in Cyber Defence · 56d ago Are IPhone autofill passwords safe to use? cybersecurity · 56d ago Access approvals happen over Slack dm and I don't know how to present that to an auditor cybersecurity · 56d ago 🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline cybersecurity · 56d ago China is going dark to develop its own Mythos, German cyber chief fears cybersecurity · 56d ago Is prompt injection a real problem for you? cybersecurity · 56d ago New Exim BDAT bug shows why “just patch the mail server” is still not simple cybersecurity · 56d ago Microsoft France's legal affairs director told the French Senate, under oath, that he can't guarantee European "sovereign cloud" data stays out of US reach cybersecurity · 56d ago Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign For [Blue|Purple] Teams in Cyber Defence · 56d ago Cybersecurity guide cybersecurity · 56d ago [Conseil Orientation] LP ASUR (ANSSI) après une L3 Générale pour viser un Master Cyber ? cybersecurity · 56d ago How you guys rate Google Cyber security course and certificate out of 10 !? cybersecurity · 56d ago Detection Rule is here For [Blue|Purple] Teams in Cyber Defence · 56d ago Cyebrsecurity Startup Advice cybersecurity · 56d ago Can anyone give a real world based AI based attack? cybersecurity · 56d ago r2garlic - The world's fastest Android/DEX decompiler meets radare2! Reverse Engineering · 56d ago How worried should we be about AI powered cyberattacks? cybersecurity · 56d ago Built STIS-ICS — an open ICS/OT security learning project cybersecurity · 56d ago Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft Trend Micro Research, News, Perspectives · 56d ago OS scanner that checks repos for traces of the Shai Hulud worm Malware Analysis & Reports · 56d ago OS scanner that checks repos for traces of the Shai Hulud worm cybersecurity · 56d ago Foxconn Ransomware Attack Shows Nothing Is Safe Forever cybersecurity · 56d ago Open-source CLI for testing LLM agents across prompt, tool, and replay boundaries cybersecurity · 56d ago Cellphone IP address spoofing. hacking: security in practice · 56d ago AI Vulnerability Research and the Fuzzer Era Déjà Vu cybersecurity · 56d ago Explorer shows random letter/number filenames before copying my actual files — normal behavior? cybersecurity · 56d ago Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America Proofpoint News Feed · 56d ago ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack CyberScoop · 56d ago Zscaler AI Security Capabilities ? cybersecurity · 56d ago Major world economies spell out key elements of AI ‘ingredients list’ CyberScoop · 56d ago It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight darkreading · 56d ago Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical CyberScoop · 56d ago Cybersecurity degree cybersecurity · 56d ago Owning a service principal equals owning its permissions. For [Blue|Purple] Teams in Cyber Defence · 56d ago Disgruntled researcher who dropped BlueHammer and RedSun drops two new Windows 11 zero-days: A Bitlocker bypass, nicknamed YellowKey, and LPE, nicknamed GreenPlasma cybersecurity · 56d ago Cyber security cybersecurity · 56d ago New York Senate takes on junk fees, digital subscriptions, surveillance pricing cybersecurity · 56d ago Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection For [Blue|Purple] Teams in Cyber Defence · 56d ago Mini Shai-Hulud Supply-Chain Worm Compromises npm and PyPI Packages, Including TanStack, Mistral, Lightning, and Guardrails AI Malware Analysis & Reports · 56d ago CPU OP Cache Corruption - AMD has identified a vulnerability in the CPU operation (op/µop) cache on Zen 2‑based products that can cause incorrect instructions to be executed at a higher privilege level. For [Blue|Purple] Teams in Cyber Defence · 56d ago Cybersecurity statistics of the week (May 4th - May 10th) cybersecurity · 56d ago Feels like AI changed the speed of attacks more than most companies want to admit cybersecurity · 56d ago Anyone used Kasm or ReplicaCyber? cybersecurity · 56d ago Škoda warns of customer data breach after online shop hack cybersecurity · 56d ago Google launches new Android security feature to help uncover spyware attacks cybersecurity · 56d ago Fancy Bear: Stealing Credentials Invisibly cybersecurity · 56d ago Nightmare Eclipse has published Greenplasma and YellowKey cybersecurity · 56d ago Copilot Agent cybersecurity · 56d ago A Quick Way to Prove Your Cybersecurity Skillset! The Cyber Mentor · 56d ago Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim Technical Information Security Content & Discussion · 56d ago The Algorithm Goes to War: Inside the AI Cyberweapon Revolution That Governments Cannot Stop Technical Information Security Content & Discussion · 56d ago What SANS cert I should consider acquiring (from my job)? Most useful ones or one that goes across many roles? cybersecurity · 56d ago GitHub - iss4cf0ng/OpenBootloader: A Proof-of-Concept of simple bootloader, written in Assembly (NASM) and C language. Reverse Engineering · 57d ago Google and Amnesty International teamed up to make it harder for spyware vendors to hide CyberScoop · 57d ago Career Advice cybersecurity · 57d ago Malicious Coding Agent Skills and the Risk of Dynamic Context | Datadog Security Labs Technical Information Security Content & Discussion · 57d ago AI Vulnerability Research and the Fuzzer Era Déjà Vu Technical Information Security Content & Discussion · 57d ago AI+DFIR Challenge: Share Your Disasters and Successes For [Blue|Purple] Teams in Cyber Defence · 57d ago Anyone else exhausted by the nonstop AI hype? cybersecurity · 57d ago Reviewing the trends in ransomware attacks in 2026 cybersecurity · 57d ago FIRESIDE CHAT: Cyber insurers deepen SMB security role as supply chain attacks spread The Last Watchdog · 57d ago Sorry if its the wrong place but hacking: security in practice · 57d ago Is It a Good Idea to Change Jobs Shortly After Getting Hired? cybersecurity · 57d ago SSO makes life easier but MFA keeps it safe, do we actually need both? cybersecurity · 57d ago Hugging Face Packages Weaponized With a Single File Tweak darkreading · 57d ago Didn’t land a Cybersecurity internship—starting IT Support for POS systems. Tips on maximizing my off-hours? cybersecurity · 57d ago Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware For [Blue|Purple] Teams in Cyber Defence · 57d ago How are SOC teams actually deciding what not to investigate anymore? cybersecurity · 57d ago Spam calls on this number he was distrubing a girl idk about this guy but the girl placed an order on blinkit and he started acting that he's not able to find the location so she gave her number on ws and now he's spamming unecessarily cybersecurity · 57d ago Chris Cochran at SANS Institute: AMA about the AI Security Maturity Model we just released. cybersecurity · 57d ago Synthetic Identity Fraud Requires An Equal Focus On Biometrics And Document Verification Cyber Defense Magazine · 57d ago Has anyone tryed this out yet? cybersecurity · 57d ago I spent a weekend trying to get OpenClaw to leak my own personal data and it caught me immediately... Technical Information Security Content & Discussion · 57d ago The frontier model caught my prompt injection but the cheaper fallback didn't (and most devs have no idea which one they're on..) cybersecurity · 57d ago Switching to Cyber cybersecurity · 57d ago 20 Leaders Who Built the CISO Era: 2 Decades of Change darkreading · 57d ago Software Bill of Materials for AI - Minimum Elements All CISA Advisories · 57d ago ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax All CISA Advisories · 57d ago Subnet Solutions PowerSYSTEM Center All CISA Advisories · 57d ago ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities All CISA Advisories · 57d ago ABB AC500 V3 Multiple Vulnerabilities All CISA Advisories · 57d ago ABB Automation Builder Gateway for Windows All CISA Advisories · 57d ago Fuji Electric Tellus All CISA Advisories · 57d ago Nitrogen ransomware group claims Foxconn after Wisconsin plant outage cybersecurity · 57d ago Shai Hulud attack ships signed malicious TanStack, Mistral npm packages cybersecurity · 57d ago Postmortem: TanStack npm supply-chain compromise For [Blue|Purple] Teams in Cyber Defence · 57d ago Using Cape Sandbox for Phishing Analysis cybersecurity · 57d ago Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain darkreading · 57d ago Canvas hack: company pays criminals to delete students' stolen data cybersecurity · 57d ago AI is separating the companies built to scale from the ones built to sell CyberScoop · 57d ago i have 1 year of experience as product security intern. Please let me know if there are any job oppurtunities available for freshers. I have to start earning. cybersecurity · 57d ago AI integrations are quietly creating a new OAuth supply-chain problem cybersecurity · 57d ago Instructure reaches 'agreement' with ShinyHunters to stop data leak cybersecurity · 57d ago UnMapper: a tool that crawls a target, finds its JavaScript, and reconstructs the original source tree from any sourcemaps it ships cybersecurity · 57d ago AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift Heimdal Security Blog · 57d ago Curl lead developer Daniel Stenberg provides insightful feedbacks from Mythos analysis results Technical Information Security Content & Discussion · 57d ago Hardcoded secrets in Git cybersecurity · 57d ago Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages cybersecurity · 57d ago UK water company allowed hackers to lurk undetected for nearly two years, regulator finds cybersecurity · 57d ago New ipTIME Pre-Auth RCE in CWMP cybersecurity · 57d ago New ipTIME Pre-Auth RCE in CWMP Technical Information Security Content & Discussion · 57d ago Postmortem: TanStack npm supply-chain compromise Technical Information Security Content & Discussion · 57d ago Anyone here familiar with the Internet Computer Protocol (ICP) and why TeamPCP would choose to use it? hacking: security in practice · 57d ago Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak cybersecurity · 57d ago Steam spear phishing Malware Analysis & Reports · 57d ago Fake linked in sponsored google search Malware Analysis & Reports · 57d ago Is my phone hacked? cybersecurity · 57d ago Switched to a grc role after a year in SOC L1 cybersecurity · 57d ago bits from the release team - Aided by the efforts of the Reproducible Builds project, we've decided it's time to say that Debian must ship reproducible packages For [Blue|Purple] Teams in Cyber Defence · 57d ago rxrpc_privesc: RxRPC privesc PoC without fcrypt() restrictions For [Blue|Purple] Teams in Cyber Defence · 57d ago Detecting Remote Thread Creation with Windows Driver For [Blue|Purple] Teams in Cyber Defence · 57d ago Mythos finds a curl vulnerability For [Blue|Purple] Teams in Cyber Defence · 57d ago Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - some leaps pending technical details For [Blue|Purple] Teams in Cyber Defence · 57d ago Reverse Engineering a Multi Stage File Format Steganography Chain of the TeamPCP Telnyx Campaign For [Blue|Purple] Teams in Cyber Defence · 57d ago Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment For [Blue|Purple] Teams in Cyber Defence · 57d ago esp32-c5-deauth: A deauth with nuker for 2.4Ghz and 5Ghz controlled by BLE with Android app For [Blue|Purple] Teams in Cyber Defence · 57d ago Forecasting Lazarus Crypto Heists cybersecurity · 57d ago LOLRMM Publishers - PR merges 182 new code signing certificates and adds important safety warnings to entries containing certificates from major software vendors. For [Blue|Purple] Teams in Cyber Defence · 57d ago How Cloudflare responded to the “Copy Fail” Linux vulnerability For [Blue|Purple] Teams in Cyber Defence · 57d ago Infrastructure Security Incident Update & FAQs cybersecurity · 57d ago I analyzed 196k+ Sysmon events and found APT29 staging malware in Temp. Here is my detection logic. For [Blue|Purple] Teams in Cyber Defence · 57d ago LUKSbox: Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots. For [Blue|Purple] Teams in Cyber Defence · 57d ago Mini Shai-Hulud npm worm compromises 160+ packages, abuses GitHub Actions cache + Trusted Publishing. Full list of compromised packages cybersecurity · 57d ago In Depth Guide To VM Based Obfuscation - What it is and how to handle it. cybersecurity · 57d ago Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective cybersecurity · 57d ago Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective Reverse Engineering · 57d ago Transitioned to GRC cybersecurity · 57d ago Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages cybersecurity · 57d ago Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages Malware Analysis & Reports · 57d ago German cybersecurity official warns China is close to developing AI superhacker cybersecurity · 57d ago How do Fortune 10 SOCs handle incident response with 15 people instead of 150? Energy-Based Models. Technical Information Security Content & Discussion · 57d ago New Shai-Hulud npm worm variant Malware Analysis & Reports · 57d ago New Shai-Hulud npm worm variant For [Blue|Purple] Teams in Cyber Defence · 57d ago Google Detects First AI-Generated Zero-Day Exploit cybersecurity · 57d ago “DCSA agent” calling IT Help Desk to be transferred to employees they are investigating for a clearance cybersecurity · 57d ago Instructure/ canvas paid the ransom? cybersecurity · 57d ago Instructure claims hackers returned stolen Canvas data after an extortion standoff CyberScoop · 57d ago OpenAI announces Daybreak, "frontier AI for defenders" Technical Information Security Content & Discussion · 57d ago Troca emprego - big para consultoria ou fintech - Pentester/Red Team cybersecurity · 57d ago Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation hacking: security in practice · 57d ago Finally, texts between Android and iPhone users can be end-to-end encrypted cybersecurity · 57d ago Official CheckMarx Jenkins package compromised with infostealer cybersecurity · 57d ago IMF warns of the potential for AI attacks on global financial systems cybersecurity · 57d ago 🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline cybersecurity · 57d ago GhostLock: SMB Deny-Share Handles as a Zero-Privilege Availability Weapon Technical Information Security Content & Discussion · 57d ago Cookie thieves caught stealing dev secrets via fake Claude Code installers cybersecurity · 57d ago Pwn2Own 2026 Capacity Overflow, Hackers Drop 0-Days Solo cybersecurity · 57d ago Innovator Spotlight: Iru Cyber Defense Magazine · 57d ago MS Defender on OT Network cybersecurity · 57d ago A fateful question cybersecurity · 57d ago EtwWatcher For [Blue|Purple] Teams in Cyber Defence · 57d ago SC-900 or SC-400 cybersecurity · 57d ago What are your security non-negotiables? cybersecurity · 57d ago Losing my path cybersecurity · 57d ago Axon-captcha cybersecurity · 57d ago What makes companies trust small cybersecurity vendors? cybersecurity · 57d ago Donuts and Beagles: Fake Claude site spreads backdoor For [Blue|Purple] Teams in Cyber Defence · 57d ago Hathor Wallet Daemon (headless) Has Fail-Open Auth – Notified via Immunefi but Closed as “User Responsibility” cybersecurity · 57d ago TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack cybersecurity · 57d ago Innovator Spotlight: Axonius Cyber Defense Magazine · 57d ago News Alert: Lyrie.ai joins Anthropic verification program, unveils protocol for securing AI agents The Last Watchdog · 57d ago New and improved: Agent governance, intelligent workflows, and connected app experiences Microsoft 365 Blog · 57d ago Foxconn Wisconsin breach reportedly linked to Nitrogen ransomware, 8TB data theft claim cybersecurity · 58d ago How I Defeat Passkeys Nearly Every Time in Phishing Assessments Technical Information Security Content & Discussion · 58d ago These Extensions are Scraping Your AI Chats, are you affected? cybersecurity · 58d ago Reverse Engineering Fisher-Price Pixter Reverse Engineering · 58d ago Be careful with your Git: Investigating malware spreading through Git repositories cybersecurity · 58d ago Training and Phishing cybersecurity · 58d ago Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation cybersecurity · 58d ago AI-powered hacking has exploded into industrial-scale threat, Google says cybersecurity · 58d ago Apple closed my bug report 4 times. MITRE wouldn't let it die. cybersecurity · 58d ago NASA Investigators Expose a Chinese National Phishing for Defense Software - NASA OIG cybersecurity · 58d ago Fine of nearly £1m issued against South Staffordshire Plc and South Staffordshire Water Plc following major cyber attack and data breach For [Blue|Purple] Teams in Cyber Defence · 58d ago CHERIoT-Ibex: Closing the door on memory safety vulnerabilities with hardware-enforced protection For [Blue|Purple] Teams in Cyber Defence · 58d ago looking for "evil" Websites Malware Analysis & Reports · 58d ago Google spotted an AI-developed zero-day before attackers could use it cybersecurity · 58d ago Security In The AI Era: Why Compliance, Infrastructure, And Platform Security Must Converge Cyber Defense Magazine · 58d ago Google spotted an AI-developed zero-day before attackers could use it CyberScoop · 58d ago The SMB Cybersecurity Gap: Why Small Businesses Are The Fastest-Growing Attack Surface Cyber Defense Magazine · 58d ago Deterministic PE Structural Validation in IOCX v0.7.3 Malware Analysis & Reports · 58d ago beginner doubt cybersecurity · 58d ago The Bug Bounty Roadmap I'd Follow If I Started Over (With AI) NahamSec · 58d ago Is the AI hype helping or killing your bug bounty dreams? #hacking #bugbounty NahamSec · 58d ago where is the location of Files by Google on Android? hacking: security in practice · 58d ago I got my CEH Certification. SO what now? cybersecurity · 58d ago Construction to Cyber PM cybersecurity · 58d ago Deterministic PE Validation for Blue Teams - IOCX v0.7.3 For [Blue|Purple] Teams in Cyber Defence · 58d ago Reading old s4 memory with xgecu t48 hacking: security in practice · 58d ago [ Removed by Reddit ] cybersecurity · 58d ago Something got downloaded on my phone and then dissappeared cybersecurity · 58d ago Bleeding Llama cybersecurity · 58d ago The missing cybersecurity leader in small business CyberScoop · 58d ago Hack a data center? hacking: security in practice · 58d ago Do accountants even care about cybersecurityas much? cybersecurity · 58d ago Where Have All the Complex Windows Malware and Their Analyses Gone? cybersecurity · 58d ago Eyes wide open: How to mitigate the security and privacy risks of smart glasses WeLiveSecurity · 58d ago sl1nk link Malware Analysis & Reports · 58d ago MyAudi app:Security issues in Audi Connected Vehicle experience Technical Information Security Content & Discussion · 58d ago Delving deep into threat detection: My logic for abnormal EventID 7 activity For [Blue|Purple] Teams in Cyber Defence · 58d ago Giving Claude Code Full Control of a Hardware Fault Injection Setup to Bypass Secure Boot Technical Information Security Content & Discussion · 58d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 58d ago Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust cybersecurity · 58d ago Was the reconnaissance in Bugbounty overrated? cybersecurity · 58d ago Cybersecurity beginner building an experimental log analyzer — looking for advice cybersecurity · 58d ago Anyone else worried about AI being a security nightmare? cybersecurity · 58d ago Snyk not working cybersecurity · 58d ago Malicious tenants paid us to abuse our RMM. We blocked them cybersecurity · 58d ago Help reasuring parents with an email parsing tool (i will not promote) cybersecurity · 58d ago Check out my matplotlib of BLE live wire data for Oura ring! Reverse Engineering · 58d ago Positron: DLL injection based runtime JS injection toolkit for Electron(v8) apps on Windows Reverse Engineering · 58d ago NZ announces sanctions on malicious Russian cyber actors, online platforms For [Blue|Purple] Teams in Cyber Defence · 58d ago Update: Ongoing Checkmarx Supply Chain Security Incident For [Blue|Purple] Teams in Cyber Defence · 58d ago DFIR practitioner thinking about starting my own LLC to subcontract IR services to MSPs. Is there actually demand for this? cybersecurity · 58d ago Akamai bypass requires long session in wireshark, reversing header orders etc took me 12 months to develop Reverse Engineering · 58d ago cPanel & WHM Vulnerabilities Patched -DoS, Account Abuse & Security Risks Affect Hosting Servers cybersecurity · 58d ago 5 years as a Level 1 Security Analyst and wanting to transition into consulting cybersecurity · 58d ago How to download a RAT for myself Malware Analysis & Reports · 58d ago GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass cybersecurity · 58d ago New into network pentesting. cybersecurity · 58d ago Is it worth it to switching field to cybersecurity ? cybersecurity · 58d ago Neeed help to get cybersecurity internship. cybersecurity · 58d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 58d ago Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America Trend Micro Research, News, Perspectives · 58d ago Cybersecurity and ADHD cybersecurity · 58d ago Mythos, MOAK, CTEM and the End of CVE Chasing Technical Information Security Content & Discussion · 58d ago Autonomous Vulnerability Hunting with MCP hacking: security in practice · 58d ago Anyone dealt with a VulDB submission rejection? Resubmit or reply? cybersecurity · 58d ago GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass Reverse Engineering · 58d ago Building a Wasm-in-Wasm Virtualizer (with JIT decrypted paged memory) Reverse Engineering · 58d ago Autonomous Vulnerability Hunting with MCP Technical Information Security Content & Discussion · 58d ago GitHub - jesterfoidchopped/akamai-v3-sensor: Request based Akamai sensor bypass for version 3 Reverse Engineering · 58d ago ShinyHunters cashout fingerprint; on-chain trace of the May 2024 AT&T ransom payment, with persistent laundering-service hubs identified through 2025 For [Blue|Purple] Teams in Cyber Defence · 58d ago Unmanaged PowerShell Execution: Hunting Beyond powershell.exe For [Blue|Purple] Teams in Cyber Defence · 58d ago Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign For [Blue|Purple] Teams in Cyber Defence · 58d ago ISO 27001 certification: what auditors actually focus on versus what most teams spend time preparing cybersecurity · 58d ago Static Devirtualization of Themida For [Blue|Purple] Teams in Cyber Defence · 58d ago Now You See Me: AADGraphActivityLogs For [Blue|Purple] Teams in Cyber Defence · 58d ago I have a malware and need help removing it. someone please help me 🙏 cybersecurity · 58d ago [Write-up] CyberDefenders: Wiredive Lab For [Blue|Purple] Teams in Cyber Defence · 58d ago PE Entropy Visualizer with per-block RVA/VA mapping, locate packed payloads and encrypted blobs, then jump straight to them in IDA/Ghidra Reverse Engineering · 58d ago I'm starting to see a growth of apps in my org. I'd love to know how you defend against this/ secure it, and if it's happening to you too? cybersecurity · 58d ago EasySec - Update cybersecurity · 58d ago What is the cybersecurity equivalent of leaving your spare key under the doormat? cybersecurity · 58d ago ShinyHunters / AT&T ransom payment traced on-chain — paper draft, seeking arXiv cs.CR endorsement Technical Information Security Content & Discussion · 58d ago Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak cybersecurity · 59d ago VICE: Cyberwar | Full Season 2 | Blueprint cybersecurity · 59d ago Linux Kernel Killswitch Proposed After Recent Vulnerability Disclosures cybersecurity · 59d ago Email OTP as default (often ONLY) password isn’t the solution cybersecurity · 59d ago page_inject: CVE-2026-31431-killed page-cache exploit — code exec into containers sharing the same image layer For [Blue|Purple] Teams in Cyber Defence · 59d ago Soc analyse cybersecurity · 59d ago AI DNS Resolver hacking: security in practice · 59d ago Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak cybersecurity · 59d ago Fighting Fire With Fire: Future-Proofing The Cybersecurity Workforce With AI Cyber Defense Magazine · 59d ago Price rising cybersecurity · 59d ago Data in Use Protection: How MPC Keeps Inputs Hidden from the Cloud - Stoffel - MPC Made Simple Technical Information Security Content & Discussion · 59d ago JDownloader — Website installer incident (May 2026) For [Blue|Purple] Teams in Cyber Defence · 59d ago AI Can Boost Cyber Defence But Poor Governance and Overreliance May Create New Risks, Warns WEF-KPMG Report cybersecurity · 59d ago Possible security incident against Arup Group cybersecurity · 59d ago Can honeypots be used this way? cybersecurity · 59d ago Is it true that the professionals have the worst setups? hacking: security in practice · 59d ago The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice. Technical Information Security Content & Discussion · 59d ago I think AI just quietly killed the 90-day disclosure window. cybersecurity · 59d ago TCM and Educate 360 are bugged cybersecurity · 59d ago The GNU MP Bignum Library - "We suspect that GMP's extremely tight loops around MULX make the Zen 5 cores use much more power than specified, making cooling solutions inadequate." For [Blue|Purple] Teams in Cyber Defence · 59d ago Got an alert from google what should I do? cybersecurity · 59d ago UK jobs cybersecurity · 59d ago AI in the Breach: How an Adversary Leveraged AI to Target a Water Utility’s OT For [Blue|Purple] Teams in Cyber Defence · 59d ago Need help debugging a school ZIP password-cracking lab setup pleaseeeee🙏 cybersecurity · 59d ago Outrunning SHA256 with Physics Technical Information Security Content & Discussion · 59d ago EventHawk v1.2 -open source Windows EVTX log analysis tool for DFIR (Juggernaut Mode, ATT&CK mapping, Sentinel anomaly engine) For [Blue|Purple] Teams in Cyber Defence · 59d ago Worst company cybersecurity · 59d ago Built a platform that combines phishing detection, encrypted file sharing, and cloud security scanning cybersecurity · 59d ago I made a rat that controls a pc thru telegram but overnight and all the time it sends this. What shall I do? I've already deleted the script from my pc and moved it to cloud based storage hacking: security in practice · 59d ago Msc Cybersecurity - dissertation ideas ( something that can be done in 3 or less months) cybersecurity · 59d ago Innovator Spotlight: Lineaje Cyber Defense Magazine · 59d ago ARGUS: 15 Production-Realistic Vulnerable AI Agent Targets for Red Teaming (Docker + Canary Scoring) cybersecurity · 59d ago App Store Question - Darato Sport / Dofu Sport / Kofu cybersecurity · 59d ago Help! - My Parents Computer is Hacked cybersecurity · 59d ago Refining hacking basics — scaling them aswell hacking: security in practice · 59d ago Ran lumma stealer from a recaptcha scam cybersecurity · 59d ago What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do Trend Micro Research, News, Perspectives · 59d ago Port 5986 question cybersecurity · 59d ago CVE-2026-44843: One Chat Message Steals Your Credentials. Then It Gets Worse! cybersecurity · 59d ago cyber security/ segurança da informação cybersecurity · 59d ago Jenkins honeypot reveals botnet exploiting scriptText to launch DDoS attacks on game servers For [Blue|Purple] Teams in Cyber Defence · 59d ago College student hacks Taiwan high-speed rail line with software defined radios, stopping four trains cybersecurity · 59d ago Help with an Escalating Cyber-Stalker cybersecurity · 59d ago RRW - Rick Roll WiFi cybersecurity · 59d ago Best resources to start learning python for cybersecurity and automation cybersecurity · 59d ago Writing a Naive LLVM-based Devirtualizer For [Blue|Purple] Teams in Cyber Defence · 59d ago Mythos AI is a cybersecurity threat, but it doesn’t rewrite the rules of the game. cybersecurity · 59d ago Memory Poisoning AI Agents via ChromaDB Technical Information Security Content & Discussion · 59d ago Defence in Depth: A Practical Secure Corporate Network Topology Technical Information Security Content & Discussion · 59d ago Where Have All the Complex Windows Malware and Their Analyses Gone? For [Blue|Purple] Teams in Cyber Defence · 59d ago JDownloader site hacked to replace installers with Python RAT malware cybersecurity · 59d ago Technical Analysis of EagleSpy V6.0 (CraxsRAT Rebrand) Distributed Through Odysee and Telegram Technical Information Security Content & Discussion · 59d ago Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More) Technical Information Security Content & Discussion · 59d ago How can I fix my browser remembering what he had open last cybersecurity · 59d ago MS 360 CoPilot issues cybersecurity · 59d ago I run a malware and was wondering if its a rat or rootkit or dangerous stuff and how do i fix my pc (my dad gave ts to me can't lose it) i can give out any specific details cybersecurity · 60d ago ShinyHunters claims 275M records from Canvas LMS breach. 9,000 schools hit. Ransom deadline May 12. cybersecurity · 60d ago eBPF LSM runtime security agent for synchronous file/network denial — looking for technical feedback cybersecurity · 60d ago HackTheBox - Overwatch IppSec · 60d ago I keep seeing "what E8 maturity level should we target?" — here's the practical answer no one tells you cybersecurity · 60d ago AI Agent for Hacking, connects a brain to Kali (open-source & model-agnostic) hacking: security in practice · 60d ago OWASP TOP 10 LLM 2026 Community voting cybersecurity · 60d ago When prompts become shells: RCE vulnerabilities in AI agent frameworks For [Blue|Purple] Teams in Cyber Defence · 60d ago Shift-Happens-Uncovering-to-builtin-command-injection-in-Windows-context-menus: Shift Happens: Uncovering two built-in command injections in Windows context menus For [Blue|Purple] Teams in Cyber Defence · 60d ago MOVEit Automation Critical Security Alert Bulletin – April 2026 – (CVE-2026-4670, CVE-2026-5174) For [Blue|Purple] Teams in Cyber Defence · 60d ago Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor For [Blue|Purple] Teams in Cyber Defence · 60d ago Let's Encrypt Status: Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate. This affects our "tlsserver" and "shortlived" ACME certificate profiles. For [Blue|Purple] Teams in Cyber Defence · 60d ago Second security incident at Instructure (Canvas) cybersecurity · 60d ago Wtf OPEN Ai Malware Analysis & Reports · 60d ago Bridging the Gap Between Vulnerabilities and Working Exploits hacking: security in practice · 60d ago um you guys is my hacker stupid? hacking: security in practice · 60d ago UK Advice Needed - VA+ Training? cybersecurity · 60d ago Gateweb - Secure Web Gateway cybersecurity · 60d ago Those who are in Detection engineering cybersecurity · 60d ago Can someone tell me of a trustable hacker? cybersecurity · 60d ago MSPs, how are you handling AI usage across your customer environments today? cybersecurity · 60d ago Shadow SSDT Hijacking: Achieving Kernel Code Execution via Read-Write cybersecurity · 60d ago How do i protect confidential data from unrestricted AI usage as a bank- what are good tools out there? cybersecurity · 60d ago ecpptv3 Exam in 3–4 Days — cybersecurity · 60d ago Analyse des DNS-Ausfalls vom 5. Mai 2026 - Analysis of the DNS outage of May 5, 2026 For [Blue|Purple] Teams in Cyber Defence · 60d ago Member of Prolific Russian Ransomware Group Sentenced to Prison For [Blue|Purple] Teams in Cyber Defence · 60d ago EasterBunny: advanced espionage artifacts attributed to APT29 For [Blue|Purple] Teams in Cyber Defence · 60d ago AI SECURITY: THE DEFINITIVE GUIDE — PART III | THE FINAL CHAPTER | COMMUNITY CISO SERIES cybersecurity · 60d ago Did CISA helped you land a job ? cybersecurity · 60d ago Tracking the "Sorry" Extortionist Campaign Against cPanel Websites For [Blue|Purple] Teams in Cyber Defence · 60d ago PositiveIntent: Evasive loader for .NET Framework assemblies For [Blue|Purple] Teams in Cyber Defence · 60d ago The Accidental C2: Exploring Dev Tunnels for Remote Access For [Blue|Purple] Teams in Cyber Defence · 60d ago Living of the Land - DISM Sandbox Provider Hijack For [Blue|Purple] Teams in Cyber Defence · 60d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode For [Blue|Purple] Teams in Cyber Defence · 60d ago CTO at NCSC Summary: week ending May 10th cybersecurity · 60d ago CTO at NCSC Summary: week ending May 10th For [Blue|Purple] Teams in Cyber Defence · 60d ago ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure For [Blue|Purple] Teams in Cyber Defence · 60d ago PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale For [Blue|Purple] Teams in Cyber Defence · 60d ago Copy_Fail2-Electric_Boogaloo: Copy Fail 2: Electric Boogaloo For [Blue|Purple] Teams in Cyber Defence · 60d ago pre pre junior needs help(guidance pls) cybersecurity · 60d ago DARWIS Taka - Web vulnerability scanner with Optional AI Validation For [Blue|Purple] Teams in Cyber Defence · 60d ago Trojan malware cybersecurity · 60d ago SANs Courses: How do people get their employers to pay? cybersecurity · 60d ago NIS2 Article 21: turning compliance controls into technical security evidence cybersecurity · 60d ago This GBA Rom is making is having a weird behavior in the Sandbox, why? cybersecurity · 60d ago This GBA ROM makes some weird things in the sanbox, would love to understand why hacking: security in practice · 60d ago Why AI agent governance feels harder than traditional security models cybersecurity · 60d ago Seclens: Role-specific Evaluation of LLM's for security vulnerablity detection Technical Information Security Content & Discussion · 60d ago Confused about what certs are important cybersecurity · 60d ago Would getting Security+ be worthless for me? cybersecurity · 60d ago [Update] QSLCL v2.0.2 - Universal SoC Framework with Encryption (A12-A17+, Qualcomm, MediaTek, Unisoc) Reverse Engineering · 60d ago Submit probe test — shadow DOM click cybersecurity · 60d ago Threat intelligence in OT (Power equipments) cybersecurity · 60d ago Why was he banned? hacking: security in practice · 60d ago Securing CI/CD for an open source project: lessons from Cilium Technical Information Security Content & Discussion · 60d ago LAB Setup hacking: security in practice · 60d ago SunnyDayBPF: eBPF telemetry integrity research for detection engineering For [Blue|Purple] Teams in Cyber Defence · 60d ago Ethical malware development community hacking: security in practice · 60d ago SOC Analyst cybersecurity · 60d ago PAWs, PAM and PIM..what is best practice? cybersecurity · 60d ago This is the most in-depth analysis I have found on the Instructure/Canvas breach so far. cybersecurity · 60d ago Poland says hackers breached water treatment plants, and the U.S. is facing the same threat cybersecurity · 60d ago Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments CyberScoop · 60d ago Has Instructure paid SH? hacking: security in practice · 61d ago Millions of students are locked out. Canvas is down. And the notorious hacker group ShinyHunters has given Instructure a terrifying ultimatum: Pay the ransom by May 12, 2026, or the private data of potentially millions of users will be leaked to the dark web. cybersecurity · 61d ago Quacc++: Automated Open Source Vulnerability Discovery cybersecurity · 61d ago Guys, this Canvas thing, this whole thing, ALL OF THIS… it’s all about me. hacking: security in practice · 61d ago 60% of MD5 password hashes are crackable in under an hour cybersecurity · 61d ago Built a correlation engine that chains AD findings into attack paths automatically. cybersecurity · 61d ago New trends (not mainstream) hacking: security in practice · 61d ago Ghidra-SNES: A Ghidra extension for reverse engineering SNES ROMs (first public release, feedback welcome!) Reverse Engineering · 61d ago Dirty Frag in Kubernetes: unset seccomp behaved like Unconfined in our EKS/GKE tests cybersecurity · 61d ago ShinyHunters claims nearly 9,000 schools affected by Canvas data breach CyberScoop · 61d ago Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI CyberScoop · 61d ago Why Vulnerability Scanning Is Not Penetration Testing, And Why Cisos Should Care Cyber Defense Magazine · 61d ago JDownloader's official website delivered Python RAT cybersecurity · 61d ago JDownloader's official website delivered Python RAT Malware Analysis & Reports · 61d ago Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854) cybersecurity · 61d ago ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12. cybersecurity · 61d ago ShinyHunters breached Canvas/Instructure — 275M student records stolen from 8,809 schools, ransom deadline May 12 Technical Information Security Content & Discussion · 61d ago Note taking apps and advice cybersecurity · 61d ago Best tools to find exposed web services by HTML title / HTTP response? hacking: security in practice · 61d ago IMF Warns AI Could Trigger Global Financial Cyber Crisis cybersecurity · 61d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 61d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 61d ago New Linux 'Dirty Frag' zero-day gives root on all major distros cybersecurity · 61d ago Reverse-engineered DaVinci Resolve's activation check with Claude — Frida runtime tracing + radare2 Reverse Engineering · 61d ago Is the ISC2 Cybersecurity program still worth it? cybersecurity · 61d ago Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama For [Blue|Purple] Teams in Cyber Defence · 61d ago Canvas getting hit during finals week shows how fragile “critical SaaS” has become cybersecurity · 61d ago Are websites exposed to the internet under attack almost every hour, even if they're small? cybersecurity · 61d ago Needle crypto-stealer C2 analysis: API key embedded in plain text inside the Rust malware unlocked 1,932 victims and the operator's withdrawal config Technical Information Security Content & Discussion · 61d ago Massive Cyber Attack Exposes Millions 🚨 || starting my cybersecurity jou... For [Blue|Purple] Teams in Cyber Defence · 61d ago Devastating 'Dirty Frag' exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken cybersecurity · 61d ago What the **** is happening in cybersecurity space ? cybersecurity · 61d ago Canvas is back up, but now what? cybersecurity · 61d ago Copy Fail (CVE-2026-31431): A Technical Deep Dive Technical Information Security Content & Discussion · 61d ago Why wouldn’t the hackers already have our passwords if they infiltrated canvas potentially weeks ago? hacking: security in practice · 61d ago AI Agents Have a Security Problem. IronClaw is Fixing It. hacking: security in practice · 61d ago Instagram is getting rid of end to end encryption, what now? cybersecurity · 61d ago Student Arrested in Taiwan for using SDR and Handheld Radios to Halt Four High Speed Trains with TETRA Hack For [Blue|Purple] Teams in Cyber Defence · 61d ago Dirty Frag: Universal Linux LPE For [Blue|Purple] Teams in Cyber Defence · 61d ago Ivanti: We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication. For [Blue|Purple] Teams in Cyber Defence · 61d ago Two U.S. Nationals Sentenced for Facilitating Fraudulent Remote Information Technology Worker Schemes to Generate Revenue for the Democratic People’s Republic of Korea For [Blue|Purple] Teams in Cyber Defence · 61d ago New “Dirty Frag” Linux Kernel Vulnerability Could Lead to Root Escalation cybersecurity · 61d ago Reported a Broken Access Control bug to Instructure via bugcrowd 11 months ago, and also sent directly to canvas and instructure since I didn’t really care about the bounty. It was deemed "not applicable". cybersecurity · 61d ago Did I fu by opening an (archived) Onion .txt link posted by the cybercriminal group? cybersecurity · 61d ago SASS King Part 2: reverse-engineering ptxas heuristic decisions and what the compiled binary actually reveals Reverse Engineering · 61d ago Cushman and Wakefield confirms cyberattack cybersecurity · 61d ago Egnyte potential ransomware attack cybersecurity · 61d ago So canvas is down, what'll happen if they can't come to an argreement? cybersecurity · 61d ago Canvas (used by 275M students) was just hacked. Here's exactly what was stolen and what you need to do right now. cybersecurity · 61d ago I just released a C++ rewrite of **Minecraft rd-20090515** (May 15, 2009 — one of the earliest pre-Classic versions).If you find it interesting, a ⭐ on GitHub would mean a lot and help the project grow! Reverse Engineering · 61d ago /Why/ is Shinyhunters targeting Canvas? cybersecurity · 61d ago Canvas Hack - Any Guesses How? cybersecurity · 61d ago Should I build a virtual or physical lab? cybersecurity · 61d ago Instructure (Canvas) Breached by Shiny Hunters — 275M Records from ~9,000 Schools/Universities, Ransom Deadline May 12 cybersecurity · 61d ago Engineering a Zero-Trust Kubernetes SIEM: Bypassing NAT Blindness with eBPF, TC, and Suricata cybersecurity · 61d ago Audit/Cybersecurity cybersecurity · 61d ago Issues removing Trellix (and specifically solidifier) cybersecurity · 61d ago Pentagon eyes 3-year cyber training requirement, overriding new Army policy cybersecurity · 61d ago A hacker ran me over with a robot lawn mower - The Verge hacking: security in practice · 61d ago Revealed: Russia’s top secret spy school teaching hacking and election meddling | Russia For [Blue|Purple] Teams in Cyber Defence · 61d ago How much personal info will be leaked by the recent Canvas hack?? cybersecurity · 61d ago OceanLotus suspected of distributing ZiChatBot malware via wheel packages in PyPI For [Blue|Purple] Teams in Cyber Defence · 61d ago Dirty Frag and canvas cybersecurity · 61d ago Hackers deface school login pages after claiming another Instructure hack cybersecurity · 61d ago Happened today hacking: security in practice · 61d ago Ivanti customers confront yet another actively exploited zero-day CyberScoop · 61d ago Did I destroy my career by being loyal to an arguably good company? cybersecurity · 61d ago Kernel LPE Vulnerability Published Early Due To Third-Party Breaking Embargo Technical Information Security Content & Discussion · 61d ago V4bel/dirtyfrag - Universal Linux Local Privilege Escalation cybersecurity · 61d ago Searching for bulletproof detections in cPanel Land: Hunting for CVE-2026-41940: Building Detections for the exploit, not the PoC For [Blue|Purple] Teams in Cyber Defence · 61d ago What is CYBERRANT? cybersecurity · 61d ago Canvas is down as ShinyHunters hack forces outage cybersecurity · 61d ago Shinyhunters and Canvas hacking: security in practice · 61d ago New Dirty Frag Linux Bug Emerges in Wake of Copy Fail cybersecurity · 61d ago Heads up: AWS Educate Canvas login page may be compromised. Saw what looks like a ShinyHunters defacement page today. cybersecurity · 61d ago How is GRC work in a MSSP? cybersecurity · 61d ago SH and BF phishing console cybersecurity · 61d ago Trump officials are steering a cybersecurity scholarship program toward AI CyberScoop · 61d ago Finally switching over from Authy 2FA. What is the better alternative, 2FAS or Ente Auth? cybersecurity · 61d ago Dirty Frag - Linux LPE similiar to Copy Fail Technical Information Security Content & Discussion · 61d ago Socure authenticating AI identity as real. cybersecurity · 61d ago The first FREE online WebAssembly Reverse Engineering workbench (and how we built it) Reverse Engineering · 61d ago Automated SSL Certificate Renewals - What is your setup? cybersecurity · 61d ago Shinyhunters and Canvas cybersecurity · 61d ago What Cli execution do you use for a script file? cybersecurity · 61d ago Fiserv security incident - data breach notice cybersecurity · 61d ago Linux attacks seem to be shifting from “servers” to DevOps and supply chain environments cybersecurity · 61d ago Honey Tokens: Bait Credentials That Catch Breaches Technical Information Security Content & Discussion · 61d ago I graduate next year with a Cybersecurity degree. cybersecurity · 62d ago An unknown malware threat. There is no such thing as a 100% detection. Malware Analysis & Reports · 62d ago Asking about Cortex cybersecurity · 62d ago CVE-2026-42511 Breakdown: RCE in FreeBSD Technical Information Security Content & Discussion · 62d ago Apache Caldera cybersecurity · 62d ago What’s the “unsexy” problem in cyber that’s actually a total disaster? cybersecurity · 62d ago Critical vm2 Sandbox Escape Vulnerabilities Expose Node.js Apps to Full Host RCE cybersecurity · 62d ago As a developer, should I use AI to improve security? cybersecurity · 62d ago My company has an MSP that manages our employee endpoints but we cant access the software they use to manage cybersecurity · 62d ago Bypassing Bitlocker under 5 min using downgrade attack on CVE-2025-48804 Technical Information Security Content & Discussion · 62d ago Americans sentenced for running 'laptop farms' for North Korea cybersecurity · 62d ago Is my laptop hijacked ? cybersecurity · 62d ago American duo sentenced for hosting laptop farms for North Korean IT workers CyberScoop · 62d ago claude ai gave security beta to Enterprise plans only what can we do as pentesters? cybersecurity · 62d ago Massive .de DNSSEC Failure Took Large Parts of Germany’s Web Offline cybersecurity · 62d ago Advice for path to land job SOC in France cybersecurity · 62d ago Bouncing Back from Cyberattacks: How Fast Recovery Is Mastered Cyber Defense Magazine · 62d ago Possible Major Vulnerability: Chromium used by current version of PRTG cybersecurity · 62d ago Mythos AI may be a cybersecurity threat, but it follows the rules of the game cybersecurity · 62d ago When AI Stops Assisting And Starts Discovering: What Claude Mythos Preview Means For Cybersecurity Cyber Defense Magazine · 62d ago Control Checks using AI. cybersecurity · 62d ago How do native password managers clear the clipboard? cybersecurity · 62d ago VLC Media Player MKV Exploit Analysis Reverse Engineering · 62d ago Graduating CS Student but Wanna Start my Career in Cybersecurity cybersecurity · 62d ago An AI security auditor that red-teams PRs to find exploits, not just patterns (open-source + Ollama support) Technical Information Security Content & Discussion · 62d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 62d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 62d ago MAXHUB Pivot Client Application All CISA Advisories · 62d ago Approve Once, Exploit Forever: The Trust Persistence Problem in Claude Code, Codex and Gemini-CLI Technical Information Security Content & Discussion · 62d ago Claude-Themed Malware Campaigns cybersecurity · 62d ago DeepFake it till you make it. cybersecurity · 62d ago The 12 ways AI agents fail in production. A taxonomy for security teams reviewing agent deployments cybersecurity · 62d ago What niche in cybersecurity should I go for, with my background in Angular & .NET ? cybersecurity · 62d ago Successor for Kaspersky Endpoint Security cybersecurity · 62d ago One House Democrat is pressing Commerce on the government’s spyware use CyberScoop · 62d ago Fake call logs, real payments: How CallPhantom tricks Android users WeLiveSecurity · 62d ago Detecting BEC Persistence with KQL For [Blue|Purple] Teams in Cyber Defence · 62d ago Modify md5sum of a file hacking: security in practice · 62d ago Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago cybersecurity · 62d ago SOC Analyst tier 1 (Entry Level) ?? cybersecurity · 62d ago Unpacking Russian-Iranian Private-Sector Cyber Connections For [Blue|Purple] Teams in Cyber Defence · 62d ago Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this. cybersecurity · 62d ago Made cybersecurity merch as an infosec practitioner — honest feedback welcome cybersecurity · 62d ago Fixing the password problem is as easy as 123456 WeLiveSecurity · 62d ago As AI agents become users of company data - what is needed to keep data secure? cybersecurity · 62d ago Wrote an extremely detailed 11-article series on attacking and defending APIs - top 10 vulnerabilities. cybersecurity · 62d ago AI inference is quietly becoming a security problem cybersecurity · 62d ago is winrar 7.13 vulnerable to extraction exploits? cybersecurity · 62d ago Tried explaining internet encryption in a beginner-friendly but accurate way, feedback? cybersecurity · 62d ago Is the EC-Council CTIA Certification Worth It for Career Growth? cybersecurity · 62d ago POC Android vuln 2026 cybersecurity · 62d ago Credential caching is an unsolved architectural tradeoff, and we should stop pretending otherwise cybersecurity · 62d ago Opinions on Mimecast cybersecurity · 62d ago Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution For [Blue|Purple] Teams in Cyber Defence · 62d ago What's going on in the field of Cybersecurity 🫣. cybersecurity · 62d ago How do teams preserve institutional pentest knowledge when senior testers leave? cybersecurity · 62d ago CVE-2026-32710 MariaDB JSON_SCHEMA_VALID heap buffer overflow leading to RCE cybersecurity · 62d ago Sophos NDR on Proxmox cybersecurity · 62d ago Most of the antivirus websites redirect to microsoft defender website. I can’t access their websites Malware Analysis & Reports · 62d ago Quacc++: Automated Open Source Vulnerability Discovery Technical Information Security Content & Discussion · 62d ago A DOD contractor’s API flaw exposed military course data and service member records CyberScoop · 62d ago On today's earnings call, IONQ just said they expect to meet Q-Day requirements by 2028-2029. cybersecurity · 62d ago DOJ says ransomware gang tapped into Russian government databases cybersecurity · 62d ago DAEMON Tools devs confirm breach, release malware-free version cybersecurity · 62d ago Have there been instances where your SOC has suffered a cybersecurity attack? cybersecurity · 62d ago OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk For [Blue|Purple] Teams in Cyber Defence · 62d ago Inadvertent Injections For [Blue|Purple] Teams in Cyber Defence · 62d ago A critical Palo Alto PAN-OS zero-day is being exploited in the wild CyberScoop · 62d ago OpenCTI founder, Samuel Hassine, arrested and charged for buying child porn / CSAM hacking: security in practice · 62d ago OpenCTI founder, Samuel Hassine, arrested and charged with CSAM cybersecurity · 62d ago Deepfake Platform cybersecurity · 62d ago Innovators Spotlight: Badge (Part II) Cyber Defense Magazine · 62d ago Trellix Licence Query cybersecurity · 62d ago CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal For [Blue|Purple] Teams in Cyber Defence · 62d ago Getting this Trojans while open Cherax Loader: Malgent!MSR /Phonzy.A!ML Malware Analysis & Reports · 62d ago Instructure hacker claims data theft from 8,800 schools, universities cybersecurity · 62d ago Is AI generated code creating a non-linear security problem for AppSec teams? cybersecurity · 63d ago Jailbreaking my cars infotainment system and implementing my own custom software hacking: security in practice · 63d ago Binance fixed the IP whitelist gap — but the disclosure process is still broken Technical Information Security Content & Discussion · 63d ago D.H.S. Intelligence Office Did Not Properly Secure Smartphones, Watchdog Says cybersecurity · 63d ago where is the original wormgpt hacking: security in practice · 63d ago Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities Cisco Security Advisory · 63d ago Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability Cisco Security Advisory · 63d ago Cisco Identity Services Engine Authentication Bypass Vulnerabilities Cisco Security Advisory · 63d ago Cisco Prime Infrastructure Information Disclosure Vulnerability Cisco Security Advisory · 63d ago Cisco Slido Insecure Direct Object Reference Vulnerability Cisco Security Advisory · 63d ago Cisco IoT Field Network Director Vulnerabilities Cisco Security Advisory · 63d ago Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability Cisco Security Advisory · 63d ago Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability Cisco Security Advisory · 63d ago Evaluating Microsoft 365 vs Third‑Party Tools for Email and Endpoint Security cybersecurity · 63d ago Norton Antivirus and Other Norton Software cybersecurity · 63d ago Would you take a promotion to work 100% in office that you’ve been working towards or same pay but work from home? cybersecurity · 63d ago We scanned 200 high-star MCP servers. 205 critical findings. Here are 4 novel attack classes. cybersecurity · 63d ago Download a malware a while ago, someone trying to log into my ios account cybersecurity · 63d ago Are there any chill hacking youtubers? hacking: security in practice · 63d ago Org Restructure cybersecurity · 63d ago Non-Determinism of Maps in Golang: Why, How, and the Consequences Technical Information Security Content & Discussion · 63d ago Does SOC 2 actually reduce questionnaires, or just change them? cybersecurity · 63d ago Google VRP dismissed a systemic Play Store bypass as "Intended Behavior" after 24 internal views cybersecurity · 63d ago How do investigators or cybersecurity researchers correlate online accounts (like Instagram profiles) with IP/network information legally and ethically? cybersecurity · 63d ago pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI Reverse Engineering · 63d ago pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI Technical Information Security Content & Discussion · 63d ago Ran phishing awareness training for 200+ non-tech employees cybersecurity · 63d ago Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware For [Blue|Purple] Teams in Cyber Defence · 63d ago Proprietary Software, Hardware and Protocols Face AI-Driven Security Risk cybersecurity · 63d ago Vulnerability Garden Technical Information Security Content & Discussion · 63d ago Vulnerability Garden cybersecurity · 63d ago Palo Alto Firewall Zero-Day Under Active Exploitation cybersecurity · 63d ago Redefining Security Operations Through Seceon’s Open Threat Management Platform Cyber Defense Magazine · 63d ago Cyber Security Militias cybersecurity · 63d ago Hidden domain dependencies in AI stacks: expired domains, dangling DNS, and takeover risk cybersecurity · 63d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 63d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 63d ago Took me a decade to turn quantum computing into what programmers can easily learn, big announcement hacking: security in practice · 63d ago Lilygo T-Embed Glitching etc hacking: security in practice · 63d ago CyberSecurity Nightmares cybersecurity · 63d ago Can I use NanoKVM if it's just to turn on pc? cybersecurity · 63d ago got listbombed on my waitlist with 1000 fake adresses, i tried to make some security changes maybe i missed something? cybersecurity · 63d ago How to learn tools for cybersecurity? cybersecurity · 63d ago 'CopyFail' attackers start cashing in on Linux flaw cybersecurity · 63d ago Anybodybodybdown for a team/studygroup? cybersecurity · 63d ago Veteran hackers... which era did you prefer hacking in? 🟢 The 1980s 🟣 The 1990s 🔵 The 2000s 🔴 Or today? hacking: security in practice · 63d ago I was hacked due to sim card spoofing cybersecurity · 63d ago Chrome is quietly installing a 4GB AI model on your device cybersecurity · 63d ago Dev vs Security role cybersecurity · 63d ago Discord bot C2 infrastructure Malware Analysis & Reports · 63d ago Iranian-Nexus Operation Against Oman's Government: 12 Ministries Hit and 26,000 Citizen Records Exposed For [Blue|Purple] Teams in Cyber Defence · 63d ago A rigged game: ScarCruft compromises gaming platform in a supply-chain attack For [Blue|Purple] Teams in Cyber Defence · 63d ago UAT-8302 and its box full of malware For [Blue|Purple] Teams in Cyber Defence · 63d ago Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft cybersecurity · 63d ago Oracle Debuts Monthly Critical Security Patch Updates cybersecurity · 63d ago Sec engineer / developer? cybersecurity · 63d ago When doing bug bounty, do you usually immerse yourself in 2 or 3 specific domains (ones where vulnerabilities are likely to exist) and focus all your testing efforts on them? cybersecurity · 63d ago Are we actually seeing more vulnerabilities or just more noise? cybersecurity · 63d ago Cybersecurity jobs in red team cybersecurity · 63d ago Question cybersecurity · 63d ago What’s the biggest mistake people make even after installing antivirus? cybersecurity · 63d ago CVE-2026-0073 Android adbd TLS client-authentication bypass For [Blue|Purple] Teams in Cyber Defence · 63d ago One KQL query you should have saved in your toolkit (most don’t) For [Blue|Purple] Teams in Cyber Defence · 63d ago New dashboard tracks ransomware groups by their reliance on Infostealer credentials cybersecurity · 63d ago ant4g0nist/pyre: Ghidra decompiler in your browser Reverse Engineering · 63d ago CVE-2026-31431 hit KEV after 9 days, what are you using to catch that earlier? For [Blue|Purple] Teams in Cyber Defence · 63d ago Found a possibly interesting live attack hacking: security in practice · 63d ago What would you say if your security lead said this... cybersecurity · 63d ago What would be the goto setup in AWS for security purposes? cybersecurity · 63d ago CREST CRT Exam 2025/2026 Experiences cybersecurity · 63d ago Built a Cowboy Bebop-themed threat hunting lab with Splunk and Sysmon — writeup inside For [Blue|Purple] Teams in Cyber Defence · 63d ago Microsoft Edge stores your passwords in plaintext RAM... on purpose cybersecurity · 63d ago Supporting the National Cyber Strategy: How TrendAI™ Helps Trend Micro Research, News, Perspectives · 63d ago Export/Backup ChatGPT chats hacking: security in practice · 63d ago Como começar? cybersecurity · 63d ago Possible Password Leak? Curious if Anyone Has Seen This Before cybersecurity · 63d ago Resident Evil: Code Veronica X is able to play the opening FMV from the decompiled PS2 source! Reverse Engineering · 63d ago Not a Hack. A Handout. Inside the GTFOice.org Data Exposure cybersecurity · 63d ago Besoin de conseils sur une DMZ automatisée cybersecurity · 63d ago Microsoft, Google and xAI will let the government test their AI models before launch cybersecurity · 63d ago Android ADB Auth Bypass Proof-of-Concept: CVE-2026-0073 cybersecurity · 63d ago HyperVenom: Using Hyper-V for Ring -1 Control from Usermode Reverse Engineering · 63d ago SMB Header Signature for Tagging in Firewall cybersecurity · 63d ago Question regarding VDP cybersecurity · 63d ago Working on what i should do for the next 3 years cybersecurity · 63d ago Question for Security Professionals cybersecurity · 63d ago Do tech companies lifecycle-manage public DNS records to prevent dangling DNS? cybersecurity · 63d ago Vulnerability Summary for the Week of April 27, 2026 cybersecurity · 63d ago Scan. Secure. Simplify. — Free Web Tools Platform Technical Information Security Content & Discussion · 63d ago Cisco releases open-source ‘DNA test for AI models’ cybersecurity · 63d ago Cybersecurity is becoming too AI dependent is that a problem cybersecurity · 63d ago Foxconn Wisconsin outage raises cyber questions cybersecurity · 63d ago How stressful is GRC? cybersecurity · 63d ago News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market The Last Watchdog · 63d ago Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026–7482) Technical Information Security Content & Discussion · 63d ago Salesforce pentesting novel techniques- how to be an apex predator Technical Information Security Content & Discussion · 63d ago Anyone remember areyoufearless.com / “Free Gobo”? Early 2000s hacker forum nostalgia cybersecurity · 63d ago Have CEH certification – looking for free cybersecurity bootcamps or resources to land a job in India cybersecurity · 63d ago Archer for a non-regulated medium sized company? cybersecurity · 63d ago Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities Cisco Security Advisory · 63d ago Cybersecurity statistics of the week (April 27th - May 3rd) cybersecurity · 63d ago Reverse-engineering the 1998 Ultima Online demo server Reverse Engineering · 63d ago Well, I'm wondering about working on a RAG pentesting bot. Comment down the best data source to feed LLM. cybersecurity · 63d ago One-Click Refunds Are Not as Hard as You Think Blog – Forter · 63d ago 🇮🇷 Iranian-Nexus Campaign Against Oman's Government: 12 Ministries, 26,000 Records For [Blue|Purple] Teams in Cyber Defence · 63d ago Where to find reliable vendors? cybersecurity · 63d ago DigiCert: Misissued code signing certificates Technical Information Security Content & Discussion · 63d ago Just got into cybersecurity with no prior experience and feeling intimidated. Thoughts? cybersecurity · 64d ago We wrote a guide on securing Claude across the enterprise — here's the core framework (with download) cybersecurity · 64d ago Over 5 months: Payment bypass marked OOS, moved to VDP, and downgraded to Medium. cybersecurity · 64d ago Hardware reverse enginnering first project. Love some advice cybersecurity · 64d ago Microsoft Edge Stores Passwords in Process Memory, Posing Risk cybersecurity · 64d ago Currently working on cybersecurity, looking for advice cybersecurity · 64d ago Open-source scanner for MCP servers and skill files : attack chain detection and server-card scanning cybersecurity · 64d ago Major AI Clients Shipping With Broken OAuth Implementations Technical Information Security Content & Discussion · 64d ago CISO course valuation cybersecurity · 64d ago Inside Faxanadu series — deep dive into how this NES title works Reverse Engineering · 64d ago EMBA v2.0.1 with interactive firmware dependency map available - Check it out and let us know what you are missing Reverse Engineering · 64d ago Popular DAEMON Tools software compromised For [Blue|Purple] Teams in Cyber Defence · 64d ago A rigged game: ScarCruft compromises gaming platform in a supply-chain attack For [Blue|Purple] Teams in Cyber Defence · 64d ago Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise For [Blue|Purple] Teams in Cyber Defence · 64d ago GRC Path to CISO (Certifications) cybersecurity · 64d ago Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities For [Blue|Purple] Teams in Cyber Defence · 64d ago CISOs and pentest buyers, what's the worst thing you've seen in a pentest report? cybersecurity · 64d ago How to enforce M365 Sign-in frequency on corporate laptops? cybersecurity · 64d ago CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs cybersecurity · 64d ago Built an independent directory of AI Act / AI governance tools, feedback? cybersecurity · 64d ago ScarCruft APT group compromises gaming platform in a supply-chain attack cybersecurity · 64d ago Just curious cybersecurity · 64d ago 'Copy Fail' is a real Linux security crisis wrapped in AI slop cybersecurity · 64d ago Analysis malicious DLL cybersecurity · 64d ago Cyber security free course cybersecurity · 64d ago The Insurance Industry Is Rewriting Cybersecurity Strategy Cyber Defense Magazine · 64d ago Does certification expires? cybersecurity · 64d ago HN Security - Extending Burp Suite for fun and profit – The Montoya way – Part 10 Technical Information Security Content & Discussion · 64d ago IOCX v0.7.1 — robustness update focused on malformed PEs, hostile strings, and static‑analysis hardening Malware Analysis & Reports · 64d ago Panicking Malware Analysis & Reports · 64d ago ABB B&R Automation Studio All CISA Advisories · 64d ago ABB B&R Automation Runtime All CISA Advisories · 64d ago Hitachi Energy PCM600 All CISA Advisories · 64d ago Johnson Controls CEM AC2000 All CISA Advisories · 64d ago ABB B&R PVI All CISA Advisories · 64d ago How the Story of a USB Penetration Test Went Viral darkreading · 64d ago We get paid to break into buildings for a living. Ask us anything! cybersecurity · 64d ago Pay2Key ransomware — any recovery path that’s actually worked? cybersecurity · 64d ago Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison cybersecurity · 64d ago Microsoft just documented an AiTM phishing campaign that hit 35,000 users across 13,000 orgs in 3 days, the lure was a fake "code of conduct review" PDF cybersecurity · 64d ago Ghosts of Encryption Past – How we Read All Your Emails in Salesforce Marketing Cloud Technical Information Security Content & Discussion · 64d ago How have you kept growing your knowledge in security when the job stops pushing you? cybersecurity · 64d ago Supply chain attack: DAEMON Tools Lite now contains a backdoor. Malware Analysis & Reports · 64d ago Accelerating Vulnerability Detection and Response at Oracle For [Blue|Purple] Teams in Cyber Defence · 64d ago The Danger of Multi-SSO AWS Cognito User Pools Technical Information Security Content & Discussion · 64d ago Copilot Cowork: From conversation to action across skills, integrations, and devices Microsoft 365 Blog · 64d ago Microsoft 365 Copilot, human agency, and the opportunity for every organization Microsoft 365 Blog · 64d ago The UK’s Age Verification Law Is Producing Compliance Theater cybersecurity · 64d ago Microsoft Edge: Passwords end up in memory as plaintext cybersecurity · 64d ago Do people still get viruses in 2026, or is that mostly a myth now? cybersecurity · 64d ago Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026 Technical Information Security Content & Discussion · 64d ago Mitigation script for Copy Fail vulnerability CVE-2026-31431 cybersecurity · 64d ago Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026 cybersecurity · 64d ago Is this fake too?🤣 hacking: security in practice · 64d ago Copy.fail: Why Internal LLMs Are Non-Negotiable for Security Reverse Engineering · 64d ago The cPanel Zero-Day Was Active for 64 Days Before Anyone Knew For [Blue|Purple] Teams in Cyber Defence · 64d ago Critical Apache HTTP Server RCE (CVE-2026-23918) - Millions of Servers Potentially Exposed. Patches released cybersecurity · 64d ago A rigged game: ScarCruft compromises gaming platform in a supply-chain attack WeLiveSecurity · 64d ago DigiCert breached via malicious screensaver file cybersecurity · 64d ago I just figured out my dad use to be a Phreaker in the 1980s hacking: security in practice · 64d ago Caido Payloads and Scanner of Endpoints cybersecurity · 64d ago Proton Pass: Second-Password Bypass Through Emergency Access Technical Information Security Content & Discussion · 64d ago What of my favorite videos🙂 hacking: security in practice · 64d ago CISO Security Mind Map 2026 cybersecurity · 64d ago Interview with Chris Kubecka, Cybersecurity Expert, Journalist and Volunteer Rescue Worker cybersecurity · 64d ago Best tools for blocking spam calls and spam links? hacking: security in practice · 64d ago Amazon SES increasingly abused in phishing to evade detection cybersecurity · 64d ago someone else’s UI appearing on screen for split second— possible hacker?? hacking: security in practice · 64d ago AI Security Trainings cybersecurity · 64d ago Ai help cybersecurity · 64d ago ByDesign: observed behavior where file URLs remain accessible after unshare/delete cybersecurity · 64d ago Can Kali Linux still compete in cyber security or is it outdated? cybersecurity · 64d ago We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don't bother Technical Information Security Content & Discussion · 64d ago Avoiding rouge AP detection in enterprise networks hacking: security in practice · 64d ago Who are your favorite cybersecurity YouTubers? cybersecurity · 64d ago CISOs, how are you balancing AI adoption with security risks these days? cybersecurity · 64d ago GIDR: A behavioral intrusion detection system for Windows. Files are innocent until proven guilty at runtime. When malicious behavior is detected, the entire attack chain is traced to root and eliminated. For [Blue|Purple] Teams in Cyber Defence · 64d ago dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025 For [Blue|Purple] Teams in Cyber Defence · 64d ago N-Day Research with AI: Using Ollama and n8n For [Blue|Purple] Teams in Cyber Defence · 64d ago San Diego Community College District fighting major cyberattack cybersecurity · 64d ago GoHPTS (go-http-proxy-to-socks) v1.13.0 - New update with DNS spoofing and filtering hacking: security in practice · 64d ago San Diego Community College District fighting major cyberattack hacking: security in practice · 64d ago After 5 months of mental hell and ghosting, today I finally landed a role. To those struggling: Don't give up cybersecurity · 64d ago Free resource: searchable archive of every BSides conference talk cybersecurity · 64d ago Lightning PyPI Compromise: Bun-Based Stealer cybersecurity · 64d ago Too much mother instinct? cybersecurity · 64d ago InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise Trend Micro Research, News, Perspectives · 64d ago L1 SOC Analyst for ~2 years - Should I still get the Security + Certification? cybersecurity · 64d ago Do CTFs help real world security skills, or just teach patterns? cybersecurity · 64d ago Compré una cuenta rusa en g2a pensando que era una ley, se hizo administradora de mi ordenador, he cambiado todas las contraseñas y estoy haciendo un reset del ordenador pero sigo estando inseguro, muchísimo miedo me atraviesa ahora mismo cybersecurity · 64d ago Should I do Security + or Network + or A+? For CompTia cybersecurity · 64d ago Bug bounty is ruining how people learn exploitation cybersecurity · 64d ago ISO/IEC 27701:2025 Scope and Location cybersecurity · 64d ago Cybersecurity's 2026 Wild Ride cybersecurity · 64d ago We built a free multiplayer game that scores prompts on AI code security. cybersecurity · 64d ago RMM Tools Fuel Stealthy Phishing Campaign darkreading · 64d ago Production Usecases cybersecurity · 64d ago Reverse-engineering Final Fantasy X (PS3) trophy system with Ghidra Reverse Engineering · 64d ago How does vCISO work? cybersecurity · 64d ago Trellix discloses data breach after source code repository hack cybersecurity · 64d ago CyberDefenders SOC L1 Track vs HackTheBox SOC Analyst Path cybersecurity · 64d ago Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability darkreading · 64d ago Trellix confirms source code repo access incident cybersecurity · 64d ago Where do i find reverse engineers for actuators? Ideally in Shenzhen Reverse Engineering · 64d ago Employer Offering to Pay for my Certification test - Which one do I choose? cybersecurity · 64d ago John Strand Pay What You Can Information Security Core Skills live starting May 11th cybersecurity · 64d ago [CrackMe] PyVMP v6 : The Fortress. I dare you to break it (again x2). Reverse Engineering · 64d ago Canvas Breach May Put 275M Users, 9,000 Schools at Risk cybersecurity · 64d ago Is this not such a big deal cybersecurity · 64d ago 38 CVEs in Healthcare Software Used by 100,000 Medical Providers For [Blue|Purple] Teams in Cyber Defence · 64d ago Do email link checkers need to be 100%? cybersecurity · 65d ago Cybersecurity M&A Roundup: 33 Deals Announced in April 2026 cybersecurity · 65d ago Built a PE Malware Analysis Pipeline to Learn Why Most Detection Tools Suck at Correlation Malware Analysis & Reports · 65d ago Recs for pen testing and vulnerability solutions cybersecurity · 65d ago Identify telegram account holders cybersecurity · 65d ago AI Code Security Study: 6 LLMs vs OWASP Top 10 cybersecurity · 65d ago BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers hacking: security in practice · 65d ago Recursively fuzzing MS-RPC structures and monitoring using ETW For [Blue|Purple] Teams in Cyber Defence · 65d ago BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers cybersecurity · 65d ago Iwas developing a hacker game that transports the feeling of the 90s hacking: security in practice · 65d ago We are insider risk researchers focused on agentic AI, endpoint activity, and emerging threats. AMA cybersecurity · 65d ago Azure IaaS: Defense in depth built on secure-by-design principles Security | Microsoft Azure Blog | Microsoft Azure · 65d ago Cortex XDR Cloud Compromise Alerting cybersecurity · 65d ago Norton.com Verification Email out of the blue cybersecurity · 65d ago Atomic Red Team is now aligned with MITRE ATT&CK v19! cybersecurity · 65d ago Claude Security is in beta for Enterprise users — is this a real AppSec shift or just AI wrapper + UX? cybersecurity · 65d ago Who are you guys using for your PCI ASV Scanning? cybersecurity · 65d ago Just passed my Security+ exam. Now what? cybersecurity · 65d ago I am so sick of being hired to do Info Sec work just to do basic IT and Engineering work. cybersecurity · 65d ago Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this. cybersecurity · 65d ago [PoC] Defeating Behavioral Biometric WAFs using "Entropy Cloning" (Local LLMs + OS-Level Injection) cybersecurity · 65d ago Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia darkreading · 65d ago Analysis of CVE-2026-1995: Linking a Privilege Escalation Vulnerability to IP Theft (RCMP #CT-2026-335350) cybersecurity · 65d ago An another open door to IoT devices cybersecurity · 65d ago Ideas on how to have personal google-like account synchronization system cybersecurity · 65d ago Lateral Movement - Cross-Session Activation Technical Information Security Content & Discussion · 65d ago Lateral Movement - Cross-Session Activation cybersecurity · 65d ago How did this guy even access another person's privated YouTube video without wayback machine? hacking: security in practice · 65d ago What MCP servers have actually made it into your day-to-day toolkit? cybersecurity · 65d ago CISA says ‘Copy Fail’ flaw now exploited to root Linux systems hacking: security in practice · 65d ago Cyber Security Education as Self-Defence classes cybersecurity · 65d ago OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk cybersecurity · 65d ago Use.ai cybersecurity · 65d ago Educational tech giant Instructure confirms data breach, ShinyHunters claims attack cybersecurity · 65d ago [WIP] Resolve indirect calls in Binary Ninja with DynamoRIO instrumentation Reverse Engineering · 65d ago CISA says ‘Copy Fail’ flaw now exploited to root Linux systems cybersecurity · 65d ago Securing The AI-Enabled Workforce: The Next Evolution Of Human Risk Management Cyber Defense Magazine · 65d ago Stop Using AI Connectors Until You Watch This NahamSec · 65d ago One ChatGPT connector. One email. Full AI agent hijack. #BugBounty #PromptInjection #ai #hacking NahamSec · 65d ago IPod Nano Gets Three Monitors hacking: security in practice · 65d ago IDA-MCP Is Now RE-MCP With Ghidra Support Reverse Engineering · 65d ago Reverse-engineered the BLE protocol of the LuckPrinter-SDK family of thermal pocket printers (DP-L1S) — Python CLI + Web Bluetooth client + full command reference Reverse Engineering · 65d ago Chrome "Best AdBlocker" trojanized extension - 100k downloads. hacking: security in practice · 65d ago How Dark Reading Lifted Off the Launchpad in 2006 darkreading · 65d ago Browsers making connection on port 3389 from loopback cybersecurity · 65d ago Defender Flagged DigiCert Root Certs as Malware cybersecurity · 65d ago VanGuard — open-source single-binary DFIR toolkit (Velociraptor, Hayabusa, Chainsaw, Loki, YARA) with TUI, air-gap support, and 28 pre-built use cases For [Blue|Purple] Teams in Cyber Defence · 65d ago Another breach just hit Canvas (Instructure), and this one is worth a closer look. cybersecurity · 65d ago Over 40% of UK firms suffered cyber attack last year, survey finds cybersecurity · 65d ago EU should seek access to Anthropic's Mythos, Bundesbank says cybersecurity · 65d ago Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha cybersecurity · 65d ago CVE-2026-31431:我用 DeepSeek 复现了 AI 发现Copy Fail 提权的全过程 - CVE-2026-31431: I used DeepSeek to reproduce the entire process of AI detecting Copy Fail privilege escalation. For [Blue|Purple] Teams in Cyber Defence · 65d ago 《APT高级威胁研究报告》(2026 版)- Advanced Threat Research Report (2026 Edition) For [Blue|Purple] Teams in Cyber Defence · 65d ago nginxpulse: 轻量级 Nginx 访问日志分析与可视化面板,提供实时统计、PV 过滤、IP 归属地与客户端解析。- A lightweight Nginx access log analysis and visualization dashboard, providing real-time statistics, PV filtering, IP geolocation, and client resolution. For [Blue|Purple] Teams in Cyber Defence · 65d ago 蔓灵花组织使用NUITKA打包的python样本进行投递 - The Manlinghua organization used Python samples packaged in NUITKA for delivery. For [Blue|Purple] Teams in Cyber Defence · 65d ago IBM subsidiary managing Italy's PA infrastructure breached and attackers were inside for 2 weeks cybersecurity · 65d ago People in cybersecurity, tell us what was the most epic moment in your career? cybersecurity · 65d ago Prerequisites for CARTP cybersecurity · 65d ago gdrv3.sys - Reverse Engineering a Signed Kernel Driver with 13 Hardware Access Primitives For [Blue|Purple] Teams in Cyber Defence · 65d ago Claude Mythos Cyber Wake Up cybersecurity · 65d ago [ Removed by Reddit ] cybersecurity · 65d ago /r/ReverseEngineering's Weekly Questions Thread Reverse Engineering · 65d ago is trellix from mcafee good to use in 2026? cybersecurity · 65d ago Linux has had a silent root exploit hiding in it since 2017 and it just hit CISA's must-patch list cybersecurity · 65d ago Added new vulnerable samples for IoBitUnlocker, Zemana and TfSysMon For [Blue|Purple] Teams in Cyber Defence · 65d ago AMSI Page Guard Bypass (Rust PoC) For [Blue|Purple] Teams in Cyber Defence · 65d ago Any good open sources that bypass modern heuristic analysis? hacking: security in practice · 65d ago Meet Bluekit: The AI-Powered All-in-One Phishing Kit For [Blue|Purple] Teams in Cyber Defence · 65d ago Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI For [Blue|Purple] Teams in Cyber Defence · 65d ago A hacker group was detained in Lviv Oblast, which hacked game accounts and received almost UAH 10 million in profit from their sale in Russia For [Blue|Purple] Teams in Cyber Defence · 65d ago IRQL - Incident Response Query Language - A collection of Kusto (KQL) functions that unify security logs behind a consistent, analyst-friendly dialect For [Blue|Purple] Teams in Cyber Defence · 65d ago Nuclei template CVE-2026-41940.yaml - cPanel & WHM - Authentication Bypass via Session-File CRLF Injection For [Blue|Purple] Teams in Cyber Defence · 65d ago ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution… For [Blue|Purple] Teams in Cyber Defence · 65d ago Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia For [Blue|Purple] Teams in Cyber Defence · 65d ago [2603.28728] Study of Post Quantum status of Widely Used Protocols For [Blue|Purple] Teams in Cyber Defence · 65d ago Malicious Intercom PHP Package Spreads Mini Shai-Hulud Attack to Packagist via Composer Plugin For [Blue|Purple] Teams in Cyber Defence · 65d ago Free apex hacks? hacking: security in practice · 65d ago Possible supply chain attack on version 2.6.3 · Issue #21689 · Lightning-AI/pytorch-lightning For [Blue|Purple] Teams in Cyber Defence · 65d ago Paypal Accesed by malware me being Stupid cybersecurity · 65d ago How was someone in another country able to read all my private messages without my password or clicking a link? cybersecurity · 65d ago code-needle: A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint. For [Blue|Purple] Teams in Cyber Defence · 65d ago Secure Boot Inventory Data In Configuration Manager For [Blue|Purple] Teams in Cyber Defence · 65d ago EventLogExpert: Can be used as a replacement for Event Viewer to view live event logs. Choose Continuously Update on the View menu and watch new events appear in real time. For [Blue|Purple] Teams in Cyber Defence · 65d ago MicroSMT: IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning. For [Blue|Purple] Teams in Cyber Defence · 65d ago "AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts Technical Information Security Content & Discussion · 65d ago AI-powered honeypots: Turning the tables on malicious AI agents For [Blue|Purple] Teams in Cyber Defence · 65d ago Career Transition Help cybersecurity · 65d ago Alguien para hablar de cyberseguridad cybersecurity · 65d ago copy.golf — golf your exploits - smaller copy.fail exploits.. For [Blue|Purple] Teams in Cyber Defence · 65d ago DragonBreath: Dragon in the Kernel For [Blue|Purple] Teams in Cyber Defence · 65d ago What is this cybersecurity · 65d ago Your vibe-coded app is probably violating GDPR right now Technical Information Security Content & Discussion · 65d ago [SHOWCASE] Cascavel v3 hacking: security in practice · 65d ago Feeling lost and disappointed about finding a job just venting cybersecurity · 65d ago Slow at Learning/Cyber Security? cybersecurity · 65d ago Pokemon machine hacking: security in practice · 65d ago Suspicious traffic from web server cybersecurity · 65d ago Cyber security internship cybersecurity · 65d ago Mentorship Monday - Post All Career, Education and Job questions here! cybersecurity · 65d ago Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities Trend Micro Research, News, Perspectives · 65d ago Isn't Windows Defender a crap anymore? cybersecurity · 65d ago GitHub - 03DSmoothie/minecraft-cpp-versions: Minecraft recoded in C++ (multiple versions) Reverse Engineering · 65d ago Learning Cyber cybersecurity · 65d ago Vishing simulator cybersecurity · 65d ago Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others cybersecurity · 65d ago Worried about being tracked/banned for using an educational app on MuMu Player - Need advice cybersecurity · 65d ago Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks cybersecurity · 65d ago Banking-Style Model Risk Management Is Becoming a Practical Template for AI Governance cybersecurity · 65d ago Prompt Injection in 2026: The Five Attack Patterns That Actually Matter cybersecurity · 65d ago I did a scan on windows bc I accidentally downloaded something weird then removed it and now I keep getting Trojan:Win32/Cerdigent.Alpha even after I quarantine cybersecurity · 65d ago Random trojan detected? cybersecurity · 65d ago CRTA second attempt cybersecurity · 65d ago What’s the hardest thing to learn in cybersecurity? cybersecurity · 65d ago What MCP servers are you integrating into your workflow (not exclusive to security)? cybersecurity · 65d ago Holy-Grail-PCAP: "Holy Grail PCAP" is a capture file offering exceptional coverage across nearly all tcpdump/Wireshark encapsulation types and dissectors. For [Blue|Purple] Teams in Cyber Defence · 65d ago WhatsApp malware campaign delivers VBScript and MSI backdoors | Microsoft Security Blog cybersecurity · 65d ago What are like the top but unknown Cybersecurity firms? cybersecurity · 65d ago Can HTTP POST bodies be intercepted without network or host access? hacking: security in practice · 65d ago Need professionals or expert on cybersecurity related to dark web for interview cybersecurity · 65d ago A new and super fast CVE Lite CLI Vulnerability Scanner (OWASP) cybersecurity · 66d ago Impacket-IoCs: This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library For [Blue|Purple] Teams in Cyber Defence · 66d ago North Korea calls US cyber threat claims a fabrication, warns of countermeasures Worldcategory cybersecurity · 66d ago VirusTotal has one flag for this sus site Malware Analysis & Reports · 66d ago Automated RASP Bypass with Frida + AI Agent | nutcracker & aipwn demo Reverse Engineering · 66d ago Puzzle: Set of PoC to abuse Windows minifilters functionality For [Blue|Purple] Teams in Cyber Defence · 66d ago Ai Didn’t Break Cybersecurity, It Revealed It Cyber Defense Magazine · 66d ago Acoustic Keystroke Recovery: Reconstructing Typed Text from a Laptop Microphone (85% success rate) cybersecurity · 66d ago Acoustic Keystroke Recovery - Reconstructing Typed Text from a Laptop Microphone (Full Guide, 85% success rate) Technical Information Security Content & Discussion · 66d ago Please critique my reverse engineering ctf platform. It is meant for beginners but I would like input from serious reverse engineers. It is functionally done but I need criticism for further refinements, thank you! Reverse Engineering · 66d ago built a PE packer where every packed file has a different instruction set – custom VM with randomized opcodes, single C++ file (Want suggestions for future updates past v4) hacking: security in practice · 66d ago Credential Dumping: Local Security Authority (LSA|LSASS.EXE) cybersecurity · 66d ago A “Psychological Warfare” to Show Off Cyber Capabilities: A Comprehensive Analysis of SentinelOne’s Exposure of fast16 For [Blue|Purple] Teams in Cyber Defence · 66d ago Dump sql time based is too slow hacking: security in practice · 66d ago Trojan:Win32/Cerdigent.A!dha cybersecurity · 66d ago Active exploitation of cPanel/WHM critical vulnerability For [Blue|Purple] Teams in Cyber Defence · 66d ago Important Update From Trellix - "Trellix recently identified unauthorized access to a portion of our source code repository. " For [Blue|Purple] Teams in Cyber Defence · 66d ago MDE flagging digi cert certificate as malicious everywhere ? cybersecurity · 66d ago North Korea rejects US cybercrime claims as 'absurd slander' hacking: security in practice · 66d ago "AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts Reverse Engineering · 66d ago 5 Qilin ransomware servers exposed over 7 months For [Blue|Purple] Teams in Cyber Defence · 66d ago is credential stuffing using openbullet2 dead in 2026? hacking: security in practice · 66d ago Anyone wanna learn the CEH or OSCP red teaming free Malware Analysis & Reports · 66d ago South-East Asian Military Entities Targeted via cPanel (CVE-2026-41940) For [Blue|Purple] Teams in Cyber Defence · 66d ago Russian Charged in Oil and Gas Facility Hacks Pleads Guilty For [Blue|Purple] Teams in Cyber Defence · 66d ago Hacking Wired Analog CCTV cameras going to a DVR (BNC and Coax) hacking: security in practice · 66d ago How to build .NET obfuscator - Part II Reverse Engineering · 66d ago VECT ransomware: small files decrypt, large files lose their nonces For [Blue|Purple] Teams in Cyber Defence · 66d ago CTO at NCSC Summary: week ending May 3rd For [Blue|Purple] Teams in Cyber Defence · 66d ago April 27th - What happened with our feature flag configuration | The ClickUp Blog For [Blue|Purple] Teams in Cyber Defence · 66d ago Adobe-Clawback — bulk-download every PDF from your Adobe Creative Cloud account (Python, resumable, MIT) hacking: security in practice · 67d ago How to exfiltrate data using only numeric outputs Technical Information Security Content & Discussion · 67d ago libghidra - SDK for automating Ghidra from Python, Rust, and C++ Reverse Engineering · 67d ago Blog: Evolving the Android & Chrome VRPs for the AI Era For [Blue|Purple] Teams in Cyber Defence · 67d ago Release: Open-source CAN bus reverse engineering suite tailored for offline ML signal decoding, MitM injection, and UDS analysis. Reverse Engineering · 67d ago RSAC 2026: The Power of Community Cyber Defense Magazine · 67d ago Seven Queries to Audit the Sentinel Detections Your SOC May Have Missed. For [Blue|Purple] Teams in Cyber Defence · 67d ago VECT: Ransomware by design, Wiper by accident For [Blue|Purple] Teams in Cyber Defence · 67d ago VisualSploit: Backdoor Visual Studio project files with custom shellcode, which executes whenever the project is opened or built. For [Blue|Purple] Teams in Cyber Defence · 67d ago Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison For [Blue|Purple] Teams in Cyber Defence · 67d ago Agentic Malware Analysis: From Task Automation to Deep Analysis For [Blue|Purple] Teams in Cyber Defence · 67d ago pydep-vector-runner: A lightweight runner that guards against weird startup behaviors in python. Lightweight version of PyDepGuard's coderunner. For [Blue|Purple] Teams in Cyber Defence · 67d ago month-of-bypasses: Proof-of-Concepts for Detection Engineering Purposes Only For [Blue|Purple] Teams in Cyber Defence · 67d ago For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall. Technical Information Security Content & Discussion · 67d ago Small models are better at cost-to-recall than large models like Mythos for vulnerability research hacking: security in practice · 67d ago Every incident public companies have disclosed to the SEC, in one searchable database Technical Information Security Content & Discussion · 67d ago 76% of All Crypto Stolen in 2026 Is Now in North Korea darkreading · 67d ago Bluetooth Spoofed Disconnect? hacking: security in practice · 67d ago Why my macOS Messages badge lied to me (and the one-line fix) Reverse Engineering · 67d ago Fake Tailscale site on Google Ads uses ClickFix to get you to execute malware yourself Malware Analysis & Reports · 68d ago A Guide to LNK File Forensics The Cyber Mentor · 68d ago Running Adobe’s 1991 PostScript Interpreter in the Browser Reverse Engineering · 68d ago Hello! Here is my Oura Ring 4 pure Python driver! Let me know what you think :) Reverse Engineering · 68d ago If AI's So Smart, Why Does It Keep Deleting Production Databases? darkreading · 68d ago Minecraft Malware C2 Tracking Malware Analysis & Reports · 68d ago r/netsec monthly discussion & tool thread Technical Information Security Content & Discussion · 68d ago Inside RSAC 2026 Cyber Defense Magazine · 68d ago Name That Toon: Mark of (Security) Progress darkreading · 68d ago 20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage darkreading · 68d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 68d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 68d ago Careful Adoption of Agentic AI Services All CISA Advisories · 68d ago wM-Buster - Flipper Zero app to analyze smart meters for gas, electricity, water. ... hacking: security in practice · 68d ago Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster Technical Information Security Content & Discussion · 68d ago /r/ReverseEngineering's Triannual Hiring Thread Reverse Engineering · 68d ago In-circuit NAND acquisition for edge devices (Raspberry Pi GPIO, no chip-off) Reverse Engineering · 68d ago TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack darkreading · 68d ago 🚀🔥 Evil-Cardputer v1.5.3 - TagTinker ESL 🔥🚀 hacking: security in practice · 68d ago Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug darkreading · 68d ago Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber darkreading · 68d ago Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Cisco Security Advisory · 68d ago Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM Security | Microsoft Azure Blog | Microsoft Azure · 68d ago Innovator Spotlight: The Open Group Cyber Defense Magazine · 68d ago Revealing NVIDIA Closed-Source Driver Command Streams for CPU-GPU Runtime Behavior Insight Reverse Engineering · 69d ago SHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agents The Last Watchdog · 69d ago I made a lightweight breach intelligence search engine (fully client-side) looking for feedback hacking: security in practice · 69d ago Oracle Red Bull Racing Team Revs Up Automation to Boost Security darkreading · 69d ago Bringing back the 80s terminal aesthetic: GLYPHIS_IO BBS, a cyberpunk hacking sim set in alternate 1989 Japan... hacking: security in practice · 69d ago Preparing For Hybrid Warfare: Actions To Take When The Cloud Goes Dark Cyber Defense Magazine · 69d ago Short and easy to understand: "Copy-Fail CVE-2026-31431" What is it and how do I mitigate it with an Open Source Tool hacking: security in practice · 69d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 69d ago ABB AWIN Gateways All CISA Advisories · 69d ago ABB Ability OPTIMAX All CISA Advisories · 69d ago ABB PCM600 All CISA Advisories · 69d ago ABB Edgenius Management Portal All CISA Advisories · 69d ago CISA Adds One Known Exploited Vulnerability to Catalog All CISA Advisories · 69d ago ABB Ability Symphony Plus Engineering All CISA Advisories · 69d ago ABB System 800xA, Symphony Plus IEC 61850 All CISA Advisories · 69d ago Seventeen vulnerabilities in Omi, fourteen days of silence Technical Information Security Content & Discussion · 69d ago High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940) Technical Information Security Content & Discussion · 69d ago This month in security with Tony Anscombe – April 2026 edition WeLiveSecurity · 69d ago HexDig 1.0.0 a lightweight binwalk alternative working both on Windows and Linux, written in C++, give it a try! Reverse Engineering · 69d ago GitHub - iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail: Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter). Reverse Engineering · 69d ago Copy Fail — 732 Bytes to Root hacking: security in practice · 69d ago ZDI-CAN-30796: Docker ZDI: Upcoming Advisories · 69d ago Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia Trend Micro Research, News, Perspectives · 69d ago Claude Mythos Fears Startle Japan's Financial Services Sector darkreading · 69d ago Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root Technical Information Security Content & Discussion · 69d ago Reverse Engineering With AI Unearths High-Severity GitHub Bug darkreading · 69d ago AI Finds 38 Security Flaws in Electronic Health Record Platform darkreading · 69d ago The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs Technical Information Security Content & Discussion · 69d ago The Thymeleaf Template Injection That Only Hurts If You Let It Technical Information Security Content & Discussion · 70d ago Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error darkreading · 70d ago GitHub fixes RCE flaw that gave access to millions of private repos hacking: security in practice · 70d ago Minirat malware deployed via NPM targeting macOS machines Malware Analysis & Reports · 70d ago Set up automated dependency scanning after the recent npm/PyPI supply chain attacks Technical Information Security Content & Discussion · 70d ago Operationalizing Cyber Resilience: A Practitioner’s Framework for Real-World Security Constraints Cyber Defense Magazine · 70d ago Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities darkreading · 70d ago I built a free open-source CAN bus reverse engineering workstation in Python — 15 tabs, offline ML, dual AI engines, MitM gateway Reverse Engineering · 70d ago Adapting Zero Trust Principles to Operational Technology All CISA Advisories · 70d ago How to download Kaggle dataset safely...? hacking: security in practice · 70d ago VECT Ransomware Is Actually a Wiper Malware Analysis & Reports · 70d ago VECT Ransomware Is Actually a Wiper hacking: security in practice · 70d ago Toys“R”Us Japan Implements Forter’s Fraud Management and Payment Optimization Solutions Blog – Forter · 70d ago DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West DEFCONConference · 70d ago The Malware Factory: GLASSWORM Forensics in Open VSX Malware Analysis & Reports · 70d ago A Route to Root in a 4G Industrial Router Technical Information Security Content & Discussion · 70d ago Kuse Web App Abused to Host Phishing Document Trend Micro Research, News, Perspectives · 70d ago BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures darkreading · 70d ago NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later darkreading · 70d ago Feuding Ransomware Groups Leak Each Other's Data darkreading · 70d ago Vidar Rises to Top of Chaotic Infostealer Market darkreading · 70d ago Phishing-to-RMM Attacks: The Remote Access Blind Spot Businesses Can't Ignore Malware Analysis & Reports · 70d ago Innovator Spotlight: Puneet Bhatnagar Cyber Defense Magazine · 70d ago Flipper Blackhat April Roundup! hacking: security in practice · 70d ago Building a perfect clone of 1993 game SimTower (via RE) Reverse Engineering · 70d ago [ Removed by Reddit ] Malware Analysis & Reports · 71d ago [VulnPath Update] Automated Email Alerting & CISA KEV Feed hacking: security in practice · 71d ago Ikeja Electric Distribution Ransomware Malware Analysis & Reports · 71d ago Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain darkreading · 71d ago Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities Cisco Security Advisory · 71d ago [Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses) Technical Information Security Content & Discussion · 71d ago How I reverse-engineered a SQLite WAL database inside a VS Code extension - custom merge engine, header byte patching, and protobuf decoding without a schema Reverse Engineering · 71d ago AI solved our CTF in 6min Reverse Engineering · 71d ago The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords Technical Information Security Content & Discussion · 71d ago Cybersecurity Risks in 2026 Cyber Defense Magazine · 71d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 71d ago NSA GRASSMARLIN All CISA Advisories · 71d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog All CISA Advisories · 71d ago Recently updated a authentic minecraft mod launcher called Modrinth Malware Analysis & Reports · 71d ago GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control The Last Watchdog · 71d ago More of What Matters: Forter’s April Product Release Blog – Forter · 71d ago 89 vulnerabilities in XAPI / Citrix XenServer Technical Information Security Content & Discussion · 71d ago Example structure for evidence-based vulnerability reports Reverse Engineering · 71d ago Retro-Coding and the Roots of Logic: Why The Byte Brothers: Program a Problem Still Matters Cyber Defense Magazine · 71d ago [ Removed by Reddit ] Technical Information Security Content & Discussion · 71d ago UNC6692 Combines Social Engineering, Malware, Cloud Abuse darkreading · 71d ago Innovator Spotlight: TokenCore Cyber Defense Magazine · 71d ago If AI Agents Can’t Find You, Do You Even Exist? Blog – Forter · 71d ago Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025) Technical Information Security Content & Discussion · 71d ago Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary Technical Information Security Content & Discussion · 72d ago This appeared on scan today no downloads Vulnerabledriver:WinNT/Winring0 Malware Analysis & Reports · 72d ago Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation darkreading · 72d ago FIRESIDE CHAT: Leaked secrets are now the go-to attack vector — and AI is accelerating exposures The Last Watchdog · 72d ago Platform Engineering: The Rise of a Disciplinary Rethink Cyber Defense Magazine · 72d ago Ransomware is getting uglier as cybercriminals fake leaks and skip encryption entirely Malware Analysis & Reports · 72d ago This hacker made $40,000 using Claude #ai #hacking #bugbounty NahamSec · 72d ago 60% Of Cyberattacks Are Identity Based — Is Identity First A Bad Idea? Cyber Defense Magazine · 72d ago MCPwned: a Burp Suite extension for auditing MCP servers Technical Information Security Content & Discussion · 72d ago From Threat Detection To Decision Intelligence: Rethinking Modern Cyber Defense Cyber Defense Magazine · 73d ago New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses Malware Analysis & Reports · 73d ago HackTheBox - Sorcery IppSec · 74d ago Save time and use Zig to write your Malware POC Malware Analysis & Reports · 74d ago Cracking CastleLoader’s Inno Setup Password Malware Analysis & Reports · 74d ago I built a C2 framework that uses Discord and Telegram for communication Malware Analysis & Reports · 74d ago Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability Cisco Security Advisory · 75d ago CISA Adds Four Known Exploited Vulnerabilities to Catalog Alerts · 75d ago CISA Adds Four Known Exploited Vulnerabilities to Catalog All CISA Advisories · 75d ago The calm before the ransom: What you see is not all there is WeLiveSecurity · 75d ago fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet. Malware Analysis & Reports · 75d ago Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet Malware Analysis & Reports · 75d ago PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs Malware Analysis & Reports · 75d ago Budgiekit - gdi malware maker (for educational purporses only) Malware Analysis & Reports · 76d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 76d ago SpiceJet Online Booking System All CISA Advisories · 76d ago Carlson Software VASCO-B GNSS Receiver All CISA Advisories · 76d ago Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera All CISA Advisories · 76d ago Milesight Cameras All CISA Advisories · 76d ago Defending Against China-Nexus Covert Networks of Compromised Devices All CISA Advisories · 76d ago Yadea T5 Electric Bicycle All CISA Advisories · 76d ago Intrado 911 Emergency Gateway (EGW) All CISA Advisories · 76d ago GopherWhisper: A burrow full of malware WeLiveSecurity · 76d ago Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities Cisco Security Advisory · 76d ago Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities Cisco Security Advisory · 76d ago Cisco Catalyst SD-WAN Vulnerabilities Cisco Security Advisory · 77d ago News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category The Last Watchdog · 77d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 77d ago 19 confirmed repos tied to the same GitHub malware campaign Malware Analysis & Reports · 77d ago Defending Against China-Nexus Covert Networks of Compromised Devices CISA Cybersecurity Advisories · 78d ago IOCX v0.7.0 — deterministic heuristics + adversarial PE samples Malware Analysis & Reports · 78d ago New NGate variant hides in a trojanized NFC payment app WeLiveSecurity · 78d ago Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one The Last Watchdog · 79d ago Supply Chain Compromise Impacts Axios Node Package Manager Alerts · 79d ago CISA Adds Eight Known Exploited Vulnerabilities to Catalog Alerts · 79d ago What the ransom note won’t say WeLiveSecurity · 79d ago HackTheBox - AirTouch IppSec · 81d ago That data breach alert might be a trap WeLiveSecurity · 82d ago Cisco Webex Services Certificate Validation Vulnerability Cisco Security Advisory · 82d ago Business Fraud at Network Scale: What the $3.5B Medicare Hospice Crisis Reveals About Know Your Business Blog Articles - Identity Insights | Trulioo · 82d ago Cisco Secure Web Appliance Authentication Bypass Vulnerability Cisco Security Advisory · 83d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 83d ago Supply chain dependencies: Have you checked your blind spot? WeLiveSecurity · 83d ago News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security The Last Watchdog · 83d ago Cisco Identity Services Engine Remote Code Execution Vulnerabilities Cisco Security Advisory · 84d ago Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability Cisco Security Advisory · 84d ago Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities Cisco Security Advisory · 84d ago Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability Cisco Security Advisory · 84d ago Cisco Unity Connection Arbitrary File Download Vulnerabilities Cisco Security Advisory · 84d ago Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities Cisco Security Advisory · 84d ago Cisco Webex Contact Center Cross-Site Scripting Vulnerability Cisco Security Advisory · 84d ago CISA Adds Two Known Exploited Vulnerabilities to Catalog Alerts · 85d ago GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags The Last Watchdog · 85d ago CISA Adds Seven Known Exploited Vulnerabilities to Catalog Alerts · 86d ago HackThebox - Eighteen IppSec · 88d ago Recovery scammers hit you when you’re down: Here’s how to avoid a second strike WeLiveSecurity · 89d ago News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk The Last Watchdog · 89d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 91d ago FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense The Last Watchdog · 92d ago As breakout time accelerates, prevention-first cybersecurity takes center stage WeLiveSecurity · 92d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 93d ago Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure CISA Cybersecurity Advisories · 93d ago HackTheBox - DarkZero IppSec · 95d ago Cisco IOS XE Software Denial of Service Vulnerability Cisco Security Advisory · 96d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 97d ago Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability Cisco Security Advisory · 98d ago Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability Cisco Security Advisory · 98d ago Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability Cisco Security Advisory · 98d ago Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability Cisco Security Advisory · 98d ago Azure IaaS: Keep critical applications running with built-in resiliency at scale Security | Microsoft Azure Blog | Microsoft Azure · 98d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 98d ago Digital assets after death: Managing risks to your loved one’s digital estate WeLiveSecurity · 98d ago This month in security with Tony Anscombe – March 2026 edition WeLiveSecurity · 99d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 100d ago HackTheBox - Browsed IppSec · 102d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 103d ago RSAC 2026 wrap-up – Week in security with Tony Anscombe WeLiveSecurity · 103d ago A cunning predator: How Silver Fox preys on Japanese firms this tax season WeLiveSecurity · 103d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 104d ago CISA Adds One Known Exploited Vulnerability to Catalog Alerts · 105d ago Virtual machines, virtually everywhere – and with real security gaps WeLiveSecurity · 105d ago Cloud workload security: Mind the gaps WeLiveSecurity · 106d ago What is Customer Due Diligence (CDD) Blog Articles - Identity Insights | Trulioo · 106d ago HackTheBox - Conversor IppSec · 109d ago Why Legacy Identity Verification Can’t Stop AI-Enabled Fraud Blog Articles - Identity Insights | Trulioo · 109d ago CISA Adds Five Known Exploited Vulnerabilities to Catalog Alerts · 110d ago Move fast and save things: A quick guide to recovering a hacked account WeLiveSecurity · 110d ago EDR killers explained: Beyond the drivers WeLiveSecurity · 111d ago Face value: What it takes to fool facial recognition WeLiveSecurity · 117d ago Cyber fallout from the Iran war: What to have on your radar WeLiveSecurity · 118d ago AML, KYC and Identity Verification in Australia Blog Articles - Identity Insights | Trulioo · 118d ago SSL/TLS Certificate Lifespans Are Decreasing to 200 Days InfoSec Insights · 119d ago AI in Tax Season: Risks, Scams, and How to Protect Your Data Fraud Prevention Archives - Alloy Silverstein · 125d ago Security-driven Rapid Release - Pwn2Own Documentary (Part 4) LiveOverflow · 125d ago Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure Security | Microsoft Azure Blog | Microsoft Azure · 126d ago Firefox JIT Bug - Pwn2Own Documentary (Part 3) LiveOverflow · 128d ago Tax Season Scams to Watch For This Year Fraud Prevention Archives - Alloy Silverstein · 132d ago The First Exploit - Pwn2Own Documentary (Part 2) LiveOverflow · 132d ago The World's Hardest Hacking Competition - Pwn2Own Documentary (Part 1) LiveOverflow · 135d ago I built a kernel-level EDR and hit architectural walls I didn’t expect Malware Analysis & Reports · 139d ago DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon DEFCONConference · 139d ago DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth DEFCONConference · 139d ago DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine DEFCONConference · 139d ago Update your detection rules: New remote access Trojan Malware Analysis & Reports · 140d ago Criminals are using AI website builders to clone major brands Malware Analysis & Reports · 140d ago Open-source Windows utility to recover files from prefix-based USB shortcut worms (Grenam/CPGE variants) Malware Analysis & Reports · 140d ago Azure reliability, resiliency, and recoverability: Build continuity by design Security | Microsoft Azure Blog | Microsoft Azure · 141d ago PE Loader For Fileless Malware Malware Analysis & Reports · 141d ago Numero Malware : A Stealthy Saboteur Targeting AI Tool Installers Malware Analysis & Reports · 141d ago AWAKE - Android Wiki of Attacks, Knowledge & Exploits Malware Analysis & Reports · 141d ago I built a Chrome extension that scans for malicious extensions (yes, I see the irony) Malware Analysis & Reports · 141d ago Questions regarding malicious pdf's Malware Analysis & Reports · 143d ago AV persistence bypass techniques Malware Analysis & Reports · 144d ago Avalon Linux Bot Malware Analysis Malware Analysis & Reports · 145d ago Leveling up in Windows malware research Malware Analysis & Reports · 146d ago Emerging Ransomware: BQTLock and GREENBLOOD Malware Analysis & Reports · 147d ago Malware Development POCs Malware Analysis & Reports · 147d ago Suspicious code in Up-work linked repository. Malware Analysis & Reports · 147d ago We hid backdoors in binaries — Opus 4.6 found 49% of them Malware Analysis & Reports · 148d ago 👨💻 North Korean Malware Analysis 🚨 ROKRAT KillChain 📡 Malware Analysis & Reports · 149d ago Analysis of Suspected Malware Linked to APT-Q-27 (GoldenEyeDog) Targeting Financial Institutions Malware Analysis & Reports · 149d ago Malware analysis - Signed job search application deploys a Proxyware, ClipBanker and XMRig cryptominer Malware Analysis & Reports · 150d ago Nyxara Malware Analysis & Reports · 153d ago When Fraud Becomes Background Noise: The Industrialization of Digital Deception Blog Articles - Identity Insights | Trulioo · 184d ago The Efficiency Era of KYC: Reverification and Reusable Identity Take Center Stage Blog Articles - Identity Insights | Trulioo · 184d ago The End of Static KYB: Business Identity in Constant Motion Blog Articles - Identity Insights | Trulioo · 184d ago Know Your Agent: The Next Chapter in Digital Trust Blog Articles - Identity Insights | Trulioo · 184d ago When Rules Move Faster Than Readiness: Regulatory Adaptability as a Competitive Advantage Blog Articles - Identity Insights | Trulioo · 184d ago DEF CON 33 Recon Village - How to Become One of Them: Deep Cover Ops - Sean Jones, Kaloyan Ivanov DEFCONConference · 189d ago DEF CON 33 Recon Village - Inside the Shadows Tracking RaaS Groups, Cyber Threats - John Dilgen DEFCONConference · 189d ago DEF CON 33 Recon Village - Autonomous Video Hunter AI Agents for Real Time OSINT - Kevin Dela Rosa DEFCONConference · 189d ago DEF CON 33 Recon Village - A Playbook for Integration Servers - Ryan Bonner, Guðmundur Karlsson DEFCONConference · 189d ago DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov DEFCONConference · 189d ago DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino DEFCONConference · 189d ago DEF CON 33 Recon Village - OSINT & Modern Recon Uncover Global VPN Infrastructure - Vladimir Tokarev DEFCONConference · 189d ago DEF CON 33 Recon Village - Pretty Good Pivot - Simwindie DEFCONConference · 189d ago DEF CON 33 Recon Village - enumeraite: AI Assisted Web Attack Surface Enumeration - Özgün Kültekin DEFCONConference · 189d ago DEF CON 33 Recon Village - OSINT Signals Pop Quiz - Master Chen DEFCONConference · 189d ago DEF CON 33 Recon Village - Investigating Foreign Tech from Online Retailers - Michael Portera DEFCONConference · 189d ago Digital Identity Trends 2026: AI Fraud, Compliance, and Orchestration Blog Articles - Identity Insights | Trulioo · 203d ago Beware of Misleading Tax Advice on Social Media Fraud Prevention Archives - Alloy Silverstein · 300d ago Scammers Up Their Game With AI Fraud Prevention Archives - Alloy Silverstein · 301d ago Life in the Nordics 🌲 | Foraging Blueberries, Mushrooms & Nosework Training with Our Dogs STÖK · 318d ago The Essential Guide to Safeguarding Your Online Passwords Fraud Prevention Archives - Alloy Silverstein · 379d ago How FIN6 Exfiltrates Files Over FTP HackerSploit · 455d ago From Zero to Zero Day (and beyond) - Life of a Hacker: Jonathan Jacobi LiveOverflow · 455d ago The German Hacking Championship LiveOverflow · 481d ago Beware: Tax Season is Scam Season Fraud Prevention Archives - Alloy Silverstein · 490d ago Do you know this common Go vulnerability? LiveOverflow · 495d ago Stop Scams: Fraud Prevention Starts with Your Employees Fraud Prevention Archives - Alloy Silverstein · 503d ago Emulating FIN6 - Active Directory Enumeration Made EASY HackerSploit · 506d ago The SECRET to Embedding Metasploit Payloads in VBA Macros HackerSploit · 511d ago Offensive VBA 0x4 - Reverse Shell Macro with Powercat HackerSploit · 519d ago Offensive VBA 0x3 - Developing PowerShell Droppers HackerSploit · 525d ago Offensive VBA 0x2 - Program & Command Execution HackerSploit · 530d ago Offensive VBA 0x1 - Your First Macro HackerSploit · 532d ago Emulating FIN6 - Gaining Initial Access (Office Word Macro) HackerSploit · 537d ago FIN6 Adversary Emulation Plan (TTPs & Tooling) HackerSploit · 541d ago Developing An Adversary Emulation Plan HackerSploit · 541d ago Introduction To Advanced Persistent Threats (APTs) HackerSploit · 545d ago Introduction To Adversary Emulation HackerSploit · 567d ago ‘Tis the Season for Holiday Shopping Scams Fraud Prevention Archives - Alloy Silverstein · 576d ago Mastering Persistence: Using an Apache2 Rootkit for Stealth and Defense Evasion HackerSploit · 576d ago Google's Mobile VRP Behind the Scenes with Kristoffer Blasiak (Hextree Podcast Ep.1) LiveOverflow · 630d ago My theory on how the webp 0day was discovered #short LiveOverflow · 646d ago My theory on how the webp 0day was discovered (BLASTPASS) LiveOverflow · 647d ago Learn Android Hacking! - University Nevada, Las Vegas (2024) LiveOverflow · 673d ago My Trip to Las Vegas for DEFCON & Black Hat LiveOverflow · 687d ago Planning Red Team Operations | Scope, ROE & Reporting HackerSploit · 716d ago Mapping APT TTPs With MITRE ATT&CK Navigator HackerSploit · 720d ago IRS Issues “Dirty Dozen” Fraud Warnings Fraud Prevention Archives - Alloy Silverstein · 761d ago IRS Identity Theft Season Begins Now Fraud Prevention Archives - Alloy Silverstein · 890d ago Finding The .webp Vulnerability in 8s (Fuzzing with AFL++) LiveOverflow · 898d ago Winter vanlife = good times STÖK · 920d ago What an experience! Getting a Christmas tree from our own piece of land. #movingupnorth! STÖK · 926d ago A Vulnerability to Hack The World - CVE-2023-4863 LiveOverflow · 930d ago Had to much GLÖGG and lost my camera during - 13371122 - Intigriti + Visma STÖK · 933d ago Reinventing Web Security LiveOverflow · 960d ago IS THIS THE END? STÖK · 993d ago Escaping the grind and decompiling python 3.9 pyc files to find vulnerabilites STÖK · 1147d ago The World’s Identity Platform Blog Articles - Identity Insights | Trulioo · 1254d ago How to turn bugs into a "passive" income stream! ft Detectify's Almroot STÖK · 1388d ago HOW DID THIS HAPPEN!? (13370822 LHE VLOG) STÖK · 1401d ago Student Loan Breach Exposes 2.5M Records Threatpost · 1407d ago Watering Hole Attacks Push ScanBox Keylogger Threatpost · 1408d ago Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms Threatpost · 1409d ago Ransomware Attacks are on the Rise Threatpost · 1412d ago Cybercriminals Are Selling Access to Chinese Surveillance Cameras Threatpost · 1412d ago Twitter Whistleblower Complaint: The TL;DR Version Threatpost · 1414d ago Firewall Bug Under Active Attack Triggers CISA Warning Threatpost · 1415d ago Fake Reservation Links Prey on Weary Travelers Threatpost · 1416d ago iPhone Users Urged to Update to Patch 2 Zero-Days Threatpost · 1419d ago Google Patches Chrome’s Fifth Zero-Day of the Year Threatpost · 1420d ago Q: How to write a BUG BOUNTY report that actually gets paid? STÖK · 1518d ago KYC: 3 Steps to Achieving Know Your Customer Compliance Blog Articles - Identity Insights | Trulioo · 1525d ago facts: Bug Bounty hunters has made ridiculous amounts of $$ from known DNS techniques.. STÖK · 1532d ago AML Compliance Checklist: Best Practices for Anti-Money Laundering Blog Articles - Identity Insights | Trulioo · 1540d ago Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!) STÖK · 1546d ago Q: HOW do you get started in bug bounty?? How do you build your automation?! STÖK · 1560d ago Q: PENTEST VS BUGBOUNTY? (Bounty Thursday's - ON AIR) STÖK · 1574d ago BOUNTY THURSDAYS - LIVE #2 (NEWS/TOOLS and Community Questions with Jason Haddix) STÖK · 1588d ago
Latest
The Record from Recorded Future NewsTaiwan charges two businessmen over alleged role in Chinese espionage campaignLatest newsSony's True RGB display made this one of the most impressive TVs I've testedBleepingComputerEntra passkey enrollment vishing targets Microsoft 365 usersLatest newsOpenAI's new GPT-Live-1 voice model won't interrupt you - why that's a big dealLatest newsI tried DuckDuckGo's new video player, and it blocks YouTube ads for freeSecurityWeekAccenture Confirms Data Breach After Hacker Claims Source Code TheftJohn HammondTeamPCP AttentionThe Cyber MentorLIVE: 1 Million Subscribers | DEF CON/Summer Camp GiveawayCisco Security AdvisoryCisco Advance Notification for Publication of July 15, 2026, Security AdvisoriesSecurityWeekChina-Linked APT Expands Arsenal With New ‘Leash’ BackdoorsLatest newsI tried Claude Cowork on my Gmail inbox after Gemini choked - and it saved me hours of workThe Hacker NewsNew HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet MalwareLatest newsI tested the Roborock Saros 20, and I'd trust it for the next decadeBlack HatBlack Hat Europe 2025 | Breaking AI Inference Systems: Lessons From Pwn2Own BerlinThe Hacker NewsUbiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OSThe Record from Recorded Future NewsFormer UK privacy chief preparing legal action against woman who reported him, minister saysHelp Net SecurityAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)BleepingComputer3 Ways AI Powers Service Desk Attacks and How to Prevent ThemHelp Net SecurityCensys Internet Map links real-time DNS data to internet infrastructureThe Record from Recorded Future NewsSpain arrests alleged supporter of pro-Russian hacktivist groups after FBI tipThe Record from Recorded Future NewsTaiwan charges two businessmen over alleged role in Chinese espionage campaignLatest newsSony's True RGB display made this one of the most impressive TVs I've testedBleepingComputerEntra passkey enrollment vishing targets Microsoft 365 usersLatest newsOpenAI's new GPT-Live-1 voice model won't interrupt you - why that's a big dealLatest newsI tried DuckDuckGo's new video player, and it blocks YouTube ads for freeSecurityWeekAccenture Confirms Data Breach After Hacker Claims Source Code TheftJohn HammondTeamPCP AttentionThe Cyber MentorLIVE: 1 Million Subscribers | DEF CON/Summer Camp GiveawayCisco Security AdvisoryCisco Advance Notification for Publication of July 15, 2026, Security AdvisoriesSecurityWeekChina-Linked APT Expands Arsenal With New ‘Leash’ BackdoorsLatest newsI tried Claude Cowork on my Gmail inbox after Gemini choked - and it saved me hours of workThe Hacker NewsNew HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet MalwareLatest newsI tested the Roborock Saros 20, and I'd trust it for the next decadeBlack HatBlack Hat Europe 2025 | Breaking AI Inference Systems: Lessons From Pwn2Own BerlinThe Hacker NewsUbiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OSThe Record from Recorded Future NewsFormer UK privacy chief preparing legal action against woman who reported him, minister saysHelp Net SecurityAttackers using Langflow flaw for credential harvesting (CVE-2026-55255)BleepingComputer3 Ways AI Powers Service Desk Attacks and How to Prevent ThemHelp Net SecurityCensys Internet Map links real-time DNS data to internet infrastructureThe Record from Recorded Future NewsSpain arrests alleged supporter of pro-Russian hacktivist groups after FBI tip
By Source
Feeds organized so you can skim by site.
Density
Sort
LN
Latest news
1h ago · 20 items
Sony's True RGB display made this one of the most impressive TVs I've tested
1h ago
Outfitted with Sony's new Micro RGB panels, the Bravia 9 II is well on its way to usurping its OLED cousin's supremacy.
OpenAI's new GPT-Live-1 voice model won't interrupt you - why that's a big deal
1h ago
Not every new model is all it's cracked up to be. Our tracker keeps each release in context with its peers, so you know which models are worth your time.
I tried DuckDuckGo's new video player, and it blocks YouTube ads for free
1h ago
Even as Chrome is killing ad blockers, DuckDuckGo's new video player now blocks ads by default on YouTube and elsewhere. Duck Player is available for MacOS, Windows, Android, and iOS.
I tried Claude Cowork on my Gmail inbox after Gemini choked - and it saved me hours of work
2h ago
Gmail's AI failed at a nuanced research task, but Claude Cowork found the right pitches, quotes, and permissions, proving connected AI assistants may finally help tackle some aspects of email overload.
I tested the Roborock Saros 20, and I'd trust it for the next decade
2h ago
Roborock took its flagship robot vacuum and really improved it, while keeping the same price. Here's how.
GitHub's former CEO launches a distributed Git network built for the agentic coding age
4h ago
The developer tools startup said it's building better infrastructure for a future run by coding agents.
Why we're all posting less on social media these days
4h ago
Americans are getting quieter and more selective about what they share online. And, honestly, same.
3 Android Auto automations that make my drives much easier - and how I set them up
6h ago
Android automations are nothing new, but incorporating them into you car can change your drive.
Why leaving extension cords plugged in permanently is riskier than you realize
7h ago
Sure, home extension cords and power strips are handy, but they also result in thousands of preventable fires each year. Here's how to use them more safely.
This free Android app makes sharing files across Windows, Mac, and iOS so easy for me
15h ago
If you're looking for an effortless way of transferring files from Android to your other devices, look no further than Blip.
Samsung unveils Galaxy Z Fold 8 deal for up to $1,230 off ahead of July Unpacked - how to qualify
18h ago
I turned my phone into an Android TV remote for free - here's why it's genius
21h ago
Your Windows 11 PC might be hiding a 500GB storage bug - how to check
22h ago
I connected ChatGPT to my bank, and it's my go-to finance app now - here's how (and why)
22h ago
You can soon restore Windows 11 from scratch even if it can't boot up - here's how
23h ago
Got a spare PC? How I turned mine into an open-source smart home hub for free
23h ago
The best robot vacuums for 2026: Expert tested and reviewed
1d ago
Linux Mint vs. RefreshOS: I compared the two best distros for new users - this one's better
1d ago
Sennheiser Momentum 5 vs. Bose QuietComfort Ultra 2: I compared the two and found a winner
1d ago
What's new with iPhone 18 Pro Max? Guess correctly for a chance to win an Apple Watch
1d ago
20 loaded
BL
BleepingComputer
1h ago · 15 items
Entra passkey enrollment vishing targets Microsoft 365 users
1h ago
A threat actor has been targeting organizations across multiple sectors with voice-based fake security requests that ask Microsoft 365 users to enroll a new Entra passkey.
3 Ways AI Powers Service Desk Attacks and How to Prevent Them
3h ago
Specops Software explains how AI is making service desk impersonation attacks more convincing, personalized, and scalable, along with practical steps organizations can take to strengthen onboarding and identity verification.
DuckDuckGo browser now blocks YouTube video ads
5h ago
DuckDuckGo announced that its browser can now block most video ads on YouTube, including those shown before the video starts playing and during playback.
Telco giant KDDI says data breach affects over 12 million people
5h ago
Japanese telecommunications giant KDDI says that millions of people had their email addresses and passwords exposed after attackers breached an email platform used by five internet service providers (ISPs) in the country.
CISA orders feds to prioritize patching Langflow auth bypass flaw
7h ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively exploited vulnerability in the Langflow visual framework for building AI agents.
Ubiquiti warns of new max severity UniFi OS vulnerability
8h ago
Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw that can be exploited in command injection attacks.
CISA orders feds to patch max severity ColdFusion flaw by Friday
9h ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to patch an actively exploited maximum-severity flaw in the Adobe ColdFusion commercial web app development platform by Friday.
Accenture confirms breach after hacker offers stolen data for sale
19h ago
IT services giant Accenture has confirmed it suffered a security breach after a threat actor claimed to have stolen 35 GB of source code and other data from the company.
Chinese hackers develop LONGLEASH malware to expand ORB network
22h ago
Chinese hackers tracked as 'UAT-7810' are actively evolving their malware to expand their Operational Relay Box (ORB) network by compromising internet-facing networking devices, primarily unpatched Ruckus routers.
Hidden backdoor in Tenda router firmware grants admin access
23h ago
A hidden authentication backdoor has been found in multiple Tenda router firmware versions, potentially allowing an attacker to gain administrative access to the device's web management panel.
Spain arrests suspected member of pro-Russian hacktivist groups
1d ago
The GitHub Actions Attack Pattern Your CI Security Scanners Miss
1d ago
Webinar tomorrow: Why modern email attacks require a new approach to defense
1d ago
New Januscape Linux flaw allows VM escape on Intel, AMD devices
1d ago
Microsoft to enable Windows settings backup by default for orgs
1d ago
15 loaded
SE
SecurityWeek
1h ago · 10 items
Accenture Confirms Data Breach After Hacker Claims Source Code Theft
1h ago
China-Linked APT Expands Arsenal With New ‘Leash’ Backdoors
1h ago
Webinar Today: Why Email Security Keeps Failing
3h ago
Google Dialogflow CX Bug Allowed Attackers to Hijack AI Conversations
4h ago
CISA Urges Immediate Patching of Exploited ColdFusion, Langflow, Joomla Flaws
6h ago
Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection
6h ago
County Government Reportedly Paid $1 Million to Cyber Extortion Group
23h ago
Critical Gitea Flaw Under Active Exploitation, Researchers Warn
23h ago
CISA Reportedly Using Anthropic’s Mythos to Scan Government Software for Flaws
1d ago
Critical Adobe ColdFusion Vulnerability Exploited in Attacks
1d ago
JH
John Hammond
1h ago · 15 items
TeamPCP Attention
1h ago
NEW AI Hacking Challenges with Andrew Bellini!
15h ago
Open Source Malware
2d ago
THE MOD WORKS! lets improve it
2d ago
the vibe continues
3d ago
let's vibe
4d ago
Beyond Usernames
7d ago
Beyond CTF Labs
8d ago
ConsentFix Exposed
9d ago
Facebook Phishing Fails
12d ago
Disable SmartScreen Fast
13d ago
Github got Hacked by CATS
14d ago
This Dark Web Linux Backdoor Erases Its Own Footprints
14d ago
ContinuumCon 2026 Redux!
18d ago
ContinuumCon 2026 - Day 3
23d ago
15 loaded
TC
The Cyber Mentor
1h ago · 15 items
LIVE: 1 Million Subscribers | DEF CON/Summer Camp Giveaway
1h ago
Celebrating 1 Million Subscribers on July 8th!
6d ago
Real Folks of Cyber | Pearce Barry | Day in the Life
12d ago
Getting Started with the TCM Security Academy
12d ago
Soft Skills for the Job Market: Resume Writing
19d ago
TCM Security Summer Sale is Here!
22d ago
LIVE: 🕵️ CTF Prize Draw | Cybersecurity
27d ago
Secrets to PNPT Debrief Success
29d ago
TCM Security CTF Walkthrough
33d ago
Top 5 Active Directory Pentesting Tools
35d ago
Real Folks of Cyber | Dan Berger | Day in the Life
41d ago
Soft Skills for the Job Market: Communication
47d ago
LIVE: 🕵️ HTB Sherlocks! | Cybersecurity | Blue Team
55d ago
A Quick Way to Prove Your Cybersecurity Skillset!
56d ago
A Guide to LNK File Forensics
68d ago
15 loaded
CS
Cisco Security Advisory
1h ago · 52 items
Cisco Advance Notification for Publication of July 15, 2026, Security Advisories
1h ago
On July 15, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Identity Services Engine...
ClamAV Vulnerabilities Affecting Cisco Products: July 2026
7d ago
Multiple vulnerabilities in ClamAV could allow a remote attacker to cause a denial of service (DoS) condition, interrupting scanning operations. For more information about these vulnerabilities, see the Details section of this advisory. For...
Cisco Catalyst Center Arbitrary File Read Vulnerability
7d ago
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exp...
Cisco Advance Notification for Publication of July 1, 2026, Security Advisories
14d ago
On July 1, 2026, the Cisco Product Security Incident Response Team (PSIRT) will publish advisories to disclose security vulnerability information along with fixed software releases for the following Cisco products: Catalyst Center Secure En...
Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities
16d ago
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a c...
Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities
21d ago
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected devi...
Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability
21d ago
A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input v...
Cisco Webex App Open Redirect Vulnerability
21d ago
A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer ...
Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability
21d ago
A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands....
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
21d ago
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an un...
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
23d ago
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
29d ago
Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability
33d ago
Cisco Webex Meetings Cross-Site Scripting Vulnerability
35d ago
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
35d ago
Cisco Finesse Remote File Inclusion Vulnerability
35d ago
Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability
49d ago
Cisco Secure Workload Unauthorized API Access Vulnerability
49d ago
Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability
49d ago
Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability
49d ago
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
55d ago
Cisco Catalyst SD-WAN Manager Vulnerabilities
55d ago
Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory
55d ago
Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities
63d ago
Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability
63d ago
Cisco Identity Services Engine Authentication Bypass Vulnerabilities
63d ago
Cisco Prime Infrastructure Information Disclosure Vulnerability
63d ago
Cisco Slido Insecure Direct Object Reference Vulnerability
63d ago
Cisco IoT Field Network Director Vulnerabilities
63d ago
Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability
63d ago
Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability
63d ago
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities
63d ago
Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
68d ago
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
71d ago
Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability
75d ago
Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities
76d ago
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
76d ago
Cisco Catalyst SD-WAN Vulnerabilities
77d ago
Cisco Webex Services Certificate Validation Vulnerability
82d ago
Cisco Secure Web Appliance Authentication Bypass Vulnerability
83d ago
Cisco Identity Services Engine Remote Code Execution Vulnerabilities
84d ago
Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability
84d ago
Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities
84d ago
Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability
84d ago
Cisco Unity Connection Arbitrary File Download Vulnerabilities
84d ago
Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities
84d ago
Cisco Webex Contact Center Cross-Site Scripting Vulnerability
84d ago
Cisco IOS XE Software Denial of Service Vulnerability
96d ago
Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability
98d ago
Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability
98d ago
Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability
98d ago
Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability
98d ago
52 loaded
TH
The Hacker News
2h ago · 20 items
New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware
2h ago
Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS
2h ago
New Ghost Phishing Wave Is Breaking Traditional Email Security
4h ago
SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users
4h ago
GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures
5h ago
The Verification Step Is the New ATO Battleground in 2026
5h ago
GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code
5h ago
China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware
8h ago
15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros
10h ago
CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV
11h ago
RedWing MaaS Packages Android Bank Fraud as a Telegram Rental Service
23h ago
Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots
1d ago
DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts
1d ago
Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data
1d ago
Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker
1d ago
Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants
1d ago
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
1d ago
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
1d ago
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware
1d ago
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
1d ago
20 loaded
BH
Black Hat
2h ago · 15 items
Black Hat Europe 2025 | Breaking AI Inference Systems: Lessons From Pwn2Own Berlin
2h ago
Black Hat Intercepted | Anurag Swarnim Yadav, Co-Founder & CTO of QubitAC
1d ago
Black Hat Europe 2025 | Nation-Scale SecOps: How CERT PL Scans Poland
1d ago
Black Hat Europe 2025 | Not Just Victims: The Hidden Villains Inside Infostealer Logs
2d ago
Black Hat Europe 2025 | Taking Control Over Legacy And ERTMS/ETCS Railroad Signaling Systems
3d ago
Black Hat Europe 2025 | Slashing QUIC's Performance With A Hash DoS
4d ago
Black Hat Europe 2025 | Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
5d ago
Black Hat Europe 2025 | Abstractions For Program Analysis
5d ago
Black Hat Europe 2025 | How We Turned AI's 'Web Browsing' Into A Gateway For Targeting 1B+ Users
9d ago
Black Hat Europe 2025 | The Forensic Trail On GitHub: Hunting For Supply Chain Activity
10d ago
Black Hat Europe | LINE-Break: Cryptanalysis And Reverse Engineering Of Letter Sealing
10d ago
Black Hat Europe 2025 | Hacking Smart Cities One Building At A Time - A City Of A Thousand Zero Days
11d ago
Black Hat Europe 2025 | Silence On macOS: What 70K Binaries Reveal About The macOS Malware Ecosystem
11d ago
Black Hat Intercepted Video Series | Lexie Thach
12d ago
Black Hat Intercepted | Lexie Thach, Ex Machina Parlor + Naval Information Warfare Center Pacific
13d ago
15 loaded
HN
Help Net Security
3h ago · 10 items
Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)
3h ago
CISA is warning about yet another Langflow vulnerability (CVE-2026-55255) leveraged by attackers in the wild.
Censys Internet Map links real-time DNS data to internet infrastructure
3h ago
Censys Internet Map now includes real-time DNS visibility, helping security teams investigate domains and infrastructure.
Blackpoint AI SOC Agent autonomously contains identity-based attacks
3h ago
Blackpoint AI SOC Agent autonomously detects and contains identity threats targeting Microsoft 365 and Google Workspace.
First Recon AI Security Runtime helps enterprises govern AI with audit-ready evidence
3h ago
First Recon AI Security Runtime governs and secures enterprise AI use by enforcing policies and auditing every AI interaction.
FalconStor Cloud Clean Room enables validated recovery without dedicated infrastructure
3h ago
FalconStor Cloud Clean Room enables validated recovery testing in a secure enclave, with each test starting from a known state.
DNSFilter makes its DNS threat protection available to OEM partners
4h ago
DNSFilter's OEM program lets partners embed DNS threat protection, VPN, and privacy features into apps, devices, and services.
Attestiv DeepScan combines AI and forensic analysis for file validation
4h ago
Attestiv DeepScan validates photos, documents, audio, and video to help organizations detect fraud and make trusted decisions.
Accenture acknowledges security incident following 35GB data theft claim
5h ago
Technology consulting company Accenture appears to have suffered a data breach, the extent of which is currently unknown.
Crusoe brings serverless fine-tuning to AI model development
7h ago
Crusoe added serverless AI model fine-tuning and self-serve deployments to simplify training and production inference.
Automox MCP Server adds visual reviews and AI-driven patch policy creation
7h ago
Automox MCP Server 2.2 adds visual review surfaces, Patch by Severity policies, and live capability discovery for IT teams.
KO
Krebs on Security
4h ago · 10 items
Felons, Fraudsters Flog Offensive Cybersecurity Startup
4h ago
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intellige...
FBI Seizes NetNut Proxy Platform, Popa Botnet
5d ago
The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technolo...
Scattered Spider Hackers Plead Guilty on Day 1 of Trial
15d ago
Two men pleaded guilty in the United Kingdom this week to criminal charges stemming from an August 2024 cyberattack that crippled Transport for London, the entity responsible for the public transport network in the Greater London area. The ...
‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm
19d ago
For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers ...
Who Runs the Ransomware Group ‘The Gentlemen?’
28d ago
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of...
A Record-Breaking Patch Tuesday for June 2026
28d ago
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bug...
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
36d ago
The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how ...
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks
44d ago
Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the Euro...
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
47d ago
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a v...
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
47d ago
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed deni...
SL
Security Latest
6h ago · 20 items
OnlyFans Models Are Accidentally Making Hacked Government Websites Disappear
6h ago
What Happens if China Hacks the US Water Supply? I Went to a Secret War Game to Find Out
7h ago
ICE’s Internal Watchdog Is Now Investigating Online Critics
2d ago
Security Roundup: Apple’s Hide My Email Service Fails to Hide Your Email
4d ago
EU Politicians Investigated Pegasus Spyware. Then It Ended Up on One of Their Phones
5d ago
Claude Helped a Hacker Find a Way to Issue Tickets to Almost Every US Music Festival
7d ago
Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs
8d ago
Top Google Security Staff Warn Search Data Could Be Hacked if EU Rules Change
9d ago
Security News This Week: LastPass Users Had Their Data Stolen—Again
11d ago
The Pentagon Is Looking Into the Dialog Data Exposure for Unmasking National Security Officials
12d ago
British Police Built a Sprawling Crime-Prediction Machine. Some Results Couldn’t Be Trusted
13d ago
Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed
14d ago
OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos
16d ago
World Cup Scams Are Getting Harder to Spot
16d ago
A Critical Deadline Is Approaching for Windows and Linux Security
17d ago
Hackers Claim to Leak Stolen Madison Square Garden Data
18d ago
How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members
19d ago
How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras
20d ago
The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed
20d ago
Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society
21d ago
20 loaded
HS
Heimdal Security Blog
7h ago · 15 items
Cyber-Aware Customers Are Raising the Bar for MSPs and Other Vendors
7h ago
Your client is no longer just buying your security advice. They’re auditing whether you live by it. That was the clearest message from the exclusive interview I had with Heather MacDonald, an MSP finance specialist and owner of Counting Cre...
How to scale your patches without scaling your team (the patch wave)
5d ago
Most breaches don’t start with a vulnerability nobody knew about. They start with one nobody patched in time. Vulnerability exploitation is now the single biggest way attackers get into a network. It has overtaken stolen credentials for the...
AI didn’t break patching. It showed us patching was already broken.
5d ago
Claude Mythos, an AI model from Anthropic, has found 23,019 software vulnerabilities in the past month. Fewer than 1% of them have been patched. That gap is the story. Finding a vulnerability used to be the hard part, the thing that limited...
Heimdal Launches MSP Onboarding Wizard to Help Partners Onboard Microsoft CSP Customers in 2 Minutes
7d ago
New feature reduces manual setup, speeds up customer activation, and helps MSPs scale Microsoft CSP estates with less operational work.
How Dynamic Defense shuts an attacker out without shutting down the business
12d ago
AI has handed hackers a resource advantage. Winning it back means spending your own resources far more precisely, and that’s the strategy we call Dynamic Defense. The principle is simple. Contain the threat just enough, for just long enough...
Static security has run out of road. The case for Dynamic Defense
12d ago
AI has flipped the economics of cybersecurity in the attacker’s favor. For most of the last decade, defenders held the cost advantage, buying down their risk with a stack of largely static controls. That advantage is gone, and winning it ba...
Breaking the MSP Echo Chamber: The Power of Community
14d ago
MSPs spend too much time talking to other MSPs and not enough time talking to the people they’re supposed to serve. That’s Paul Croker’s view of some of the channel’s biggest growth problems. While most industry events bring technology prof...
How attackers built a RAT on a Windows machine using its own .NET compiler
16d ago
In May 2026 an attacker compromised a UK medical practice endpoint without delivering a single malicious file. They used PowerShell and the .NET compiler built into Windows to build a Remcos remote access trojan on the machine itself, so si...
Attacker enables RDP, creates admin, erases evidence in ten seconds
16d ago
At 06:34am on 2 June 2026, an attacker logged on to a customer’s network. In a single automated burst, they switched on remote desktop and created a rogue administrator account. And deleted the evidence behind them. The intrusion reached 34...
The State of AI Risk Management in 2026
22d ago
There is no excerpt because this is a protected post.
Heimdal Survey: Executives Four Times More Confident About AI Risk Than the Teams Managing It
23d ago
Your Next Insider Threat May Be an AI Coworker
26d ago
The OSI Model and Its Two Missing Layers
26d ago
Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification
30d ago
AI Will Absorb 99.98% of SOC Triage Within a Year, as 79% of IT teams brace for AI-driven workload shift
57d ago
15 loaded
CY
CyberScoop
8h ago · 126 items
Found fast, fixed slow: The gap the AI clearinghouse must close
8h ago
Spain arrests suspected hacker linked to Russian hacktivist campaign
19h ago
Deepfake CSAM lawsuit against xAI, Grok expands
20h ago
Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities
1d ago
Proofpoint researchers said attackers targeted physics and engineering departments, and warn that the campaign is likely ongoing.
US Army websites defaced with pro-Kurdish sentiments, insults to Trump
1d ago
Sysdig clocks first documented case of agentic ransomware
2d ago
Finding vulnerabilities was never the hard part
2d ago
Someone infected a spyware probe overseer with spyware
5d ago
Alleged longstanding member of Scattered Spider extradited to US
6d ago
Researchers spot exploitation of another critical Oracle defect
6d ago
US lifting export control restrictions on Anthropic’s Mythos, Fable
7d ago
This phishing kit looks more like BEC-as-a-service
7d ago
Citrix patches a new NetScaler flaw with echoes of CitrixBleed
7d ago
Trump budget boss Russell Vought open to re-staffing CISA
7d ago
DHS to unveil replacement council for critical infrastructure cybersecurity
8d ago
How ransomware syndicates weaponize corporate-style organization
8d ago
Warner bill would create federally vetted list for secure, trustworthy AI agents
8d ago
Supreme Court approves mail-in ballots that arrive after Election Day
8d ago
Supreme Court delivers ‘major win’ for tech privacy in Chatrie ruling
8d ago
What the post-quantum executive order really demands of CISOs
9d ago
ATF cancels controversial commercial geolocation contract
11d ago
FCC passes new cybersecurity rules for emergency systems, undersea cables
12d ago
Federal court rules Trump election-focused executive order illegal
13d ago
Russia uses Cellebrite to break into human rights activist’s phone, even after cancellation of contract
13d ago
Minnesota man known as ‘Snoopy’ sentenced in DraftKings hack
13d ago
Why patch directives only go so far
13d ago
Malicious hackers exploit Cisco zero-day for highest access level at communications service provider
13d ago
In a first, a court takedown goes after two cybercrime tools at once
14d ago
Open-source security is posing challenges governments can’t easily solve
14d ago
Justice Department seizes infrastructure used by cyber scam and criminal marketplace
14d ago
Algerian man charged with running two cybercrime marketplaces
15d ago
Court rules SAVE database illegal, orders it dismantled
15d ago
Trump executive orders speed up post-quantum migration, boost industry
15d ago
Intel agencies: Frontier AI models will reshape cybersecurity faster than expected
16d ago
Authorities disrupt Evil Corp’s SocGholish botnet
19d ago
Congress tees up No FAKES Act, aiming at AI-generated deepfakes
19d ago
How software development’s speed obsession enabled TeamPCP’s chaos crusade
20d ago
Accenture shells out $4.18B on three companies in big industrial cybersecurity push
20d ago
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April
21d ago
Lawmakers leery about Trump administration’s Anthropic order
21d ago
AI’s constant patching treadmill can be a security problem
21d ago
A case for how to shape ‘ingredient lists’ for AI models
22d ago
Google exposes China espionage group that’s been lurking in networks undetected since 2023
22d ago
Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat
23d ago
Anthropic disables new models after government calls them a national security concern
24d ago
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
25d ago
US, France, and Italian authorities shut down massive deepfake porn site
25d ago
Conti ransomware group member pleads guilty, faces up to 20 years in prison
25d ago
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
26d ago
CyberCorps is adapting to AI. The budget isn’t keeping up.
26d ago
Russian national charged in connection with Void Blizzard espionage campaign
26d ago
OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers
27d ago
CISA directive orders agencies to prioritize vulnerability patching in a new way
28d ago
Microsoft breaks Patch Tuesday record with 206 vulnerabilities
28d ago
Anthropic’s new model is Mythos on a leash
29d ago
CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector
29d ago
Cisco customers encounter another SD-WAN zero-day under attack
29d ago
Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint
29d ago
The AI security race needs accountability, not overregulation
30d ago
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
33d ago
Hill Dems hammer GOP for $250M CISA budget cut
33d ago
Your AI agent could become your biggest insider threat
33d ago
Inside the race to adapt to an AI-powered security world
34d ago
European authorities crack down on illegal streaming networks
34d ago
DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
34d ago
DOD wants to integrate cyber in all operations, and integrate security into AI
35d ago
Trump administration releases scaled-back AI executive order
36d ago
Anthropic expanding access to Project Glasswing
36d ago
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
36d ago
Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight
36d ago
USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order
36d ago
Election threats are focused on campaign systems, not voting machines
37d ago
Tennessee man linked to 764 accused of series of crimes against children dating back to 2022
39d ago
Federal audit reveals NIST’s NVD is plagued by poor planning and duplication
40d ago
House panel poised to hold hearing centered on AI impact on cyber
40d ago
Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket
40d ago
Zapier fixes bug chain that researchers say risked widespread account takeover
41d ago
OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms
41d ago
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
41d ago
UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace
41d ago
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
42d ago
Apple open-sources quantum-resistant encryption code
42d ago
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
47d ago
Lawmakers from both parties say CISA cuts have gone too far
47d ago
Trump postpones executive order focused on AI security
47d ago
CISA chief frets about open-source vulnerabilities, delayed security improvements
48d ago
European authorities take down prolific cybercrime VPN service
48d ago
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
48d ago
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
48d ago
GitHub says internal repositories were impacted in poisoned VS Code extension attack
49d ago
CISA credential leak raises alarms, and Capitol Hill demands answers
49d ago
Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches
49d ago
Mini Shai-Hulud returns, compromising hundreds of npm packages
50d ago
Microsoft disrupts cybercrime service that abused software verification systems en masse
50d ago
AI might cut false positives, but it won’t stop the slop
50d ago
Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa
50d ago
The Canvas breach proved that prevention is no longer enough
51d ago
Former CISA nominee Sean Plankey named US CEO of defense startup
51d ago
Colorado governor commutes prison sentence for election denier Tina Peters
53d ago
Here’s how the FTC plans to enforce the Take It Down Act
53d ago
Cisco zero-day under ongoing attack by persistent threat group
54d ago
Pentagon cyber official calls advanced AI ‘revolutionary warfare’
54d ago
White House cyber official: identity security matters more than ever in the age of AI
54d ago
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
55d ago
Researchers say AI just broke every benchmark for autonomous cyber capability
55d ago
Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks
55d ago
DOJ releases legal rationale for nationwide voter data collection
55d ago
Weaponized AI: The new frontier of fraud and identity spoofing
55d ago
Daybreak is OpenAI’s answer to the AI arms race in cybersecurity
56d ago
‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack
56d ago
Major world economies spell out key elements of AI ‘ingredients list’
56d ago
Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical
56d ago
Google and Amnesty International teamed up to make it harder for spyware vendors to hide
57d ago
AI is separating the companies built to scale from the ones built to sell
57d ago
Instructure claims hackers returned stolen Canvas data after an extortion standoff
57d ago
Google spotted an AI-developed zero-day before attackers could use it
58d ago
The missing cybersecurity leader in small business
58d ago
Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments
60d ago
ShinyHunters claims nearly 9,000 schools affected by Canvas data breach
61d ago
Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI
61d ago
Ivanti customers confront yet another actively exploited zero-day
61d ago
Trump officials are steering a cybersecurity scholarship program toward AI
61d ago
American duo sentenced for hosting laptop farms for North Korean IT workers
62d ago
One House Democrat is pressing Commerce on the government’s spyware use
62d ago
A DOD contractor’s API flaw exposed military course data and service member records
62d ago
A critical Palo Alto PAN-OS zero-day is being exploited in the wild
62d ago
126 loaded
SA
Security - Ars Technica
10h ago · 20 items
Hackers can use 9 of the most popular AI tools to assemble massive botnets
10h ago
Newly discovered PamStealer isn't your typical macOS malware
5d ago
NASA inspector general suggests Boeing's Starliner will now be a decade late
7d ago
New attack provides one more reason why AI browsers are a bad idea
7d ago
US offers $10 million for info on group behind Signal and WhatsApp hacking spree
8d ago
One-two punch delivered in global operation disrupts cybercrime "assembly line"
13d ago
White House drastically shortens deadline for dropping quantum-vulnerable crypto
14d ago
Following user outcry, AMD reinstates memory encryption in consumer CPUs
15d ago
Microsoft discovers new lightweight backdoor that steals cryptocurrency
19d ago
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
19d ago
Massive breach spills credentials for thousands of sensitive networks
20d ago
"Dangerous" AI models are coming no matter what
20d ago
Windows and Linux users: The deadline to update Secure Boot keys is near
21d ago
Critical Copilot vulnerability allowed hackers to steal 2FA code from users
22d ago
Users cry foul after AMD stripped memory crypto from its consumer CPUs
22d ago
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
25d ago
Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed
28d ago
High-severity vulnerability in Linux caused by a single faulty character
29d ago
For the 2nd time in weeks, Microsoft packages laced with credential stealer
29d ago
How a USB-connected speaker can infect a PC without ever being touched
32d ago
20 loaded
HA
Hak5
16h ago · 15 items
Five Eyes Alert: The AI Deception Has Already Begun | Threat Wire
16h ago
Miasma Worm Source Code Leaked + What NPM v12 Means for Developers | Threat Wire
16d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
16d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
16d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
20d ago
Shark Jacked my LAN 🦈
21d ago
Developers React to the 105-Second Github Chain Reaction | Threat Wire
26d ago
🔴 [PAYLOAD] Shark Jack Display 🦈
27d ago
Introducing Shark Jack Display 🦈
30d ago
The GitHub Leak Situation Just Got Worse | Threat Wire
41d ago
The Worm That Deletes Your Entire Computer | Threat Wire
47d ago
A TL;DR on Dirty Frag #cybersecurity #threatwire @endingwithali
47d ago
Google’s Silent AI Install: What They’re Hiding in Your Files #cybersecurity @endi
47d ago
🔴 [PAYLOAD REVIEW] WiFi Pineapple Pager 📟🍍
52d ago
🔴 [LIVE] Payload Review & 1M Subs!
55d ago
15 loaded
RF
Recorded Future
17h ago · 20 items
The Threat Isn’t the Frontier Model
17h ago
Iran-Nexus TAG-182 Disseminates MarkiRAT Surveillance Tool
7d ago
Where Expertise Meets Algorithm: The Insikt Group® Intelligence Edge
13d ago
Discover how Recorded Future’s Insikt Group combines human expertise with automated analysis to turn raw data into actionable, industry-leading threat intelligence.
Evaluating Mexico’s New Cybersecurity Plan
13d ago
Explore an analysis of Mexico’s 2025–2030 National Cybersecurity Plan. Discover how Mexico is addressing critical threats like ransomware, organized crime, and AI-driven attacks while preparing its digital infrastructure for the 2026 FIFA W...
FortiBleed Campaign Exposing Credentials for 73,932 FortiGate Systems
14d ago
A dataset containing valid administrative and VPN credentials for tens of thousands of Fortinet FortiGate firewalls, Recorded Future recommends organizations patch their systems immediately.
The Purchase Scam Tactic Headed for the World Cup | Recorded Future
15d ago
A purchase scam tactic hijacks organic search through compromised sites, and it’s built to scale into 2026 FIFA World Cup fraud. How it works and how to respond.
State Digital Surveillance Risk Landscape
21d ago
Explore the state digital surveillance risk landscape. Learn how governments use spyware, AI, and network interception to monitor travelers and how to mitigate these risks.
The Intelligence No One Else Has: Inside Recorded Future’s Proprietary Collection Engine
22d ago
Learn how Recorded Future’s proprietary collection engine empowers organizations to move beyond reactive security. Discover the power of our four unique intelligence source types—technical, underground, community, and open-source—working to...
Recorded Future Launches Impact and Metrics Dashboard
27d ago
See the business value of your intelligence program in one live, continuously updated dashboard, built for the conversations that matter most with the executives who own budget and strategy.
Cyber-Enabled Maritime Sanctions Evasion
27d ago
Discover how Iranian and Russian shadow fleets use a vast network of fake maritime websites and fraudulent documents to evade international sanctions
2026 FIFA World Cup: What Public Safety Officials Need to Know
28d ago
China's Noncombatant Evacuation Operations: 2005–2025
28d ago
Russia’s Defense-Based Economy Risks Forcing Putin to Fight Wars
29d ago
May 2026 CVE Landscape
30d ago
Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantage
33d ago
Threats to the 2026 FIFA World Cup
34d ago
Remembering Sir Alex Younger
34d ago
Iran Expands Handala Brand to Physical Threats
36d ago
The Vulnerability Flood Is Now a Board Conversation. Here's How to Lead It.
48d ago
At Mythos Speed: A Defender's Playbook for the AI Vulnerability Surge in 2026
50d ago
20 loaded
MS
MSRC Security Update Guide
1d ago · 20 items
CVE-2026-45638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
1d ago
CVE-2026-9080 UAF after pause in socket callback
1d ago
CVE-2026-8926 password leak with netrc and user in URL
1d ago
CVE-2026-10536 HTTP/2 stream-dependency tree UAF
1d ago
CVE-2026-8286 wrong STARTTLS connection reuse
1d ago
CVE-2026-8458 wrong reuse for different services
1d ago
CVE-2026-8924 trailing dot domain super cookie
1d ago
CVE-2026-8932 incomplete mTLS config matching in conn reuse
1d ago
CVE-2026-9545 exposing HTTP/3 early data
1d ago
CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh
1d ago
CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
1d ago
CVE-2026-14647 onnx onnxruntime old.cc convPoolShapeInference_opset19 out-of-bounds
1d ago
CVE-2026-12480 Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras
1d ago
CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl
1d ago
CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop
1d ago
CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension
1d ago
CVE-2026-53223 net: guard timestamp cmsgs to real error queue skbs
4d ago
Chromium: CVE-2026-13874 Inappropriate implementation in DataTransfer
5d ago
Chromium: CVE-2026-13953 Inappropriate implementation in SplitView
5d ago
Chromium: CVE-2026-14142 Inappropriate implementation in Extensions
5d ago
20 loaded
SE
Securelist
1d ago · 10 items
Threat landscape for industrial automation systems. Q1 2026
1d ago
This report contains industrial threat statistics for Q1 2026, including industrial threat distribution by type, source, region and industry.
When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website
2d ago
The OAuth 2.0 Device Authorization Grant specification was designed to streamline authentication for Smart TVs, IoT devices, and printers. Today, threat actors are weaponizing it.
Armored Likho digging a snake pit: inside the covert BusySnake Stealer campaign
5d ago
An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake Stealer, to target organizations in Russia, Kazakhstan, and Brazil.
Missed incidents, persistent threats, and response gaps: Insights from compromise assessment projects
6d ago
Kaspersky Compromise Assessment specialists analyze trends from the service’s 2025 projects and provide tips on how to enhance your organization’s security.
The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign
7d ago
Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.
OpenClaw: risks for the users and how to mitigate them
7d ago
Researching OpenClaw vulnerabilities, malicious skills and other security issues with the popular agent, and providing tips on how to mitigate them.
ToddyCat: your hidden email assistant. Part 2
8d ago
An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.
The Gentlemen are knocking: сustom backdoors and evolving tactics
9d ago
Kaspersky researchers analyze incidents related to The Gentlemen RaaS group, disclose their tools and TTPs, and find a new ransomware variant.
Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk
12d ago
Analysis of CVE-2024-2658 as found in Schneider Electric’s Floating License Manager. Discover how this FlexNet Publisher vulnerability potentially allows attackers to escalate to NT AUTHORITY\SYSTEM privileges and expand their foothold; lea...
Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools
13d ago
Kaspersky researchers analyze the threat landscape for SMBs in 2026: the rise of attacks involving fake AI tools, phishing schemes, and data sold on the dark web.
DB
David Bombal
1d ago · 15 items
Unveiled: Cisco Deep Reasoning
1d ago
Why Apple Hide My Email FAILS
3d ago
New to Linux? This is the best place to start!
3d ago
WARNING: AI tracks your face
4d ago
Is DEFCON for you?
7d ago
2026 home lab setup to test malicious links safely for FREE (step by step)
10d ago
Which is Ethernet? What's the difference?
12d ago
Europe’s 800 Exaflop SUPERCOMPUTERS
13d ago
They Created a Supercomputer in a Rack?
15d ago
Build a Complete Free CCNA Home Lab in 2026 With No Gear
17d ago
Broken access control demo
17d ago
Will this replace PoE (Power over Ethernet)?
19d ago
Never look into a fiber cable!
19d ago
What is Clam AV (free & open source )?
20d ago
Learn Linux in 180s - history command
21d ago
15 loaded
NE
NetworkChuck
2d ago · 15 items
LIVE AMA | Summer of CCNA | 07/09/2026
2d ago
Fable 5 is back.....run these prompts before July 7
5d ago
shadow AI is terrifying
18d ago
Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026
19d ago
HTTPS Doesn't Hide This From Your ISP!!
19d ago
Cisco Just Showed the Future of Networking
20d ago
Certification Questions | LIVE AMA | Summer of CCNA | 06/18/2026
22d ago
I was wrong about VPNs
23d ago
Certification Questions | LIVE AMA | Summer of CCNA
33d ago
Hermes has a Home Assistant skill and it's unreal!
34d ago
FREE coffee at Cisco Live (I'm giving it away)
35d ago
Codex Lives In PowerShell Now
36d ago
I'm Moderating My First Panel… Come see me at Cisco Live
36d ago
Switching back to Windows?!?
36d ago
Who actually owns the AI in your company?
39d ago
15 loaded
MS
Microsoft Security Blog
2d ago · 10 items
5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management
2d ago
Read five key learnings from the Frost & Sullivan 2025 Frost Radar™ for CSPM to learn how CSPM is evolving from point-in-time compliance to continuous risk management.
Improving security posture across the Microsoft partner ecosystem
6d ago
Read how Microsoft strengthens partner ecosystem security with CSP vetting, least privilege access, monitoring, and risk management best practices.
Microsoft named a leader in the Frost Radar for cloud and application runtime security
7d ago
Frost Radar recognizes Microsoft leadership in cloud and application runtime security, helping teams prioritize and reduce exploitable risk.
Accelerating the quantum-safe timeline
7d ago
We’re accelerating quantum-safe readiness—and sharing what organizations can do now to transition earlier and with confidence.
What’s new in Microsoft Security: June 2026
8d ago
This month’s updates help security and IT teams strengthen identity and multicloud foundations, protect data wherever it lives, and secure the developer workflows powering AI innovation.
Securing AI agents: When AI tools move from reading to acting
8d ago
MCP tool poisoning turns trusted AI agents into a control plane for data loss. Learn how threat actors manipulate tool descriptions to trigger unauthorized actions, and how to detect, contain, and prevent it.
Chromium extension uses AI‑related branding to redirect browser search
9d ago
A malicious Chromium-based extension that spoofs the AI-powered answer engine Perplexity AI redirects browser search traffic using MV3 APIs and intermediary infrastructure.
Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access
12d ago
Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in Europe and Asia. The campaign uses photo-themed ZIP archives and fake image shortcut files to deliver a persistent Node...
Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms
13d ago
Microsoft named a Leader in the Forrester Wave™: Endpoint Management Platforms, Q2 2026, with the highest scores in the current offering and strategy categories.
CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms
13d ago
Discover how Microsoft aligns with the next phase of CNAPP—helping organizations correlate signals, prioritize risk, and reduce cloud exposure across modern application environments.
FP
Fraud Prevention – Riskified
2d ago · 1 items
NA
NahamSec
2d ago · 15 items
I Made an AI Agent That Reverses CVEs While I Sleep
2d ago
This Hacker Got Paid $50,000+ to Break Frontier AI Models
16d ago
This hacker made $500,000+ hacking google in just a few months. #hacking #bugbounty #cybersecurity
20d ago
How I Made $30,000 Hacking Broken Access Control
23d ago
$30K from one bug class: broken access control. Here's how 3 "lows" chain into account takeover
23d ago
Content creations was both a blessing and a curse. #bugbounty
30d ago
This Hacker Made $7,000 Hacking AI With One Email
30d ago
How I Found My First $3,000 AI Vulnerability
37d ago
This GitHub README Hijacks Your AI and Spreads Like a Virus
51d ago
New video: hacking AI coding assistants and IDEs. #bugbounty #ai
51d ago
The Bug Bounty Roadmap I'd Follow If I Started Over (With AI)
58d ago
Is the AI hype helping or killing your bug bounty dreams? #hacking #bugbounty
58d ago
Stop Using AI Connectors Until You Watch This
65d ago
One ChatGPT connector. One email. Full AI agent hijack. #BugBounty #PromptInjection #ai #hacking
65d ago
This hacker made $40,000 using Claude #ai #hacking #bugbounty
72d ago
15 loaded
TI
Technical Information Security Content & Discussion
2d ago · 271 items
Playing Around With ADIDNS RPC Internals
2d ago
Windows Service - Playbook & Detection Strategies
2d ago
It’s 37oC, And All We Can Think About Is ColdFusion (Adobe ColdFusion Security Bulletin APSB26-68 CVE Bonanza) - watchTowr Labs
6d ago
FIFA was saved this time
6d ago
/r/netsec's Q3 2026 Information Security Hiring Thread
6d ago
Privilege escalation to root in Lima QEMU guests via a world-writable agent socket (CVE-2026-53657)
7d ago
r/netsec monthly discussion & tool thread
7d ago
CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) - watchTowr Labs
7d ago
Auditing OpenReception: 16 CVEs in an end-to-end encrypted appointment booking platform (unauthenticated admin creation, account takeover, E2E bypass)
8d ago
Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs
8d ago
I tried a Local AI model (Qwen 3.6 27b) for security research and it works surprisingly well.
10d ago
Dissecting Apple's Sparse Image Format (ASIF)
10d ago
A peek into Reddit's anti-spam internals
11d ago
CVE-2025-52465 geoserver arbitrary file write vulnerability
13d ago
CargoWise WebTracker - The keys were in the cargo
13d ago
Exploiting vulnerabilities in Johnson & Johnson web apps
14d ago
Cloudflare patches Copy-Fail across every server in two days
15d ago
New Cisco RCE was fixed
15d ago
CVE-2026-25860 turn XSS to RCE
15d ago
Exploiting Auth0 Defaults in XSS Attacks - elttam
16d ago
Scanning malicious websites with 'infinite' number of VPN tunnels (Part 1)
17d ago
Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530
18d ago
OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099)
19d ago
Squidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration
19d ago
CVE-2026-5667: Unauthenticated Remote Control of Mitsubishi MAC-577IF-2E WiFi Adapters via Probe Request Reconnaissance
19d ago
Would you like some malware served at the very top of DuckDuckGo?
20d ago
Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update
20d ago
QoS Policies to Restrict EDR Traffic and Detection Strategies
21d ago
Getting a CVE Without Shipping Slop
21d ago
PrizeBuzz phishing network analysis
21d ago
27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth Bypass
21d ago
Empty-ciphertext panic in aws-encryption-provider (CVD with AWS)
22d ago
Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE
22d ago
SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon
23d ago
Researcher accidentally gained access to a threat actor-controlled phishing website
24d ago
PromptSnatcher: AdBlocker stealing Ai Chats - 90k installs
24d ago
MeshCentral: From XSS to RCE
24d ago
Getting the PID from random numbers in PHP
25d ago
The Axios npm compromise was visible in registry metadata before anyone ran npm install
25d ago
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) - watchTowr Labs
25d ago
Free Compromise Detection for GitHub Repos - Tracebit Community Edition
26d ago
Major AI Clients Shipping With Broken OAuth Implementations (JUNE 2026 UPDATE)
26d ago
Old Passwords Die Hard: Abusing CREDHIST for offline credential recovery
26d ago
Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751) - watchTowr Labs
26d ago
Detecting AI-specific threats in Claude Enterprise from the Compliance API: a prefilter + LLM-as-judge pipeline with Sigma rules
26d ago
Claude Fable 5: mid-tier results on coding tasks
27d ago
Fable 5 and the analyst-AI threat model: what a Mythos-class model changes for security work
27d ago
Hacking Google with A.I. for $500,000
27d ago
Prompt injection: attacking the analyst's AI
27d ago
Pre-auth XXE → HTTP SSRF on ArubaOS 8.13.2 closed as "theoretical / no valid PoC" despite TCP pcap, sshd localhost log, and internal port scan — documenting for community review
27d ago
We post-trained a model for offensive security instead of teaching it to refuse
28d ago
How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026
28d ago
FedRAMP Penetration Testing: How to Pass Your ATO Review and Get Cloud Authorized Faster
28d ago
certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA"
28d ago
BlackSun - Defender for Endpoint on macOS
28d ago
GhostTrace – a Windows forensic scanner that finds what "Uninstall" leaves behind (22 modules, read-only, offline)
28d ago
Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam
28d ago
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
28d ago
Apple’s Siri-AI, or more shouting into the void about “private” agents
28d ago
Entra Agent ID from a Security Perspective
29d ago
X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection
29d ago
WinGet - Code Execution, Persistence and Detection Strategies
29d ago
I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue
29d ago
I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information
29d ago
AI Agents May Always Fall for Prompt Injections
29d ago
Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it
30d ago
EDRChoker: Choking The Telemetry Stream to Bypass Defenses
31d ago
PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware
31d ago
CVE-2026-46640: Developing payloads for Twig sandbox bypass
31d ago
Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption
33d ago
Keeping Secrets Out of Logs
33d ago
Unauthenticated RCE as QSECOFR via IBM i Management Central — port 5555, client-controlled verify flag, no credentials required (V7R4 and earlier)
33d ago
System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models
33d ago
Empty-ciphertext panic in aws-encryption-provider (CVD with AWS)
34d ago
Re:CACHE - Excessive reflection, type confusion, and 0-click SXSS on Next.js
34d ago
Enter the WasmForge: Compiling Sliver into WebAssembly
34d ago
Season VI of the US Games launches TOMORROW!
34d ago
EU CRA mandatory vulnerability reporting enters into force September 11, 2026 — what the 24-hour obligation requires
35d ago
Interesting- What LLM vuln research looks like
35d ago
Hacking your PC using your speaker without ever touching it
35d ago
Abusing iDEAL (Wero): how criminals weaponise legitimate payment links in phishing
35d ago
Golang code review notes II - elttam
35d ago
Using AI to Secure Its Generated Code Is a Ponzi Scheme
35d ago
Four coordinated npm supply chain campaigns active in May–June 2026 — TTPs, IOCs, and detection notes
35d ago
We Added a Detection Rule. We Were Not Expecting This.
35d ago
1-Click GitHub Token Stealing via a VSCode Bug
36d ago
Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild
36d ago
NuGet Code Execution As A Service
36d ago
Blind POST SSRF in phpBB 4.0.0-alhpa1 Web Push (CVD with phpBB)
36d ago
Dutch Police and NCSC dismantle 17-million-device botnet running on 200 servers seized from local hosting provider
37d ago
r/netsec monthly discussion & tool thread
37d ago
Poisoning Claude Code: One GitHub Issue to Break the Supply Chain
37d ago
Stealing Passwords via HTML Injection Under a Strict CSP
37d ago
Subnet discovery through multi-protocol TTL tracing
37d ago
ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding
38d ago
LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions
38d ago
Digital Trap: Iran Uses Selective Internet Restoration to Track and Arrest January Protesters
39d ago
A practical checklist for evaluating npm packages (supply chain attacks, slopsquatting, etc.)
39d ago
Introducing Keyhog: The First GPU Accelerated secret scanner
39d ago
OffensiveCon26 YouTube Playlist released
39d ago
1,001 IPs, 64 countries, one operation: mapping a botnet by its back end · HoneyLabs blog
40d ago
I evaluated 5 LLM agents on patching real-world CVEs. Here is what I found.
40d ago
Fooling around with encrypted reasoning blobs
40d ago
CALIF: An AI audit of FreeBSD
40d ago
CoreEvent GraphQL API – BOLA/IDOR exposing 10k+ records (PII, ticket QR codes) via unauthenticated queries
40d ago
The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN
40d ago
Visual Studio Extensions Revisited
40d ago
Threat Intel: Kemper Corporation Hit by ShinyHunters Salesforce Extortion Campaign (269k Accounts Ingested by HIBP)
41d ago
Drupal PostgreSQL SQL Injection: From SELECT-Only to RCE
41d ago
What scanners are actually trying against AI infrastructure
41d ago
Defense by accumulation
41d ago
New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault
42d ago
MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
42d ago
A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate
42d ago
HN Security - AI Reporter - Let's automate reporting in Burp Suite!
42d ago
Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records
42d ago
RCE in Strix Agent(Sandbox): A practical guide to prompt injections with impact
42d ago
Navigating Lax Load Balancers: When an Intersection Gets You Inside
43d ago
Encrypted DNS in 2026: DoH, DoT, DoQ and DoH3 protocol comparison — including DNS hijacking attack vectors and what each protocol actually prevents
43d ago
OTP lockout state leaked valid-code signal, enabling OLX account takeover
43d ago
How journalists rely on VPNs to protect press freedom
43d ago
Analyzing the Taiwan High-Speed Rail (THSR) TETRA incident (part 1)
43d ago
Update Starlette Now. New severe vulnerability dropped.
43d ago
The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire
43d ago
How credential brokering prevents AI agents from compromising credentials via prompt injection
44d ago
CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth
44d ago
Threat Intel: ShinyHunters Leaks 9.4GB Database of 7-Eleven Franchisee Systems Post-Extortion Refusal
44d ago
nmap on Linux: Guide to Network Scanning and Discovery
44d ago
Prompt Injection finally broke my brain a little. My first article as a security student.
45d ago
How to Use Claude AI: A Complete Technical Beginner's Guide
45d ago
Pardon MIE?: how Mythos did not bypass Apple MIE
46d ago
CVE-2026-9256 - "nginx-poolslip", another new vulnerability in the rewrite module
46d ago
AI Security CTF (free, open) - prompt injection, agent workflow hijacking, guardrail bypass - June 17-22
46d ago
Just added an interactive security map to my project NoEyes showing exactly what the server sees (and doesn't)
46d ago
Restoring Testability: Handling Complex Scenarios in Burp Suite with a Custom Extension
47d ago
Zyxel low-priv account leaked super-admin, FTPS, and TR-069 secrets across router fleets
47d ago
Data breach in name of protest
47d ago
pnpm 11 Might Finally Be a Better Default Than npm
47d ago
durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP | same Mini Shai-Hulud payload as last week's TanStack wave
47d ago
[Analysis] CISA contractor left AWS GovCloud admin keys, plaintext passwords, SAML certs, and Kubernetes configs on a public GitHub repo for 183 days — with secret scanning deliberately disabled
47d ago
GitHub Actions Cache Poisoning is eating open source
48d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
48d ago
CVE-2026-34474: Pre-auth credential disclosure in ZTE H298A / H108N via ETHCheat
48d ago
FatGid - FreeBSD 14.x kernel LPE
48d ago
Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082)
48d ago
GitHub ~3,800 internal repos compromised through a malicious VS Code extension
48d ago
The IBM X-Force Index 2026 explains all three in one finding.
48d ago
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era
49d ago
CVE-2026-45585: Windows BitLocker — YellowKey Recovery Bypass Analysis
49d ago
[ Removed by Reddit ]
49d ago
CVE-2026-34472: Pre-auth credential exposure and auth bypass in ZTE H188A V6 routers
49d ago
Iran Wants to Tax the Internet Flowing Through the Strait of Hormuz While Restricting Its Own Citizens Online
49d ago
The IBM X-Force Index 2026 explains all three in one finding.
49d ago
GitHub hit by a compromised VSCode extension
49d ago
When Filenames Become Attack Surfaces: Weaponizing NASA's CFITSIO Extended Filename Syntax
49d ago
We audited 12K n8n templates: most have critical vulnerabilities
49d ago
Veilgate - Deception proxy
49d ago
Sleeping Agent: Silent persistent C2 through Web Push
49d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
49d ago
How Storm-2949 turned a compromised identity into a cloud-wide breach
50d ago
Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments
50d ago
CVE-2026-34473: Pre-auth ZTE H-series router DoS via CGILua request-body parsing
50d ago
RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields
50d ago
New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)
50d ago
The quiet death of behavioral anti-bot and the pivot to hardware ZKPs
50d ago
AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems
50d ago
ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12.
50d ago
The down fall of bug bounties
51d ago
TanStack Supply Chain Attack (And How to Lock Down GitHub Actions)
51d ago
Attacking Cloud Service Providers (ACSP) - An interactive textbook on control-plane intrusion and breaking cross-tenant isolation
51d ago
Autonomous AI Penetration Testing with Consent-First Ethical Framework — Research Paper + Working Implementation
51d ago
Ansible security and compliance guide
52d ago
Instrumenting QT6 desktop apps with Frida - Part 2: Building the Bypass Chain
52d ago
AI-assisted cyberattacks are changing the threat landscape faster than most organizations realize.
53d ago
Microsoft MDASH found 16 Windows RCEs — here's exactly how the 100-agent pipeline works
53d ago
Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live
53d ago
North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems
54d ago
Automating code security reviews with Claude Mythos-level capabilities
54d ago
Instrumenting QT6 desktop apps with Frida - Part 1
54d ago
From Vercel Typosquatting to an Obfuscated macOS Malware Loader
54d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
54d ago
Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state
55d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
55d ago
CVE-2026-44338: Scanners Target PraisonAI Within Four Hours of Disclosure
55d ago
How to Check Computer Activity: 2026 Guide for Windows and Mac
55d ago
CVE-2026-42945 : NGINX Heap Buffer Overflow in rewrite module - Writeup and PoC
55d ago
Hunting the Behavior Behind npm Supply Chain Attacks
55d ago
WaSteal: 126 Chrome extensions, 148K installs, one Brazilian operator silently sending WhatsApp user data and ad cookies to its servers
55d ago
Apple Maildrop lets you rewrite the filename, size, and icon on any icloud.com attachment link — no signature, no validation — reported July 2023, still live
55d ago
On vendor disclosure timelines, bounty programme incentive misalignment, and the psychological contract
55d ago
/sbin/ping -G sweepmax has no bounds check on macOS: deterministic BSS out-of-bounds write, confirmed by Apple
55d ago
Apple's smbd has no FSCTL_SRV_COPYCHUNK limit enforcement: 256 bytes in, 64 GiB disk I/O out
55d ago
On-prem vs IaaS vs PaaS vs SaaS for self-hosted IAM (Keycloak case study)
56d ago
A stealth approach to Process Injection - EntryPoint Hijacking
56d ago
A year of Apple Security Bounty research — 16 closed findings, full disclosure
56d ago
AI-Coded App Vulnerability Checklist - 33 LLM-specific items with detection methods
56d ago
Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
56d ago
The Algorithm Goes to War: Inside the AI Cyberweapon Revolution That Governments Cannot Stop
56d ago
Malicious Coding Agent Skills and the Risk of Dynamic Context | Datadog Security Labs
57d ago
AI Vulnerability Research and the Fuzzer Era Déjà Vu
57d ago
I spent a weekend trying to get OpenClaw to leak my own personal data and it caught me immediately...
57d ago
Curl lead developer Daniel Stenberg provides insightful feedbacks from Mythos analysis results
57d ago
New ipTIME Pre-Auth RCE in CWMP
57d ago
Postmortem: TanStack npm supply-chain compromise
57d ago
How do Fortune 10 SOCs handle incident response with 15 people instead of 150? Energy-Based Models.
57d ago
OpenAI announces Daybreak, "frontier AI for defenders"
57d ago
GhostLock: SMB Deny-Share Handles as a Zero-Privilege Availability Weapon
57d ago
How I Defeat Passkeys Nearly Every Time in Phishing Assessments
58d ago
MyAudi app:Security issues in Audi Connected Vehicle experience
58d ago
Giving Claude Code Full Control of a Hardware Fault Injection Setup to Bypass Secure Boot
58d ago
Mythos, MOAK, CTEM and the End of CVE Chasing
58d ago
Autonomous Vulnerability Hunting with MCP
58d ago
ShinyHunters / AT&T ransom payment traced on-chain — paper draft, seeking arXiv cs.CR endorsement
58d ago
Data in Use Protection: How MPC Keeps Inputs Hidden from the Cloud - Stoffel - MPC Made Simple
59d ago
The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.
59d ago
Outrunning SHA256 with Physics
59d ago
Memory Poisoning AI Agents via ChromaDB
59d ago
Defence in Depth: A Practical Secure Corporate Network Topology
59d ago
Technical Analysis of EagleSpy V6.0 (CraxsRAT Rebrand) Distributed Through Odysee and Telegram
59d ago
Getting LLMs Drunk to Find Remote Linux Kernel OOB Writes (and More)
59d ago
Seclens: Role-specific Evaluation of LLM's for security vulnerablity detection
60d ago
Securing CI/CD for an open source project: lessons from Cilium
60d ago
ShinyHunters breached Canvas/Instructure — 275M student records stolen from 8,809 schools, ransom deadline May 12
61d ago
Needle crypto-stealer C2 analysis: API key embedded in plain text inside the Rust malware unlocked 1,932 victims and the operator's withdrawal config
61d ago
Copy Fail (CVE-2026-31431): A Technical Deep Dive
61d ago
Kernel LPE Vulnerability Published Early Due To Third-Party Breaking Embargo
61d ago
Dirty Frag - Linux LPE similiar to Copy Fail
61d ago
Honey Tokens: Bait Credentials That Catch Breaches
61d ago
CVE-2026-42511 Breakdown: RCE in FreeBSD
62d ago
Bypassing Bitlocker under 5 min using downgrade attack on CVE-2025-48804
62d ago
An AI security auditor that red-teams PRs to find exploits, not just patterns (open-source + Ollama support)
62d ago
Approve Once, Exploit Forever: The Trust Persistence Problem in Claude Code, Codex and Gemini-CLI
62d ago
Quacc++: Automated Open Source Vulnerability Discovery
62d ago
Binance fixed the IP whitelist gap — but the disclosure process is still broken
63d ago
Non-Determinism of Maps in Golang: Why, How, and the Consequences
63d ago
pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI
63d ago
Vulnerability Garden
63d ago
Scan. Secure. Simplify. — Free Web Tools Platform
63d ago
Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (CVE-2026–7482)
63d ago
Salesforce pentesting novel techniques- how to be an apex predator
63d ago
DigiCert: Misissued code signing certificates
63d ago
Major AI Clients Shipping With Broken OAuth Implementations
64d ago
HN Security - Extending Burp Suite for fun and profit – The Montoya way – Part 10
64d ago
Ghosts of Encryption Past – How we Read All Your Emails in Salesforce Marketing Cloud
64d ago
The Danger of Multi-SSO AWS Cognito User Pools
64d ago
Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
64d ago
Proton Pass: Second-Password Bypass Through Emergency Access
64d ago
We probed 6,000 web apps for Stripe webhook signature checks. 1,542 don't bother
64d ago
Lateral Movement - Cross-Session Activation
65d ago
"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts
65d ago
Your vibe-coded app is probably violating GDPR right now
65d ago
Acoustic Keystroke Recovery - Reconstructing Typed Text from a Laptop Microphone (Full Guide, 85% success rate)
66d ago
How to exfiltrate data using only numeric outputs
67d ago
For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall.
67d ago
Every incident public companies have disclosed to the SEC, in one searchable database
67d ago
r/netsec monthly discussion & tool thread
68d ago
Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster
68d ago
Seventeen vulnerabilities in Omi, fourteen days of silence
69d ago
High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)
69d ago
Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root
69d ago
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs
69d ago
The Thymeleaf Template Injection That Only Hurts If You Let It
70d ago
Set up automated dependency scanning after the recent npm/PyPI supply chain attacks
70d ago
A Route to Root in a 4G Industrial Router
70d ago
[Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses)
71d ago
The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords
71d ago
89 vulnerabilities in XAPI / Citrix XenServer
71d ago
[ Removed by Reddit ]
71d ago
Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025)
71d ago
Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary
72d ago
MCPwned: a Burp Suite extension for auditing MCP servers
72d ago
271 loaded
IP
IppSec
4d ago · 15 items
HackTheBox - DevArea
4d ago
HackTheBox - WingData
11d ago
HackTheBox - Nanocorp
18d ago
HackTheBox - VariaType
25d ago
HackTheBox - Facts
32d ago
HackTheBox - Interpreter
39d ago
HackTheBox - MonitorsFour
46d ago
HackTheBox - Pterodactyl
53d ago
HackTheBox - Overwatch
60d ago
HackTheBox - Sorcery
74d ago
HackTheBox - AirTouch
81d ago
HackThebox - Eighteen
88d ago
HackTheBox - DarkZero
95d ago
HackTheBox - Browsed
102d ago
HackTheBox - Conversor
109d ago
15 loaded
WE
WeLiveSecurity
5d ago · 20 items
Cyber readiness for SMBs: Getting the basics right
5d ago
This month in security with Tony Anscombe – June 2026 edition
8d ago
Inside the inbox: Why cybercriminals want to break into your email account
9d ago
SMB cyber readiness: the road to resilience starts here
12d ago
Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances
13d ago
ESET takes part in Operation Endgame to disrupt Amadey and Stealc
14d ago
Killing me gently: Inside Gentlemen’s EDR killer framework
20d ago
Protecting legacy OT systems against modern cyberthreats
21d ago
FishMonger’s arsenal upgraded: SprySOCKS for Windows
22d ago
EvilTokens: A phishing attack that doesn’t steal your password
23d ago
OceanLotus: From external espionage to domestic targeting
27d ago
Unpacking SMB cyber-readiness – and what makes or breaks it
28d ago
Cybercriminals: the 'auditors' you never hired
29d ago
Lessons for life: Why children’s data is a long-term identity risk
35d ago
This month in security with Tony Anscombe – May 2026 edition
40d ago
ESET APT Activity Report Q4 2025–Q1 2026
41d ago
What to consider before asking an AI chatbot for health advice
42d ago
BTMOB: A stealthy RAT burrowing deep into Android devices
43d ago
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
47d ago
Webworm: New burrowing techniques
49d ago
20 loaded
TL
The Last Watchdog
6d ago · 29 items
News alert: Link11 launches faster DDoS mitigation to counter AI-driven, adaptive network attacks
6d ago
FRANKFURT, July 1, 2026, CyberNewswire – Link11, a leading European provider of cloud-based cybersecurity solutions, today announced the launch of its completely rebuilt Layer 3/4 DDoS mitigation solution, designed to address the growing ...
News alert: Reflectiz partners with Taboola to host webinar on AI-driven marketing security risks
7d ago
BOSTON, June 30, 2026, CyberNewswire – Reflectiz, the web exposure management platform, today announced a live webinar with Taboola, "Securing Third-Party Marketing in the AI Era," taking place July 8 at 9 AM EDT / 3 PM CEST. Every market...
News alert: OpenMatter launches platform to verify AI activity across enterprise systems
7d ago
MELBOURNE, Fla., June 30, 2026, CyberNewswire – OpenMatter Network today announced the launch of its cryptographically verifiable platform for secure collaboration and AI governance, built on a simple premise: Don't Trust Data. Prove It. ...
News alert: SpyCloud report finds phishing surge exposing employee data at Fortune 100 companies
20d ago
AUSTIN, Tex., June 17, 2026, CyberNewswireŌĆōSpyCloud, the leader in identity threat protection, today released its 2026 Phishing Pulse Report, revealing that phishing attacks continue to increase in both volume and sophistication for enter...
News alert: Heimdal study finds executives are more confident than frontline IT teams on AI risk
20d ago
LONDON, June 17, 2026, CyberNewswire–Heimdal today published The State of AI Risk Management in 2026, a survey of 1,000 IT professionals across the United Kingdom and the United States. The report's headline finding is a divide inside the...
News alert: Aembit secures Copilot Studio agents with identity-based access controls and audit trails
21d ago
LAS VEGAS, June 16, 2026, CyberNewswire–Aembit on Tuesday announced support for Copilot Studio, extending its identity and access management capabilities to Microsoft's enterprise AI agent platform. The integration, unveiled at Identivers...
News alert: GitGuardian adds endpoint protection as developer laptops become credential troves
21d ago
NEW YORK, June 16, 2026, CyberNewswire–GitGuardian announced today that it is introducing Developer Endpoint Protection, extending its secrets and non-human identity (NHI) security platform coverage to developer workstations. After 12 mon...
News alert: Varist announces AI-scale malware detection for healthcare and medical imaging
22d ago
REYKJAVIK, Iceland, June 16, 2026 — Varist today introduced its DICOM Detection Engine™, a specialized system designed to safeguard electronic health records (EHR) and picture archiving and communication systems (PACS) from all known ma...
News alert: Cloud security report finds fragmented tools widening the cloud complexity gap
27d ago
News alert: Halo Security recognized for helping MSPs manage customers’ external attack surfaces
35d ago
FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential
36d ago
News alert: TVC Analyst Group names 12 vendors to watch ahead of Gartner’s security summit
40d ago
GUEST ESSAY: AI pipelines are shattering network security — most companies haven’t even noticed yet
42d ago
GUEST ESSAY: AI can speed up communication, but it can also weaken human connection
49d ago
News alert: Orchid Security study finds invisible identities now outnumber managed accounts
49d ago
MY TAKE: AI agents force a rethink of enterprise service lines as vendors move up the tech stack
51d ago
LW ROUNDTABLE: Microsoft Edge normalizes credential exposure — security pros push back
56d ago
FIRESIDE CHAT: Cyber insurers deepen SMB security role as supply chain attacks spread
57d ago
News Alert: Lyrie.ai joins Anthropic verification program, unveils protocol for securing AI agents
57d ago
News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market
63d ago
SHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agents
69d ago
GUEST ESSAY: How augmented reality (AR) can turn building images into ad space with no control
71d ago
FIRESIDE CHAT: Leaked secrets are now the go-to attack vector — and AI is accelerating exposures
72d ago
News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category
77d ago
Fireside Chat: PKI has carried digital trust through every tech advance—now comes the hardest one
79d ago
News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security
83d ago
GUEST ESSAY: Google’s 2029 deadline exposes readiness gap as move to quantum-safe crypto lags
85d ago
News alert: Mallory launches AI-native platform to cut through alert noise and surface real risk
89d ago
FIRESIDE CHAT: Geopolitical turmoil, rising AI risk add a new layer to enterprise cyber defense
92d ago
29 loaded
PN
Proofpoint News Feed
7d ago · 10 items
New Cargo Theft Surge: From Lobster Heists To Bourbon Warehouse Scams
7d ago
Cargo theft is evolving with cybercrime. Learn how organized crime is hijacking shipments—from a $400,000 lobster theft to a $500,000 bourbon heist—and what needs to be done.
Defending the Authentication Flow: Device Code Phishing with Selena Larson
8d ago
Host Caleb Tolin sits down with Selena Larson, Staff Threat Researcher and Lead, Intelligence Analysis and Strategy at Proofpoint and Host of the DISCARDED podcast, to discuss the mechanics of device code phishing and the widespread abuse o...
Proofpoint Joins the OpenAI Daybreak Cyber Partner Program to Advance Responsible AI-Powered Cyber Defense
16d ago
Proofpoint has been selected to participate in OpenAI Daybreak, which helps trusted cybersecurity companies integrate AI into defensive security operations. Through the OpenAI Daybreak Cyber
OpenAI Lets Cyber Vendors Embed GPT-5.5 in Defenses
16d ago
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
29d ago
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
34d ago
Proofpoint Introduces Active Exploits Protection to Help Organizations Prioritize Vulnerability Patching for Real-World Attacks in the AI Era
42d ago
New solution reduces exposure to actively exploited vulnerabilities in minutes by turning intelligence into immediate protection across primary attack paths Disrupts AI-powered exploit-
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
47d ago
Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude
48d ago
New product integrations bring data protection, insider risk detection, and governance into Claude Enterprise and Claude Platform activity Organizations gain unified visibility across
Proofpoint Launches Dedicated MSP Business Unit and Introduces 365 Total Protection for North America
56d ago
New MSP Platform business unit, AI-powered all-in-one Microsoft 365 protection, and Marketplace partnership with Pax8 strengthen Proofpoint’s commitment to channel and small and mid-size
CD
Cyber Defense Magazine
7d ago · 82 items
The Chaya_006 Alert: OT Edge Devices Under Fire
7d ago
Nissan Americas Hit in Global Oracle PeopleSoft Data Breach
8d ago
CISA Warns Attackers Are Targeting Critical Internal Business Platforms
9d ago
Return On Risk: The New Measure Of Cyber Resilience
10d ago
Path to StateRAMP
10d ago
Rethinking Identity Security In The Age Of AI Driven Fraud
11d ago
New Age Insider Risk
11d ago
Openclaw And The Agentic AI Inflection Point: From “Cool Demo” To Governed Infrastructure
12d ago
Reasonable Reliance: The Test Duty-Holders Are Quietly Being Held To
12d ago
The Moment Of Reliance: The Question Safety Governance Cannot Currently Answer
13d ago
The New Face Of Fraud: Why AI Is Making Older Adults The Primary Target
13d ago
NSA Urges Cyberthreat Timeline Has Compressed From Years to Months
13d ago
Governance Is Failing: Why Converged Digital Risk Is Outpacing Every Control We Have
14d ago
Invisible By Design: Making Quantum-Safe Encryption The Easy Path
14d ago
Magecart Evolves and Attackers Weaponize Ethereum Blockchain for Digital Skimming
14d ago
Innovator Spotlight: NAKIVO
14d ago
Cybersecurity Outsourcing. Beyond Cost
15d ago
Inside The Rising Cyber Risk To Insurers: Why Insurance Companies Are Now Prime Targets
15d ago
Supply Chain Compromise: Nintendo Vendor Breach Exposes Internal Data
15d ago
Data Breach with Eastman Kodak Company
15d ago
The World Cup Is Here… And So Are The Cyber Risks
16d ago
Cloud Managed Services For Modern Cybersecurity To Secure Cloud
16d ago
Exploring The 2025 Cyber Threat Landscape: Analysis From The IT And Food And Agriculture Sectors
17d ago
The Shadow AI Paradox: Governing Innovation At Machine Speed
18d ago
Innovator Spotlight: Ensemble
18d ago
Innovator Spotlight: Centrii
18d ago
NSPM-12: The New Baseline for National Security Cybersecurity
19d ago
Five Compliance Realities Federal Contractors Can’t Ignore
20d ago
Cyber Security Market Insights & Trends Driving The Next Wave Of Protection
21d ago
AI is Not Solving Cybersecurity Burnout Yet, New ISSA and Omdia Research Warns
21d ago
Crypto’s Biggest Unresolved Risk Is Not Theft Of Assets, It’s The Collapse Of Identity Certainty In Financial Transactions
22d ago
Could GPU-Accelerated EDR Improve The Future Of Endpoint Detection?
23d ago
CMMC Is Exposing A Major Gap In The Defense Supply Chain
24d ago
Zero Trust For AI In Defense Networks
25d ago
Why Most Cyber Resilience Programs Fail Before The First Incident
26d ago
Breaking Free Of The Cyber Insurance Market’s Moment Of Frustration
27d ago
What The Cybersecurity Industry Knows And Will Not Say
28d ago
Rethinking Access Governance for AI Agents
29d ago
How CIAM Helps Boost Business
30d ago
World Cloud Security Day
30d ago
CMMC Is Here, But AI Changes The Compliance Conversation
31d ago
Cybersecurity Improved Detection But Exposed a New Problem
32d ago
Innovator Spotlight: Airrived
32d ago
Cloud Security In Practice
33d ago
Segment With Purpose: A Zero Trust Blueprint For OT Network Segmentation In Manufacturing
34d ago
The Expanding Attack Surface And How Identity Is Now The Primary Breach Vector
35d ago
Officials Confirm Early Rollout Of CMMC Requirements At CMMC Northeast Summit
36d ago
Why Is Cybersecurity Now A Business Priority, Not Just An IT Function?
52d ago
The Security Mistakes Being Repeated With Ai
53d ago
The Hidden Risk For IT Subcontractors: When Insurance, Not Security, Costs You The Contract
54d ago
Innovator Spotlight: Klever Compliance
54d ago
Innovator Spotlight: Radware
54d ago
Innovator Spotlight: JScrambler
54d ago
Innovators Spotlight: OPSWAT
55d ago
The Board Is Asking The Wrong Security Question
56d ago
Synthetic Identity Fraud Requires An Equal Focus On Biometrics And Document Verification
57d ago
Innovator Spotlight: Iru
57d ago
Innovator Spotlight: Axonius
57d ago
Security In The AI Era: Why Compliance, Infrastructure, And Platform Security Must Converge
58d ago
The SMB Cybersecurity Gap: Why Small Businesses Are The Fastest-Growing Attack Surface
58d ago
Fighting Fire With Fire: Future-Proofing The Cybersecurity Workforce With AI
59d ago
Innovator Spotlight: Lineaje
59d ago
Why Vulnerability Scanning Is Not Penetration Testing, And Why Cisos Should Care
61d ago
Bouncing Back from Cyberattacks: How Fast Recovery Is Mastered
62d ago
When AI Stops Assisting And Starts Discovering: What Claude Mythos Preview Means For Cybersecurity
62d ago
Innovators Spotlight: Badge (Part II)
62d ago
Redefining Security Operations Through Seceon’s Open Threat Management Platform
63d ago
The Insurance Industry Is Rewriting Cybersecurity Strategy
64d ago
Securing The AI-Enabled Workforce: The Next Evolution Of Human Risk Management
65d ago
Ai Didn’t Break Cybersecurity, It Revealed It
66d ago
RSAC 2026: The Power of Community
67d ago
Inside RSAC 2026
68d ago
Innovator Spotlight: The Open Group
68d ago
Preparing For Hybrid Warfare: Actions To Take When The Cloud Goes Dark
69d ago
Operationalizing Cyber Resilience: A Practitioner’s Framework for Real-World Security Constraints
70d ago
Innovator Spotlight: Puneet Bhatnagar
70d ago
Cybersecurity Risks in 2026
71d ago
Retro-Coding and the Roots of Logic: Why The Byte Brothers: Program a Problem Still Matters
71d ago
Innovator Spotlight: TokenCore
71d ago
Platform Engineering: The Rise of a Disciplinary Rethink
72d ago
60% Of Cyberattacks Are Identity Based — Is Identity First A Bad Idea?
72d ago
From Threat Detection To Decision Intelligence: Rethinking Modern Cyber Defense
73d ago
82 loaded
BF
Blog – Forter
9d ago · 10 items
New at Forter: AI Agents Built to Amplify Your Team 1
9d ago
New at Forter: AI Agents Built to Amplify Your Team
14d ago
Can AI Agents Find, Trust, and Choose Your Brand?
15d ago
IMPACT Roadshow Recap: Getting Ready for Agentic Commerce
28d ago
Agent-Ready: How to Prepare Your Site for AI-Driven Commerce
34d ago
Japan’s 3DS Mandate: One Year In
54d ago
One-Click Refunds Are Not as Hard as You Think
63d ago
Toys“R”Us Japan Implements Forter’s Fraud Management and Payment Optimization Solutions
70d ago
More of What Matters: Forter’s April Product Release
71d ago
If AI Agents Can’t Find You, Do You Even Exist?
71d ago
TM
Trend Micro Research, News, Perspectives
9d ago · 20 items
TONResolver RAT Abuses TON Blockchain to Target Japan's Hotel Industry
9d ago
From Langflow to Monero: Inside CVE-2026-33017 Cryptominer
15d ago
PeopleSoft PeopleTools Pre-Authentication RCE: A PSIGW SSRF Chain That Executes Inside the JVM
20d ago
Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign
21d ago
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
26d ago
GenAI Is Both Hunter and Hunted at Pwn2Own Berlin 2026
28d ago
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
30d ago
Pwn2Own Berlin 2026: On the Ground With TrendAI™ ZDI's Biggest AI Showdown Yet
37d ago
Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet
43d ago
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
47d ago
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
50d ago
Agentic Governance: Why It Matters Now
51d ago
Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft
56d ago
Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America
58d ago
What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do
59d ago
Supporting the National Cyber Strategy: How TrendAI™ Helps
63d ago
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise
64d ago
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
65d ago
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
69d ago
Kuse Web App Abused to Host Phishing Document
70d ago
20 loaded
DA
darkreading
12d ago · 104 items
Name That Toon Contest
12d ago
Europe Evolves Into Ransomware's Favorite Region
13d ago
Attackers Hit Cisco SD-WAN Flaw 2 Months Before Disclosure
13d ago
2026 FIFA World Cup Faces Surge in Cyber Threats
13d ago
Do CISOs Need a Code of Ethics?
13d ago
More Malicious OpenClaw Skills Threaten AI Supply Chain
14d ago
Apple's MacOS Gap Lets Users Disable Security Tools
14d ago
Scope of Salesforce Attacks Expands as Icarus Leaks Data
14d ago
'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows
14d ago
SocGholish Takedown Highlights Malicious TDS Threats
15d ago
FortiBleed Attackers Turn Firewalls Into Credential Stealers as Heists Persist
15d ago
DifyTap Bugs Let Attackers 'Wiretap' AI Chat Histories
15d ago
Crypto Heist Fueled by Elaborate Fake Reputation-Boosting Campaign
16d ago
He Thought He Was Secure; His Phone Number Was Stolen Anyway
16d ago
Stressors, AI Forcing Changes to Cybersecurity Teams
19d ago
Novo Nordisk Breach Highlights Software Development Pipeline Risk
19d ago
Operation Escaneo Signals Shift in LatAm Threat Landscape
19d ago
FIFA Bug Exposes World Cup Streams to Remote Takeover
19d ago
Salesforce Data Thefts Continue via Klue App Compromise
20d ago
Get Out of Security Debt by Tackling the Exposure Problem
20d ago
EU Gets a Head Start in Developing 6G Network Security
20d ago
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
25d ago
Claude Fable 5 Doesn't Change the Mythos Security Story
26d ago
Phishing Attack Volume Down 20%, But Risk Still Rising
26d ago
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
26d ago
Segmentation Works for OT If Operators Are Paying Attention
27d ago
Chinese, N. Korean Threat Groups Build on Asia-Pacific Success
27d ago
CISA Rewrites Federal Patching Requirements for AI Threat Era
27d ago
Bug Bounty Research Triggers ServiceNow Security Alert
27d ago
AI Risk Worries Insurers & Businesses Alike
27d ago
Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet
28d ago
The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life
28d ago
Blame AI: Patch Tuesday Hits Record 206 CVEs
28d ago
Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address
28d ago
Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
28d ago
Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs
29d ago
AI Slop Will Kill Cybersecurity Storytelling If We Let It
29d ago
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
29d ago
Check Point VPN Flaw Exploited Since Early May
29d ago
Iran Signed a Ceasefire — Its Hackers Didn't
29d ago
[An RX Global Event] Infosecurity Europe
36d ago
Name That Toon: Mark of (Cybersecurity) Progress
39d ago
Asia's Cyber Insurance Market Shows Signs of Life
40d ago
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
40d ago
'The Com' Cyberattacks Support Violence & Sexploitation
40d ago
As Global Powers Explore Humanoid Robots, Cyber-Risk Looms
40d ago
Dutch Raid Fails to Dent Russian Bulletproof Host
40d ago
Agentic AI Isn't Risky; the Way Orgs Deploy It Is
41d ago
Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security
41d ago
BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model
41d ago
Nordic CISOs Handle Rising Cyber Threats Remarkably Well
41d ago
Ransomware Actors Show Up In Person to Steal Law Firm Data
41d ago
Latin American Cybercriminals Hoover Up Government Data
42d ago
AI-Assisted Exploit Development Outpaces Scanner Detection
42d ago
Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
42d ago
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
42d ago
State Cyber Leaders Push Congress for More Funding, Support
42d ago
Shai-Hulud Hackers TeamPCP: Lucky or Skilled?
42d ago
For Enterprises, Security Remains Agentic AI's Biggest Challenge
42d ago
The Boring Stuff is Dangerous Now
51d ago
Can Laws Stop Deepfakes? South Korea Aims to Find Out
51d ago
Congress Puts Heat on Instructure After Canvas Outage
53d ago
Cyber Pioneers Ponder Past as Prologue
54d ago
Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
54d ago
SecurityScorecard Snags Driftnet to Level Up Threat Intelligence
54d ago
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
54d ago
'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine
55d ago
AI Drives Cybersecurity Investments, Widening 'Valley of Death'
55d ago
Foxconn Attack Highlights Manufacturing's Cyber Crisis
55d ago
Checkbox Assessments Aren't Fit to Measure Risk
55d ago
Attackers Weaponize RubyGems for Data Dead Drops
55d ago
Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak
55d ago
Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape
55d ago
LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly
56d ago
China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm
56d ago
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
56d ago
Hugging Face Packages Weaponized With a Single File Tweak
57d ago
20 Leaders Who Built the CISO Era: 2 Decades of Change
57d ago
Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain
57d ago
How the Story of a USB Penetration Test Went Viral
64d ago
RMM Tools Fuel Stealthy Phishing Campaign
64d ago
Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
64d ago
Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia
65d ago
How Dark Reading Lifted Off the Launchpad in 2006
65d ago
76% of All Crypto Stolen in 2026 Is Now in North Korea
67d ago
If AI's So Smart, Why Does It Keep Deleting Production Databases?
68d ago
Name That Toon: Mark of (Security) Progress
68d ago
20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage
68d ago
TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack
68d ago
Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
68d ago
Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber
68d ago
Oracle Red Bull Racing Team Revs Up Automation to Boost Security
69d ago
Claude Mythos Fears Startle Japan's Financial Services Sector
69d ago
Reverse Engineering With AI Unearths High-Severity GitHub Bug
69d ago
AI Finds 38 Security Flaws in Electronic Health Record Platform
69d ago
Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error
70d ago
Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities
70d ago
BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures
70d ago
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
70d ago
Feuding Ransomware Groups Leak Each Other's Data
70d ago
Vidar Rises to Top of Chaotic Infostealer Market
70d ago
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
71d ago
UNC6692 Combines Social Engineering, Malware, Cloud Abuse
71d ago
Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation
72d ago
104 loaded
M3
Microsoft 365 Blog
13d ago · 10 items
Copilot in Excel: Built for the era of Frontier Finance
13d ago
- Discover how Copilot in Excel transforms finance workflows with skills, data connectors, and capabilities for traceability.
Copilot Cowork is now generally available
22d ago
Copilot Cowork is now generally available worldwide, bringing secure, AI-powered automation for complex enterprise tasks in Microsoft 365.
Introducing Microsoft Scout: Your always-on personal agent
35d ago
Microsoft introduces a new, always-on personal agent, Microsoft Scout, integrated across the Microsoft 365 apps you use every day.
Announcing the new Work IQ APIs
36d ago
Build enterprise agents with Work IQ APIs for Microsoft 365—bringing business context, tools, and secure, scalable intelligence into every workflow.
Introducing Microsoft 365 Business with Copilot: The new standard for small business
40d ago
Meet Microsoft 365 Business with Copilot—the AI-powered solution transforming how small businesses work, collaborate, and compete.
Introducing a new design for Microsoft 365 Copilot
41d ago
Copilot’s redesigned experience delivers faster performance, adaptive tools, and clearer AI-powered workflows to help you easily move from intention to outcome.
New and improved: Computer-using agents, a new workflows experience, and real-time voice experiences
43d ago
Explore what's new in Copilot Studio, May 2026: computer-using agents are now available, plus redesigned workflows and Work IQ extensibility.
New and improved: Agent governance, intelligent workflows, and connected app experiences
57d ago
See what's new in Copilot Studio, April 2026: updates to workflows, more control over agent operations, and an expanded agent usage estimator.
Copilot Cowork: From conversation to action across skills, integrations, and devices
64d ago
Today, we’re announcing additional capabilities in Cowork to expand on what it can make possible for you.
Microsoft 365 Copilot, human agency, and the opportunity for every organization
64d ago
Empower your organization with Microsoft 365 Copilot—AI that bridges human potential and business outcomes for the future of work.
AL
Alerts
20d ago · 44 items
CISA Adds One Known Exploited Vulnerability to Catalog
20d ago
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
20d ago
CISA Adds One Known Exploited Vulnerability to Catalog
22d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
23d ago
CISA Adds One Known Exploited Vulnerability to Catalog
26d ago
CISA Adds One Known Exploited Vulnerability to Catalog
27d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
29d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
30d ago
CISA Adds One Known Exploited Vulnerability to Catalog
33d ago
CISA Adds One Known Exploited Vulnerability to Catalog
35d ago
CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation.
CISA Adds Two Known Exploited Vulnerabilities to Catalog
36d ago
CISA Adds One Known Exploited Vulnerability to Catalog
37d ago
CISA Adds One Known Exploited Vulnerability to Catalog
40d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
41d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
42d ago
CISA Adds One Known Exploited Vulnerability to Catalog
43d ago
CISA Adds One Known Exploited Vulnerability to Catalog
47d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
48d ago
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
49d ago
CISA Adds One Known Exploited Vulnerability to Catalog
54d ago
CISA Adds One Known Exploited Vulnerability to Catalog
55d ago
CISA Adds One Known Exploited Vulnerability to Catalog
61d ago
CISA Adds One Known Exploited Vulnerability to Catalog
62d ago
CISA Adds One Known Exploited Vulnerability to Catalog
63d ago
CISA Adds One Known Exploited Vulnerability to Catalog
68d ago
CISA Adds One Known Exploited Vulnerability to Catalog
69d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
71d ago
CISA Adds Four Known Exploited Vulnerabilities to Catalog
75d ago
CISA Adds One Known Exploited Vulnerability to Catalog
76d ago
CISA Adds One Known Exploited Vulnerability to Catalog
77d ago
Supply Chain Compromise Impacts Axios Node Package Manager
79d ago
CISA Adds Eight Known Exploited Vulnerabilities to Catalog
79d ago
CISA Adds One Known Exploited Vulnerability to Catalog
83d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
85d ago
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
86d ago
CISA Adds One Known Exploited Vulnerability to Catalog
91d ago
CISA Adds One Known Exploited Vulnerability to Catalog
93d ago
CISA Adds One Known Exploited Vulnerability to Catalog
97d ago
CISA Adds One Known Exploited Vulnerability to Catalog
98d ago
CISA Adds One Known Exploited Vulnerability to Catalog
100d ago
CISA Adds One Known Exploited Vulnerability to Catalog
103d ago
CISA Adds One Known Exploited Vulnerability to Catalog
104d ago
CISA Adds One Known Exploited Vulnerability to Catalog
105d ago
CISA Adds Five Known Exploited Vulnerabilities to Catalog
110d ago
44 loaded
AC
All CISA Advisories
20d ago · 125 items
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT
20d ago
CISA Adds One Known Exploited Vulnerability to Catalog
20d ago
Schneider Electric EasyLogic T150 and Saitel DP
20d ago
AVer PTC cameras
20d ago
Rockwell Automation FactoryTalk Historian Site Edition
20d ago
AzeoTech DAQFactory
20d ago
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products
20d ago
Mitsubishi Electric MELSEC iQ-F Series
20d ago
Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module
20d ago
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
20d ago
Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP
22d ago
Rockwell Automation RSLinx
22d ago
Rockwell Automation FLEX I/O EtherNet/IP Adapters
22d ago
Rockwell Automation FactoryTalk Analytics PavilionX
22d ago
Rockwell Automation CompactLogix
22d ago
CISA Adds One Known Exploited Vulnerability to Catalog
22d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
23d ago
CISA Adds One Known Exploited Vulnerability to Catalog
26d ago
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
27d ago
Naxclow IoT Platform
27d ago
Brickcom Cameras
27d ago
CISA Adds One Known Exploited Vulnerability to Catalog
27d ago
Siemens KACO Blueplanet Inverters
29d ago
Schneider Electric EcoStruxure Panel Server
29d ago
Schneider Electric Modicon Network Managed Switches
29d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
29d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
30d ago
CISA Adds One Known Exploited Vulnerability to Catalog
33d ago
NAVTOR NavBox
34d ago
Hitachi Energy MACH HiDraw
34d ago
Hitachi Energy ITT600 Explorer
34d ago
B&R PPT30 Operating System
34d ago
Hitachi Energy RTU500
34d ago
CISA Adds One Known Exploited Vulnerability to Catalog
35d ago
CISA and Partners Urge Hardening Automatic Tank Gauge Systems
36d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
36d ago
CISA Adds One Known Exploited Vulnerability to Catalog
37d ago
CISA Adds One Known Exploited Vulnerability to Catalog
40d ago
ABB EIBPORT
41d ago
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
41d ago
ABB Busch-Welcome 2 Wire Door Opener Actuator
41d ago
Fourth Frontier Frontier X Mobile Application, Frontier X2
41d ago
CP Plus 8 Ch. Network Video Recorder
41d ago
XCharge C6
41d ago
KMW CCTV Security Cameras
41d ago
MacGregor Voyage Data Recorder (VDR) G4e
41d ago
Schnieider Electric EcoStruxure Machine Expert HVAC
41d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
41d ago
CISA Adds Three Known Exploited Vulnerabilities to Catalog
42d ago
ABB Terra AC
43d ago
ABB LVS MConfig
43d ago
ABB Ability Camera Connect
43d ago
Eppendorf BioFlo 320
43d ago
ABB AbilityTM Zenon Remote Transport Vulnerability
43d ago
ABB AC500 V2
43d ago
ABB B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)
43d ago
CISA Adds One Known Exploited Vulnerability to Catalog
43d ago
CISA Adds One Known Exploited Vulnerability to Catalog
47d ago
ABB Terra AC Wallbox
48d ago
Hitachi Energy GMS600
48d ago
ABB B&R Automation Studio
48d ago
ABB B&R Automation Runtime
48d ago
ABB B&R PCs
48d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
48d ago
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
49d ago
Kieback & Peter DDC Building Controllers
50d ago
Siemens RUGGEDCOM APE1808 Devices
50d ago
ABB CoreSense HM and CoreSense M10
50d ago
ScadaBR
50d ago
ZKTeco CCTV Cameras
50d ago
CISA Adds One Known Exploited Vulnerability to Catalog
54d ago
Siemens Siemens ROS#
55d ago
Siemens gWAP
55d ago
Siemens SIMATIC
55d ago
Siemens Ruggedcom Rox
55d ago
Siemens Ruggedcom Rox
55d ago
Siemens Simcenter Femap
55d ago
Universal Robots Polyscope 5
55d ago
Siemens Ruggedcom Rox
55d ago
Siemens Teamcenter
55d ago
Siemens Solid Edge
55d ago
Siemens SENTRON 7KT PAC1261 Data Manager
55d ago
Siemens Opcenter RDnL
55d ago
Siemens Ruggedcom Rox
55d ago
Siemens SIMATIC S7 PLC Web Server
55d ago
Siemens Industrial Devices
55d ago
Siemens SIMATIC
55d ago
Siemens SIPROTEC 5
55d ago
CISA Adds One Known Exploited Vulnerability to Catalog
55d ago
Software Bill of Materials for AI - Minimum Elements
57d ago
ABB AC500 V3 Stack Buffer Overflow in Cryptographic Message Syntax
57d ago
Subnet Solutions PowerSYSTEM Center
57d ago
ABB WebPro SNMP Card PowerValue Multiple Vulnerabilities
57d ago
ABB AC500 V3 Multiple Vulnerabilities
57d ago
ABB Automation Builder Gateway for Windows
57d ago
Fuji Electric Tellus
57d ago
CISA Adds One Known Exploited Vulnerability to Catalog
61d ago
CISA Adds One Known Exploited Vulnerability to Catalog
62d ago
MAXHUB Pivot Client Application
62d ago
CISA Adds One Known Exploited Vulnerability to Catalog
63d ago
ABB B&R Automation Studio
64d ago
ABB B&R Automation Runtime
64d ago
Hitachi Energy PCM600
64d ago
Johnson Controls CEM AC2000
64d ago
ABB B&R PVI
64d ago
CISA Adds One Known Exploited Vulnerability to Catalog
68d ago
Careful Adoption of Agentic AI Services
68d ago
ABB AWIN Gateways
69d ago
ABB Ability OPTIMAX
69d ago
ABB PCM600
69d ago
ABB Edgenius Management Portal
69d ago
CISA Adds One Known Exploited Vulnerability to Catalog
69d ago
ABB Ability Symphony Plus Engineering
69d ago
ABB System 800xA, Symphony Plus IEC 61850
69d ago
Adapting Zero Trust Principles to Operational Technology
70d ago
NSA GRASSMARLIN
71d ago
CISA Adds Two Known Exploited Vulnerabilities to Catalog
71d ago
CISA Adds Four Known Exploited Vulnerabilities to Catalog
75d ago
SpiceJet Online Booking System
76d ago
Carlson Software VASCO-B GNSS Receiver
76d ago
Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
76d ago
Milesight Cameras
76d ago
Defending Against China-Nexus Covert Networks of Compromised Devices
76d ago
Yadea T5 Electric Bicycle
76d ago
Intrado 911 Emergency Gateway (EGW)
76d ago
125 loaded
CY
cybersecurity
26d ago · 1867 items
Any solutions we can use?
26d ago
Possible targeted attack
27d ago
RoguePlanet: Windows Zero-Day That Weaponizes Defender's Own Quarantine Pipeline
27d ago
Facebook messenger to text
27d ago
Managing Solution Agents
27d ago
Nottingham University data breach affects over 450,000 students
27d ago
SWGs that support 3rd party external DNS resolver
27d ago
Sub:jugation - Hijacking Cloud Identities by Recycling Namespaces in Global OIDC Issuers
27d ago
Chrome extensions with 10M+ installations are actively vulnerable to UXSS & UXSG
27d ago
Cybersecurity researchers aren't happy about the guardrails on Anthropic's Fable | TechCrunch
27d ago
Phishing awareness training resulting in ignoring company comms?
27d ago
How are you analyzing Android malware nowadays?
27d ago
Hackers Exploit Langflow Vulnerability for Remote Code Execution
27d ago
Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research
27d ago
NEED SOME GUIDANCE
27d ago
Help setting up local encryption on my pc
27d ago
Agentic AI on Cybersecurity
27d ago
DoD 0-days Typically Come Down to Authorization Failures
27d ago
HDD
27d ago
Plzz Helpp - Say you're trying to build a toolkit that checks for LLM vulnerability do y'all know any trustable datasets
27d ago
How can we test the firmware code/images security?
27d ago
20 years of Fancy Bear (APT28): How Russian military hackers evolved their tradecraft since 2004
27d ago
GitHub announces npm security changes to tackle supply-chain attacks
27d ago
The ‘Miasma’ worm source code briefly leaked on GitHub
27d ago
CISA Rewrites Federal Patching Requirements for AI Threat Era
27d ago
What is the difference between Regular TLS and Mutual TLS?
27d ago
Every employee's password was stored in a single Excel file
27d ago
npm v12 is changing how dependencies are installed to reduce supply-chain risk
27d ago
Why is Gartner Magic Quadrant treated like a procurement benchmark in South Asia?
27d ago
How good Microsoft Defender for storage?
27d ago
GreatXML bitlocker bypass vulnerability
27d ago
Struggle
27d ago
Did the work, got the certs, now I'm drowning. Should I keep labbing or go all-in on applications?
27d ago
Wiz launches Cloud Security Job Board
27d ago
Physical Project Ideas
27d ago
How can I get into cybersecurity while studying Information Systems Engineering?
27d ago
Cloud Security job board
27d ago
Continuous learning
27d ago
Angry bug hunter with Microsoft beef drops new Windows 0-day
27d ago
Mid-30s, stuck in web pentesting, and wondering what to do ?
27d ago
Streamline your Nmap triage: Interactive, single-file HTML reports from raw XM
27d ago
Is Microsoft Purview really secure when using Copilot?
27d ago
Banking app intentionally block some operations when connected to wifi due to "security reason" is this good or stupid feature?
27d ago
Nee academic references for Hashcat's 'Next Big Bang' log
27d ago
CISA released BOD 26-04: A new federal government vulnerability management strategy?
27d ago
Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
28d ago
added Mac support to my corporate hacking sim. Demo now available on Steam
28d ago
Suche aktuelle IONOS Phishing .eml für eine technische Blog-Analyse (Header & Artefakte)
28d ago
Students' data taken in major University of Nottingham cyber-attack
28d ago
Has unmanaged external file sharing ever burned you?
28d ago
Anthropic released Claude Fable 5 yesterday. Public version of Mythos with cyber classifiers
28d ago
Need feedback on my presentation
28d ago
Compensating controls besides admin credentials being needed to download software on employee endpoints
28d ago
OpenSSL PKCS#7 CVE-2026-45447
28d ago
Presentation Question
28d ago
How to Stay Ahead of Deepfake Evolution in 2026
28d ago
France’s Government Messaging App Tchap Got Breached
28d ago
Where's the fix for MiniPlasma?
28d ago
ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances
28d ago
Internships
28d ago
Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
28d ago
Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
28d ago
Looking for a Reliable Cybersecurity Provider for a School in North Sydney
28d ago
Early Operational Visibility
28d ago
how are you actually managing ai agents in production?
28d ago
Al app builders: How are you handling security questionnaires when selling your product?
28d ago
[ Removed by Reddit ]
28d ago
How are all of doing with THE AI model thats big news currently??
28d ago
Skill to Scan your Codebase
28d ago
Miasma-style supply chain attacks
28d ago
FCaptcha v1.12: Catching AI Agents That Drive Real Browsers
28d ago
Flooding invalid deauth frames still kicks PMF clients, tested on 3 Android phones
28d ago
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
28d ago
AI Malware Worm Adapts to New Targets in Real Time, Cybersecurity Experts Say
28d ago
Huntress Stack (MS Defender or SentinelOne)
28d ago
META DELETES FACE-RECOGNITION SYSTEM FROM ITS SMART GLASSES APP AFTER WIRED REPORT
28d ago
FBI is announcing Operation Riptide
28d ago
ServiceNow confirmed some customer instances were breached.
28d ago
Which are some of the best Cybersecurity / OT Security events that happen in GCC?
28d ago
DF/IR Community
28d ago
Chaotic Eclipse's new RoguePlanet
28d ago
Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace
28d ago
Thoughts on Automated Compliance?
28d ago
A fix for the Windows BitLocker bypass vulnerability dubbed "YellowKey" is available
28d ago
North Korean Hackers—Posing As Fake IT Workers—Behind Nearly Half Of All Tech Firm Attacks, Report Says
28d ago
Microsoft has released a patch for the bitlocker bypass
28d ago
Please advices
28d ago
soc analyst l1
28d ago
Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow
28d ago
Looking to move off KnowBe4, what are people actually using these days?
28d ago
Too Many Certs, Not Enough Experience — What’s the Best Next Step?
29d ago
Authenticating ARP and NDP
29d ago
Does anyone use rule feeds in 2026?
29d ago
Building a tactical Pelican case for my Flipper Zero + AIO setup. Looking for advanced tool and script recommendations!
29d ago
Need a vm for practice
29d ago
Tips/Tricks to WFH as a SOC Analyst?
29d ago
Cybersecurity statistics of the week (June 1st - June 7th)
29d ago
Where can GRC folks learn practical AppSec / DevSecOps without going full engineer?
29d ago
I almost got “onboarded” into a malware campaign disguised as a job opportunity.
29d ago
University of Toronto proof-of-concept AI worm spread to 62% of a test network in 7 days using a free open-weight model
29d ago
AI Blocklist - help
29d ago
Protecting AI workloads on Linux servers
29d ago
Exposing DoNex Ransomware Secrets with Malcore!
29d ago
What are the different Disaster Recovery scenarios your teams have tested on?
29d ago
someone actually leaked the Miasma supply chain attack toolkit source code on github
29d ago
WinGet - Code Execution, Persistence and Detection Strategies
29d ago
Ransomware attack shuts Illinois high school until Wednesday
29d ago
Ideas for demo
29d ago
Microsoft account hacked through infostealer. Trying to log in using authenticator, but not successful. Help please?
29d ago
Harnessing Generative AI for Automated Reverse Engineering, Static and Dynamic Analysis, and Risk Scoring of Fraudulent Mobile Applications (APKs) and Malwares.
29d ago
Physical attack device
29d ago
Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer
29d ago
IT GRC News?
29d ago
Meta Says Israeli Spyware Firm Targeted WhatsApp Users Again
29d ago
Shifting L7 validation to the edge to stop DB resource exhaustion?
29d ago
Google Patches 5th Chrome Zero-Day Exploited in 2026
29d ago
EC Council CEH exam advice
29d ago
About NPower vs PerScholas
29d ago
Looking for a vulnerability to learn
29d ago
From Brute Force to Malware Execution: Investigating a Multi-Stage Cyberattack in Splunk
29d ago
Bad USB through charger?
29d ago
Recommendations for Discord community for latest AI security products
29d ago
Vulnerability Summary for the Week of June 1, 2026
29d ago
Windows Defender Tamper Protection stuck off - no active GPOs, SFC corruption, looking for ideas
29d ago
I feel like ive lost my passion to tinker after 6 years in the industry, anyone else?
29d ago
I wrote a free, no sign up, defender guide for suspicious USB devices and rogue hardware, with copy-paste detection examples
29d ago
really need help with project ideas for MSc
29d ago
Which Course for an almost-complete noob? (SANS.edu)
29d ago
SoFi confirms third-party data breach at Hong Kong subsidiary
29d ago
For the 2nd time in weeks, Microsoft packages laced with credential stealer
29d ago
Iran Signed a Ceasefire — Its Hackers Didn't
29d ago
New Shai-Hulud attack trojanizes 19 science-focused PyPI packages
29d ago
DSPM étude marche
29d ago
CMMC Phase 2 November 2026: two readings of SR.1 — C3PAOs are applying the one that requires a verifiable chain, not just a file
29d ago
AppSec / Pentesting job market in Canada for experienced overseas applicants?
29d ago
Stop Treating Low Severity CVEs as Noise. Start Treating Them as Ingredients.
29d ago
Automation Playbooks - which ones would you not want to live without?
29d ago
Is it necessary/important to Hash and salt API Keys for a strictly internal use tool?
29d ago
Need review on the OMS Cybersecurity program from Georgia Tech?
29d ago
If You Use Claude or Gemini, This Microsoft Breach Means Your Data Is at Risk
29d ago
2026 Verizon DBIR: vulnerability exploitation overtakes stolen credentials as #1 breach entry point for the first time in 19 years
29d ago
How do you close an alert
29d ago
What cybersecurity certifications are great value for money?
29d ago
Boxes for CPENT
29d ago
SIEM: is it "SIM" or "SEEM"
29d ago
I’m looking for recommendations for an online Master’s program that is recognized in the Middle East. (Better if certifications are included)
29d ago
How justdeleteme and justgetmydata work?
29d ago
I need help - PCI DSS 4.0 requirement 11.6.1
30d ago
How are you learning agent pen testing?
30d ago
Cyber security intern
30d ago
Meta to take legal action against Israeli spyware company NSO
30d ago
Inside SStar Agent, a cross-platform RAT with an unfinished macOS toolkit
30d ago
What's the best way to alert companies of a Glassworm copycat?
30d ago
How To Verify If A Site Is Legit?
30d ago
What is Flaresolverr
30d ago
Research: defenders using generative AI to simulate malware variants before they exist in the wild
30d ago
How are regulated orgs actually letting engineers use Claude Code / Copilot?
30d ago
Cyber security expo Manchester
30d ago
Remote Hiring Opened the Talent Pool — and the Fraud Surface
30d ago
Hades Cluster PyPI Worm Abuses Python Startup Hooks
30d ago
What certs should I do during summer of 11th grade?
30d ago
CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)
30d ago
Nobody needs Mythos or 0-days to build a chaos-causing computer worm – free open source models work just fine
30d ago
Oxford University discloses data breach after careers platform hack
30d ago
Vendor ISO 27001 Assessment - Questions Around Control 8.29 Security Testing
30d ago
Got this message from “SimBoss”
30d ago
PKCS12 Golang fork
30d ago
Malware Insights: Miasma Campaign
30d ago
73 Microsoft GitHub repositories impacted by Miasma malware
30d ago
[Honeypot Research] Looking for volunteers to test telemetry/logs
30d ago
What is the condition of Bug Bounty program in the era of AI.
30d ago
Opening a cloned repo is no longer safe
30d ago
Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse
30d ago
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
30d ago
Google Colab CLI opens runtimes to Claude Code and Codex
30d ago
VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks
30d ago
The AI governance gap no one is talking about: deployment-stage accountability
30d ago
Free Study Resources for Comptia Cysa+
30d ago
Mentorship Monday - Post All Career, Education and Job questions here!
30d ago
Hi there
30d ago
Final risk-based IT Audit interview round with Director and have no experience. Please help!
30d ago
Needed help
30d ago
[ Removed by Reddit ]
30d ago
Career advice
30d ago
PhD in cyber Security
30d ago
Built a password guessing game. Almost everyone stuck in level 5.
30d ago
OSINT (SOCIAL MEDIA)
30d ago
Beginner KQL project
30d ago
Question about WORM and encryption
30d ago
Update:Certified cyber security
30d ago
Has anyone have any idea what to expect from Information security engineer- Network interview at Glidewell Dental
31d ago
Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction)
31d ago
Malware that survives reinstalling the BIOS and OS
31d ago
Am I overthinking the x86 compatibility issues? how much friction am I actually facing?
31d ago
Fedora Linux 43 exposes 20-year-old Microsoft Outlook security failure
31d ago
Managing Microsoft Identity Is More Complicated Than It Looks
31d ago
My work email got subscribed to a bunch of israel newsletters
31d ago
Shadow AI
31d ago
Rate limiting is not enough. What else can I use?
31d ago
How To Avoid Potential Malware From Transferring To New Laptop
31d ago
Sysmon RegistryEvent exclude not overriding include rule for Event ID 13
31d ago
Can't decide.
31d ago
looking for partners
31d ago
My edge is changing into bing when I search something
31d ago
Cybersecurity reality check
31d ago
[ Removed by Reddit ]
31d ago
Information Management
31d ago
IronWorm Malware
31d ago
Why do we use UNC for smbclient ? Why don't we use UNC for nc or ssh?
31d ago
Why do we use UCL for smbclient ? Why don't we use UCL for nc or ssh?
31d ago
Everyone's planning post-quantum migration for enterprises. Nobody's talking about your password manager
31d ago
Is a separate “clean” S3 bucket actually a security boundary for uploaded files?
31d ago
CVE-2026-46640: Developing payloads for Twig sandbox bypass
31d ago
PenTest+ Exam
31d ago
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
31d ago
Looking for guidance
31d ago
Before you attempt any OffSec certification, read what just happened to me
32d ago
Reporting Metrics for Management
32d ago
got hit with SOC 2, cyber insurance, and a prospect pentest request at the same time
32d ago
Found an old Discord CDN ZIP in Opera downloads and I’m trying to figure out if I should be worried
32d ago
Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload.
32d ago
AI Security Certificates
32d ago
Guys is bug bounty dead?
32d ago
How are folks making it in bug bounty?
32d ago
How useful is it to require at least one uppercase letter in a password?
32d ago
Cyber security ! Is no more ?
32d ago
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
32d ago
Ghosts in the Cloud: Chinese Hackers Hid in Microsoft 365 Networks for 18 Months
32d ago
Antimiasma Worm to discover/mitigate/vaccinate Miasma worm infected repositories
32d ago
How to train employees to feel when something's off?
32d ago
ALERT OVERLOAD
32d ago
CTO at NCSC Summary: week ending June 7th
32d ago
A new BitLocker bypass allows access to encrypted drive in the pre-boot environment with all Windows security features enabled
32d ago
Microsoft Azure Repositories Compromised (Disabled) as Miasma Worm Targets AI Coding Agents Through GitHub
32d ago
AppSec Engineer Interview Stories
32d ago
[OpenSource] Multi-layer sandbox for native code execution on Linux with no external deps.
32d ago
Is there a safe way to continue using (unsupported) Windows 10?
32d ago
Is Splunk suitable for smaller Enterprises?
32d ago
Has anyone else had MFA prompt fatigue issues with users?
32d ago
Data Scrubbing from Databases
32d ago
Best Certificates?
32d ago
Rant
32d ago
New York passes data center moratorium and consumer protections as environmental, and housing proposals stall
32d ago
Cyber attackers have a new favorite, the browser
32d ago
Looking to get into cybersecurity in web3
32d ago
Microsoft discovered that Anthropic's Claude Code GitHub Action is vulnerable to prompt injection attacks via issues and Pull Requests
32d ago
Should i use email 2fa or only auth and phone number?
32d ago
Can I break into cybersecurity with a white collar felony?
32d ago
Open Source Intelligence - Building AI Systems That Handle Contradiction at Scale
32d ago
How are people supposed to defend against both supply chain attack and zero-day vulnerabilities at the same time?
32d ago
What kind of topics do you think should be covered more (in conferences, youtube etc) but they arent?
32d ago
How Hard is This
32d ago
Installed Fake Codex hidden as a google site
32d ago
Virustital scan result help
32d ago
CrowdStrike Turned an AI Wave Into Its Best Quarter Ever
32d ago
Cyber Resilience Act - Position? Pain points? Struggle? Possible solutions?
32d ago
I fell for the cybersecurity degree trap and thought I could beat the job market, I could not. Not sure what to do now
32d ago
Being a Security Engineer? Which AI-powered tools are you using on a daily basis?
33d ago
Over 900 US gas station tank gauge systems exposed to attacks
33d ago
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
33d ago
SIEM is broken in the AI agents era
33d ago
Google Cloud hit by fresh layoffs, security and Mandiant teams among those affected
33d ago
Phantom Gyp npm Worm Abuses node-gyp Build Hooks
33d ago
Certified cybersecurity ISC2
33d ago
Help studying for OSCP
33d ago
The current state of Threat Intelligence Tooling
33d ago
Malicious podcast, PDF apps spread FlutterShell macOS backdoor malware
33d ago
We tested offensive AI agents against deception technology
33d ago
A matter that I have been losing my sleep over
33d ago
Any experience with Rootly or incident.io for cyber incident management?
33d ago
CTIA Study Resources & Preparation Advice?
33d ago
Black hat uk vs brucon
33d ago
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
33d ago
NIS2 hits railway hard
33d ago
I need help guys… :(
33d ago
Question from the Seniors
33d ago
China-Linked Cybercrime Group Expands Attacks Beyond Asia With AI-Assisted Malware
33d ago
what certs have u seen in ai security related job posts ?
33d ago
How is the Security Architecture / Strategic IT Security process structured in your organization?
33d ago
What's happening in cybersecurity job market in US and Europe these days?
33d ago
Has any of you pivoted from GRC to CTI?
33d ago
Up-date-list of cybercrime types?
33d ago
What else should I learn to build a strong cybersecurity foundation?
33d ago
Hackerone interview
33d ago
Ransomware in the AI Era | ft. Behnaz Karimi | Ep. 109 | ScaleToZero Podcast | Cloudanix
33d ago
Testing URL Rewriting?
33d ago
Got an internship in IAM with no qualifications and no soft skills
33d ago
Work Hours of DFIR/Cloud Security vs Pentest
33d ago
Narcissistic Tech Leader....
33d ago
Anyone else's firewall logs just explode after midnight?
33d ago
I'm replacing myself.. at least the boring parts
33d ago
Anyone else dealing with these phantom login attempts from China?
33d ago
Best way to fully clear windows and set everything up securely (pc, accounts etc)
33d ago
IBM, AT&T Accused by Whistleblower of Covering Up Foreign Hacks
33d ago
Soc analyst
33d ago
Do companies actually require cybersecurity insurance
33d ago
Uncommon/Unusual CrowdStrike Alerts
33d ago
Cyber analyst: law firm or bank
33d ago
best free av and how do i properly setup passwords?
33d ago
Five 9 Vulnerability
33d ago
CVE Lite CLI closes dependency gap — but won't stop modern threats
33d ago
Scope change
33d ago
We just stopped a social engineering attack on our service desk. Here’s how it played out.
33d ago
What is the most underestimated cybersecurity risk right now?
33d ago
Update: Company is paying for any certification, which should I obtain? Except Sans
34d ago
New paper: every AI model has a naturally occurring unforgeable fingerprint in how it ranks tokens, relevant to fake model detection and supply chain verification
34d ago
Anyone else's firewall vendor docs a total nightmare?
34d ago
Your opinions about a learning style
34d ago
Why Real-Time Fraud Prevention Is the Only Way to Stop AI-Driven Attacks
34d ago
New IronWorm malware hits 36 packages in npm supply-chain attack
34d ago
Anyone else see their firewall logs just explode after a cloud update?
34d ago
Are certifications necessary to get a job in cybersecurity?
34d ago
Part 2: Bulk-Injection / Back-dating Signature Found in Public Tech-Governance Dataset (RDB Constraint Bypass)
34d ago
Is retyping and translating textbooks too inefficient for CS/Cybersecurity?
34d ago
Free Microsoft Enterprise Security Assessment: Worth It
34d ago
How are organizations preparing for AI-generated phishing attacks?
34d ago
Inside the race to adapt to an AI-powered security world
34d ago
127.0.0.1 in eight headers: what attackers hide in X-Forwarded-For
34d ago
Microsoft blames unexpected Windows driver updates on caching issue
34d ago
Critical Ledger State-Machine Violation Found in Public Tech-Governance Node Dashboard (Debit Card Transaction Injected on 0 Balance)
34d ago
Your CPU model leaks through the browser via WASM timing differences
34d ago
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
34d ago
Security Engineer 2 interview at Amazon coming up - What to expect?
34d ago
A researcher spent $1,500 testing if LLMs could hack a vulnerable app
34d ago
Help with university internship
34d ago
Are MCP servers becoming the next API security nightmare?
34d ago
What's the cybersecurity lesson you learned the hard way?
34d ago
ISO 27001 Surveillance audit vs Full recertification
34d ago
How important it is to get paid Cybersecurity certificates ?
34d ago
Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process
34d ago
Soc to Architecture
34d ago
Does "example file vulnerability" exists?
34d ago
VS code forces 2 hour cool down for most integrations.
34d ago
Company laptop isolated after Brave/Tor alert - should I be worried?
34d ago
Does anyone know how to send false positive to SOCradar ? virus total
34d ago
Looking for people to team up for Bug Bounties & CTFs
34d ago
Signal Without Smartphone
34d ago
I found a trojan on my pc and now im scared my private calls got leaked
34d ago
Meta, Microsoft & DOJ Smash Southeast Asia Scam Rings: 1.4 Million Accounts Removed, 63 Arrests
34d ago
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
34d ago
How do you change users behavior through awareness training?
34d ago
AI-built ransomware toolkit automates EDR evasion, AD discovery
34d ago
Safe Rust API for wolfSSL/wolfCOSE
34d ago
Looking for feedback on my open-source OT detection ruleset (29 rules for Wazuh/Sigma)
34d ago
AMD GPU Users might be compromised
34d ago
[ Removed by Reddit ]
34d ago
Five Eyes Warn: Chinese Spies Using LinkedIn Recruitment Tactics to Access Sensitive Information
34d ago
CISA warns of cyberattacks targeting fuel tank monitoring systems
34d ago
[CTF] Struggling to extract RTSP stream from generic Chinese IP Cams (Altobeam SoC) via ONVIF
34d ago
how to get good at cyber security?
34d ago
Anyone use CrunchAtlas?
34d ago
Prompt monitoring laughs
34d ago
Malicious Payload in ai-sdk-ollama npm Package
34d ago
Can Someone Please ELI5 - "YellowKey" (CVE-2026-45585) to me? (an IT admin that survived the Great Global CrowdStrike Outage of 24)
34d ago
what the HELL is dsztfso?
34d ago
Yubikey Alternative....?
34d ago
Hiring
34d ago
CVE-2026-42897: Applying the Mitigation and Closing the Incident Are Not the Same Thing
34d ago
Certification Advice
34d ago
Question about Linux kernel TLS ULP disclosed June 2 to oss-security
34d ago
An IT guy basically stole my entire gmail account and probably posted it somewhere...how do I search for this?
34d ago
How to Rob a Data Center (new article on data center physical security)
34d ago
US: California Back & Pain Specialists Exposes 133GB of Patient Medical Records on Public Server
34d ago
Is it worth taking the EC councils masters program?? Are they legit /2026
34d ago
Mid-level AppSec engineers: what do you actually study to prep for interviews?
34d ago
Company is paying for any certification, which should I obtain?
34d ago
Trusting Microsoft with your offensive security repos
34d ago
Automated Fault Injection Attack Framework
34d ago
Physical Biometric device as a security measure..??
34d ago
Cybersegurança
34d ago
Started Learning Cybersecurity
34d ago
InfraGard Application - Seeking Help | Student
34d ago
Orientación en Ciberseguridad
34d ago
Anthropic's coordinated vulnerability disclosure dashboard
34d ago
Hands Free: What LLM Driven Vulnerability Research Looks Like
34d ago
Real time Cybersecurity failures regarding Quantum computing/cryptography
35d ago
🕵️♂️ PCPJack Hijacked 230 Cloud Servers to Send Email. Here's How They Did It.
35d ago
A two-year-old RCE bug in Redis was just made public. An AI tool found it. The full exploit chain is out.
35d ago
CISA warns of active attacks exploiting Android, Linux bugs
35d ago
Found some open ports on a govt site, should i report or stay quiet?
35d ago
What is a good way to keep track of passwords for programs that don't support password managers?
35d ago
Cybersecurity statistics of the week (May 25th - May 31st)
35d ago
ASN Emissions Index. Networks ranked by how much noise they create on the internet.
35d ago
Have you sold cve before?
35d ago
i want to become a pentester, but i don't know how to
35d ago
The OT Security Problem Nobody Wants to Own
35d ago
Don't Take Wednesday Off When You Manage Vulnerabilities
35d ago
I finally finished a production version after 4 yrds
35d ago
Support role pivot to cloud security
35d ago
How do you manage your passwords?
35d ago
Mad rush to produce AI driven slop
35d ago
O Tails é seguro para acessar links suspeitos?
35d ago
Cyber Essentials plus + "legacy" network segments
35d ago
Insight for OPSWAT deep CDR
35d ago
Android vs iOS
35d ago
ShinyHunters leaks Charter Communications data: 4.9M customer records exposed via a social-engineering attack on an employee's Microsoft account
35d ago
Security Audits at an MSP
35d ago
[ Removed by Reddit ]
35d ago
Passkey registration breaks after moving off localhost..
35d ago
Does your team hire fresh AI engineer who doesn't know anything about Security operations?
35d ago
UARs for Equation (banking system)
35d ago
IoT pentesting cert
35d ago
Anthropic Expands Project Glasswing, Bringing AI Cyber Defense Tools to 150 More Organizations
35d ago
Experience with Tac Security
35d ago
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
35d ago
Found Security Vulnerabilities in my university website
35d ago
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign | Microsoft Threat Intelligence
35d ago
AI - Threat to the CyberSec Industry?
35d ago
Built a honeypot platform to catch lateral movement. How are you guys detecting this?
35d ago
How should small SaaS teams safely answer customer security questionnaires?
35d ago
Can AI Do Intelligence Analysis? Apparently Not.
35d ago
PROMPTPurify - 14MB Tiny Prompt Injection Guardrail Open Weight Model
35d ago
Regarding Certified Ethical Hacker (CEH Practical) exam
35d ago
Asking for advices on pursuing first CERTIFICATE
35d ago
I opened my own company and I can't find clients!
35d ago
ShinyHunters vaza dados de clientes da Spectrum após recusa de resgate da Charter
35d ago
Do you support the idea of creating a European commission that would issue special licenses for social media platforms, with standardized account creation rules and mandatory KYC (Know Your Customer) verification requirements across the EU?
35d ago
Anyone knows Quad9 dns ?
35d ago
I've a fullstack dev, I'm devleoping my own authentication for my application, Can anyone help me for it's security aspects ?
35d ago
Greynoise swarm
35d ago
SecOT+ certification for free
35d ago
How is the state of the job market for mid-level security engineers?
35d ago
Is anyone else still coding manually to learn? The market will continue to hire people that know what's going on even if you can now use AI to code many things
35d ago
WaSteal Update: Infrastructure Pivoting Reveals 57 Additional Extensions, Campaign Now at 183 Total
35d ago
Laid off from TPRM job - need help on the future of my career
35d ago
Anyone compared RoboShadow vs ConnectSecure for vulnerability management?
35d ago
Any one send vulnerability to MITRE?
35d ago
Need advice for a 30 min Security Apprenticeship interview
35d ago
UltraViolet: your own Shodan, in Docker, with CVE/KEV/EPSS
35d ago
Microsoft insists Defender is enough for most PCs, but admits third‑party antivirus tools still offer extras it can’t match
35d ago
Virustotal API as private data source
35d ago
Account Number Security Flaw
36d ago
Is Red Team Leaders Certification (RTL) actually useful for jobs or just for learning?
36d ago
A PoC to demonstrate that without PMF, MAC filtering at the AP level is the only thing stopping selective WiFi deauth
36d ago
[ Removed by Reddit ]
36d ago
[ Removed by Reddit ]
36d ago
Phishing simulation platform
36d ago
Just task about OSI model
36d ago
Need help improving DNS Spy from a security tool angle
36d ago
Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild
36d ago
Oracle's first monthly patch update just dropped 77 CVEs.
36d ago
Cleaning up after a legacy service account breach. How are you handling automated secrets discovery?
36d ago
Airbus digital apprenticeship
36d ago
Anthropic is expanding Project Glasswing — giving 150 more critical infrastructure orgs access to Claude Mythos to scan for vulnerabilities
36d ago
Google fixes one actively exploited Android zero-day, 124 flaws
36d ago
Can elections be hacked? Modern day computational propaganda techniques described by the EU's East Stratcom Task Force
36d ago
Parsing Cisco IOS configs for CIS Auditing: Why regex fails on block contexts, and how are you handling offline static analysis?
36d ago
Security Architects who who actively use modelling - What's your approach?
36d ago
PAN-OS authentication bypass bug added to list of exploited vulnerabilities
36d ago
I have extreme anxiety about being hacked
36d ago
Fresher
36d ago
Hackers Used Meta AI Bot to Hijack Instagram Accounts in Major Security Breach
36d ago
Career advice needed!
36d ago
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
36d ago
Google sr. security engineer interview
36d ago
Is offensive AI actually changing cybersecurity, or are we overestimating the impact?
36d ago
Multiple Red Hat NPM packages victim of Mini Shai-Hulud Miasma wave
36d ago
is emerald chat safe?
36d ago
Does anyone on this subreddit who has an VirusTotal premium account can help me with something important ?
36d ago
ClickJack in the wild
36d ago
Thoughts on A.I assisted Malware Analysis?
36d ago
19-Year-Old Linux Kernel Vulnerability Exposes Systems to Root Access
36d ago
What articles do you use for cybersecurity news? (2026)
36d ago
Is anyone using agents in regulated industries? How do you make sure sensitive data doesn't go back to the AI provider?
36d ago
Roadmap and Training Recommodation
36d ago
Les anti-triche de niveau noyau et leur risque de sécurité
36d ago
Asked to Send Sensitive Documents via MMS
36d ago
SC-200 compared to CC (isc2)
36d ago
Every SaaS Company Is Accidentally Building Meta's Instagram Vulnerability Right Now
36d ago
Looking to move off KB4, what are people actually using these days?
36d ago
Got my Security+. What's next?
36d ago
Vulnerability Summary for the Week of May 25, 2026
36d ago
Malware
36d ago
Alternative Search Engine to Utilize in 2026?
36d ago
Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked
36d ago
Windows Server vulnerability can grant system privileges with just a malformed packet — domain controllers are being exploited in the wild
36d ago
Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers
36d ago
AI compliance
36d ago
Red Hat npm Packages Compromised to Spread a Credential-Stealing Worm
37d ago
Is TeamPCP a Russian-affiliated APT? How can preventive security principles assist defending ecosystems against attacks on software supply chains?
37d ago
MacBook or Windows Laptop for Cybersecurity
37d ago
What's the most creative MFA bypass you've seen?
37d ago
Research Notes from Building a Windows Event Log Hunting Workflow
37d ago
How to fix securityheaders scan X-Frame-Options and Content-Security-Policy ??
37d ago
Free AI tools for TPRM?
37d ago
incomplete phone number from togo, need help reporting to police
37d ago
NPM packages from RedHat Compromised
37d ago
Linux Copy Fail CVE-2026-31431: KEV Privilege Escalation on Shared Build Hosts
37d ago
SOC Analyst working towards Threat Intelligence
37d ago
Is XSS possible through PDFs?
37d ago
The Next AI Governance Failure Won’t Be the Model
37d ago
Microsoft MFA Is Down Again
37d ago
Started my first writeup - Sherlock NeuroSync-D (CVE-2025-29927)
37d ago
Computer logic or Science
37d ago
I am a Full Stack Developer but I want to switch to a cybersecurity centered position. Which positions should I prepare for?
37d ago
What C2s Are You Using
37d ago
PNPT Exam
37d ago
What do you do when a supplier refuses or lacks a reporting clause on vendor incident notification?
37d ago
Any appsec engineer working in fortune 500?
37d ago
I'm developing an IDS/EDR. I need suggestions which blind spots I have, whats missing and what should be added next
37d ago
Anyone transition from AWS Data Center Operations to InfoSec?
37d ago
I think my account got hacked but it's weird
37d ago
current market for detecting deepfakes?
37d ago
Worried about friend being doxxed on doxbin
37d ago
how to shift from a service based company to a product based one in cybersecurity ?
37d ago
Meta AI Password Reset Flaw Reportedly Bypassed Instagram 2FA
37d ago
Claude AI user data directory exfiltration via malicious npm package
37d ago
Bitdefender blocking amd stuff? False positive or?
37d ago
Mentorship Monday - Post All Career, Education and Job questions here!
37d ago
did they have my password?? what triggers this specific email??? instagram HELP.
37d ago
ATTENTION: Dashlane may have been breached. (Password manager).
37d ago
Norton blocked a “malicious script”?
37d ago
Need Advice: Ex Claims He Still Has Access to My Mac/iCloud After Resets and New Accounts
37d ago
Security researchers have uncovered a new attack technique that lets malicious websites spy on your browsing activity through hard drive.
37d ago
I wrote about the 5 biggest threats in 2026, curious what this community thinks.
37d ago
MSPs: What evidence do cyber insurance underwriters ask you for that is hardest to produce?
37d ago
Im new to cybersecurity and have a iPhone 7 (iOS 15.8.5) I wanna pentest, any suggestions?
37d ago
NetworkChuck
37d ago
LLM for creating phishing tool
38d ago
Why are we still treating IAM like a compliance checkbox?
38d ago
Polyfill pop up?
38d ago
SecAI+ difficulty question
38d ago
Could you guys give an honest feedback to a completely automated ssrf attack tool?
38d ago
tengo 61 y mi famila y amigos me espian I am 61 and my family and friends spy on me
38d ago
Microsoft Joined the DMARC Club
38d ago
Help.
38d ago
Vibe Coding Security
38d ago
Looking for a Company to Partner With
38d ago
Best reporting tools?
38d ago
What actually moved the needle on our alert fatigue (Wazuh + some automation, lessons after ~6 months)
38d ago
How Can Polyfill.io Still Act Maliciously?
38d ago
Need THM voucher code for cheap? Any known seller?
38d ago
Ghost passwords?
38d ago
Was a stipulation in my offer letter that I was required to obtain my CISM certification in 6 months... I did not.
38d ago
LLMReaper - DOM Based AI Conversation Exfiltration via Browser Extensions
38d ago
Anyone else having Chatgpt Strikes / Violations while learning cybersecurity?
38d ago
Working at Cisco, worth it?
38d ago
Want to Learn Cybersecurity in 2026 – Need Guidance, Roadmap, Tools, Resources & AI Advice
38d ago
Are you pen testing AI Agents?
38d ago
Question of android malware
38d ago
External attack surface: how are you correlating DNS, SSL, and IP reputation today?
38d ago
how do i properly setup 2fa and bitwarden?
38d ago
Hacking India's Largest Exam Evaluation Portal: From Authentication Bypass to Full Account Takeover (Covered by BBC)
38d ago
i need a partner to learn coding with me and have fun too,Hey, I'm 16 and just started learning cybersecurity and coding. I'm looking for a coding buddy around beginner level. We can learn Python, web development, and build small projects together. Anyone interested?
38d ago
Question for teams running parallel agents: Would you actually pay for a deterministic control plane, or are we all just building custom wrappers forever?
38d ago
Can Steam Cloud Files Transfer Malware
38d ago
Questions for the cloud security engineers
39d ago
Thoughts on this as a starter and doing bug bounty on the side
39d ago
How are new SC-200 candidates practicing labs without an E5 Developer tenant?
39d ago
Getting OTP spammed from every app and website I've ever used. Should I be worried?
39d ago
A browser tool for checking contractor insurance certificates
39d ago
Am I getting screwed?
39d ago
SECODER | Security Coding Challenges for SOC Analysts & Detection Engineers
39d ago
PAN-OS added to KEV, Langflow exploit activity, and a surprising Windows EPSS jump — today's most actionable vulnerability signals [Threat Intel 2026/5/29}
39d ago
CTO at NCSC Summary: week ending May 31st
39d ago
BountyLabs — Bug Bounty Training with Labs, Challenges, and AI Mentorship
39d ago
Need suggestion
39d ago
[INDIA] Need Advice: Shared mobile number risk on a joint minor account after a small P2P trade (P2P Fraud / Bank Freeze Anxiety)
39d ago
Was Dave Bittner interviewing an AI?
39d ago
CTF for complete beginner
39d ago
Hitting a plateau after 2 years in Web Security: How do I transition from standard OWASP bugs to finding CVEs and novel techniques?
39d ago
AI-Era Cyber Risk Standards
39d ago
BEC Victim - Attacker replied inside a real email thread using a lookalike domain
39d ago
Question for those who transitioned from remote to work from anywhere
39d ago
Website Keeps Getting Falsely Flagged as Phishing/Malicious By Security Vendors
39d ago
Do you enjoy what you do or do you wish you could go back in time and change it?
39d ago
Is understanding how API keys, public/private keys, and secrets actually work necessary to work in cyber?
39d ago
For those who made the jump to independent cybersecurity consulting, what was the hardest part of the first year?
39d ago
Is a basic understanding of PKI and Public Key Cryptography necessary to work in cyber ?
39d ago
Do you think AI will make cybersecurity products/services cheaper over the next 5-10 years?
39d ago
Botnet of more than 17 million devices dismantled
39d ago
Exposed credentials on logs
39d ago
What do you think is the biggest cybersecurity risk for small businesses in 2026?
39d ago
Wanted to shift to cloud security, but have some questions
39d ago
Zero Trust is Overrated? Navigating the Complexity
39d ago
Test API post with flair
39d ago
Warning on MAD20 Subscriptions: $500 Blind Auto-Renewals and Hostage Certifications
39d ago
How Do You Handle the Massive Amount of Information in the CPTS Path?
39d ago
Help an upcoming cybersecurity engineer!
40d ago
Repeated Microsoft MFA attempts even after password change
40d ago
What Is Device Intelligence and How Does It Stop Fraud?
40d ago
[FOSS Tool] WiFi-SpiderWeb V2.0: Active Cyber Defense for OpenWrt Routers with Live Radar Sweep (Python + SSE)
40d ago
IBM commits $5 billion to secure open-source software
40d ago
Structuring an AI-Assisted Pentesting Homelab for a Final Year Project
40d ago
Are teams actually monitoring LLM traffic in production environments?
40d ago
How to protect passwords from memory scraping/API hooking on a compromised target machine during a remote session? (No Admin access, No 2FA)
40d ago
Raspberry pi
40d ago
What is the biggest obstacle to using AI safely in a company?
40d ago
Advice going forward
40d ago
MCP Firewall help
40d ago
I wanted to shift to security but people told me the market is extremely bad, is that true?
40d ago
Best Personality Type/Traits for Working in Cyber Security
40d ago
A fake freelance job interview almost installed malware on my PC
40d ago
Is there a viable career path here or am I just being delusional?
40d ago
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
40d ago
How do enterprises actually prevent developers from exfiltrating source code?
40d ago
I have a datastealer malware
40d ago
Dúvida de carreira.
40d ago
Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace
40d ago
Need Cloud Security Engineer simulator to learn the Job. I need to be more hands on with running tools ,Please advise thank you. Your resources are appreciated
40d ago
is SIEM really needed here ?
40d ago
Decompiled an app, found a bunch of secrets, what now?
40d ago
Can someone give me a correct method for learning reverse engineering?
40d ago
Critical Gogs Zero-Day RCE Remains Unpatched After 2+ Months
40d ago
GRC Advise
40d ago
[ Removed by Reddit ]
40d ago
Did something happen to haveibeenpwned? Any alternatives?
40d ago
RAT SUSPECTED
40d ago
How do people afford certificate s?
40d ago
I’m curious — what’s one cybersecurity tip you wish more people knew before getting hacked or scammed?
40d ago
Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations.
40d ago
Phone Forwarding
40d ago
Opinions on running Full Microsoft E5 Security Stack
40d ago
Claiming "XDR"
40d ago
Typosquatted npm packages used to steal cloud and CI/CD secrets
40d ago
Microsoft security
40d ago
Need help regarding building a home lab
40d ago
Should I turn on passwordless accounts for all my Microsoft accounts?
40d ago
Transitioning from AWS Data Center Operations to Security Engineering
40d ago
Probably the wrong place.
40d ago
What after IT helpdesk?
40d ago
How are you security-testing API changes before production without slowing CI/CD?
40d ago
Are we trusting update repos or are you all extra paranoid now as well?
40d ago
Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops
40d ago
Prevent supply chain attacks
40d ago
Cybersecurity Authorities Issue Joint Guidance on the Adoption of Agentic AI Systems
40d ago
FBI warns of fake FIFA websites running World Cup fraud schemes
40d ago
Hackers are trying to steal Signal users' backups in new wave of phishing attacks
40d ago
Incident Response Testing Preparation
40d ago
Kevin Mandia is speaking in NOVA on June 10 — probably the most candid you'll ever hear him outside of a major conference
40d ago
[Open-Source] WiFi-SpiderWeb: Turn any OpenWrt Router into an Active Cyber Defense & Honeypot System via USB 🕷️🔥
40d ago
3rd Party NFC cards.. secure?
40d ago
Vulnerability Management Tickets & SLA
40d ago
Defending at Machine-Speed: Building AI Threat Readiness
40d ago
AI agents running in our environment have broader access than our sysadmins and ownership of that is unresolved
40d ago
HEAD request body processing leading
40d ago
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
40d ago
Does anyone have an app like substack to keep being updated and engaging within the cyber domain?
40d ago
What’s an attack vector people massively underestimate in 2026?
41d ago
We security-reviewed our own free CVE tool and shipped the fixes - EPSS Lookup Tool v2.7
41d ago
A Deeper Look at GLASSWORM's Solana Variant
41d ago
Calling Cyber Security Beginners
41d ago
Busco oportunidad laboral / consejos para iniciar en TI, ciberseguridad o análisis
41d ago
built something for ai agents, ended up looking a lot like classic appsec
41d ago
Is Gophish still usable in 2026?
41d ago
Microsoft vs Chaotic Eclipse: three zero-days now actively exploited
41d ago
what do you think
41d ago
Why would be clicking a website, redirect me?
41d ago
Zapier fixes bug chain that researchers say risked widespread account takeover
41d ago
Writing cybersecurity policies is a waste of time
41d ago
Raising the Cybersecurity Stakes: Ante up for the Agentic Era.
41d ago
Public CAs are exiting client authentication. Most organisations haven't inventoried what depends on it.
41d ago
[ Removed by Reddit ]
41d ago
Released: Dataforge Honeypot
41d ago
Google Unveils AI Threat Defense Platform to Fight AI-Powered Cyberattacks
41d ago
CEH-free
41d ago
Hottest cybersecurity open-source tools of the month: May 2026
41d ago
Preparation tips for CPENT
41d ago
How do you handle AI tools in your organization?
41d ago
I think i got scammed anybody can help me with that
41d ago
New phishing campaign targeting Japanese online banking users uses 'PayPoy' domain/branding typo
41d ago
Is it safe to have passwords copied to clipboard on IOS temporarily?
41d ago
Developers working on anti-fraud systems deserve more credit
41d ago
My company is moving to security clearance requirements but I am a foreign national. Anyone know time lines / realistic outcomes for me? Currently working as a sec analyst
41d ago
Security awareness training for AI heavy smb workflows?
41d ago
Minimum Requirements for Helpdesk Role ?
41d ago
Reddit spear phishing
41d ago
GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
41d ago
What to do
41d ago
What resources would you recommend for studying cysa+
41d ago
Provenance of Data
41d ago
Websites have a new way to spy on visitors: analyzing their SSD activity
41d ago
12 years in secops, military to vendor then internal. Internal feels like all loss and no win. Is this normal?
41d ago
Russian Art Teacher - Hinder Security Clearance?
41d ago
EDR/MDR Vendor Questions
41d ago
Cybersecurity as a Highschooler?
41d ago
New department created, would love your input
41d ago
OWASP Vienna - anyone going?
41d ago
Interview with Upstart
41d ago
18, immigrant in Portugal (no Portuguese), failing high school. Need a stable path to Hardware/Network Cyber.
41d ago
Is cloud security engineer viable with my current position?
41d ago
Cloudflare Access users: what would actually make JIT useful for you?
41d ago
eBPF to Detect Unexpected Control-Plane Traffic Inside GTP-U Tunnels
41d ago
Questions regarding Ubuntu 24 LTS hardening
41d ago
Cómo puedo interferir señal de un dispositivo que está cerca de mí para que no le funcione la señal de wifi a la que él está conectado, cómo puedo protegerme? Se me tipos de cómo protegerme, soy nuevo en esto, me gusta mucho.
41d ago
Honest question about OT Security Engineer work life in India
41d ago
Who is using CVE Lite CLI? Share your use case (OWASP Incubator Project for JS/TS dependency scanning)
41d ago
AI Security
41d ago
Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor
42d ago
🚨 Exposed Global Smishing Operation Hitting 19 Countries Across 3 Continents
42d ago
Building Detection Engineering on AWS from scratch — roast my plan
42d ago
Academic Survey - AI in Cybersecurity Governance and Regulatory Compliance
42d ago
I went to prison for internet piracy and hacking; my FBI profiler sent me a message on LinkedIn when I got out, and now we’re presenting at SLEUTHCON. I'm Josh Brody and I ran HeheStreams: AMA.
42d ago
Research: All three major eBPF security monitors (Falco, Tracee, Tetragon) can be silently disabled via BPF map poisoning
42d ago
Final Year Project: Looking for non-generic IAM project ideas that solve real problems
42d ago
GlassWorm takedown: year-long developer supply chain campaign using VS Code extensions and npm packages dismantled.
42d ago
Breaking out of IT Helpdesk - how?
42d ago
A year in Cybersecurity — Where Do I Go From Here?
42d ago
MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
42d ago
22, SOC Analyst experience + certs, still no interviews since January - looking for honest advice from people in cyber
42d ago
FBI: Silent Ransom Group Turns to IT Support Ploy
42d ago
How do machine builders track Siemens/Rockwell security advisories?
42d ago
GlassWorm Developer Supply-Chain Botnet Takedown
42d ago
The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN
42d ago
Active Exploitation - LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0: Root Privilege Escalation added to KEV
42d ago
Got cybersec work what next ?
42d ago
Hi everyone! I’m a doctoral student conducting research on how people’s cybersecurity concerns affect their use of technologies like Apple Pay, smart devices, wearables. I’m looking for adults (18+) who currently use or have recently used these types of technology; smart devices or smart wearables
42d ago
Ekoparty Miami - Interface Anti-Patterns: Exploiting Insecure Navigation in 3rd Party Android App Lockers
42d ago
Trying to understand the scope of NVIDIA's attestation (NRAS), what am I missing?
42d ago
GitHub - facebook/mcpguard-dynamic: Kernel-level eBPF sandbox for securing LLM agent tool calls made through the Model Context Protocol (MCP)
42d ago
nightmare eclipse is probably French here is why
42d ago
Poor Risk Analysis Cost 4 Firms $1.7 Million in HIPAA Fines
42d ago
Measuring performance of JA4/JA4H AI Model
42d ago
What things are you really focused on this year?
42d ago
Hypothetical EDR spoofer
42d ago
ISO 27001 Audit Stage 1
42d ago
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
42d ago
Looking for Hacker Friends to Learn☺️
42d ago
Comptes Instagram et Facebook piratés et désactivés
42d ago
How to safely disinfect a USB stick from potential malware files?
42d ago
Is anyone else concerned about how quickly AI is outpacing cloud security?
42d ago
What's a CyberSecurity job like?
42d ago
Microsoft Live credential stuffing
42d ago
I am on placement and part of a lab where we use cyber security and do research what jobs are similar to this?
42d ago
Security architects- summarize your responsibilities and role
42d ago
Finding Work in OSINT
42d ago
State of SDLC Security 2026
42d ago
Reported to police for coding html
42d ago
[Open Source] Desarrollé un mutador de huellas TLS en Rust para evadir sistemas Anti-Bot (JA3/JA4 scrambling)
42d ago
I open-sourced KernelEye — an eBPF/XDP-based Linux server security monitoring project
42d ago
Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover
42d ago
Shai-Hulud Hackers TeamPCP: Lucky or Skilled Operators?
42d ago
KnowledgeDeliver flaw exploited as a zero-day to install web shells
42d ago
Breaking GROK'S DEFENSES to make it HACK Real Public Websites
42d ago
GitHub Actions Cache Poisoning is eating open source
42d ago
Nightmare-Eclipse has also been banned on GitLab :DD
42d ago
Do we still have time before we are in the Age of the movie "Minority Report"? ↓
42d ago
SimHub (popular sim racing dashboard software) appears to silently disable Windows Defender via hidden Group Policy file
42d ago
What Software Supply Chain, Water Filters, and Power Grids Have in Common
42d ago
QA engineer trying to move into AppSec — does this plan hold up?
42d ago
Is work from anywhere really impossible to find??
43d ago
Cybersecurity statistics of the week (May 18th - May 24th)
43d ago
Engineering a Post Quantum Fortress Inside the Citadel Archite
43d ago
Cyber Security Analyst
43d ago
Environmental consulting firm pushing heavy AI adoption despite employee concerns over environmental impact and data governance
43d ago
Two layer email security tool thesis
43d ago
When OTP rate limiting fails: OLX account takeover with persistent sessions
43d ago
Entra ID sessions revoke
43d ago
Anyone who attended GPCSSI before? Need some clarification
43d ago
Lost on my career path.
43d ago
EU-based folks: external pentest vs mandatory data/security training?
43d ago
help needed from experienced people
43d ago
How do you evaluate whether a privacy service is actually privacy-respecting?
43d ago
Which one Intellipaat or coursera which one to choose
43d ago
CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
43d ago
India's CERT-In just mandated patching critical vulnerabilities within 12 hours. That sounds good — but is it actually realistic?
43d ago
Audited 20 production repos after the May supply chain attack. Every single one had at least 3 of the 8 misconfigs.
43d ago
Did anyone pass the SC-200 certificate recently?
43d ago
Honeypot
43d ago
passkeys, MFA, biometrics, and you can still reset everything with access to one gmail account
43d ago
Career in IAM as a fresher
43d ago
CISA orders feds to patch actively exploited Drupal vulnerability
43d ago
Telegram's Hidden Gatekeeper? OCCRP Probe Puts Spotlight on Shadowy Engineer Linked to App's Infrastructure
43d ago
GitHub bans vindictive security researcher dropping Windows zero-days: “I will make sure your bones are shattered”
43d ago
Cyber security tool
43d ago
Saw this tool and it has potential
43d ago
🚨 14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-26): Critical Worms, Parse Server DoS, and AI RCEs
43d ago
7-Zip CVE-2026-48095: NTFS Heap Overflow Can Trigger Through Renamed Files
43d ago
Follow up : showing Claude install random pacakage in its vm instance without asking or prompting
43d ago
¿Is safe?
43d ago
Need help
43d ago
What is the best tool for masking in kali
43d ago
What are the best tools other than ghostTracker?
43d ago
TrapDoor Cross-Ecosystem Crypto Stealer Campaign
43d ago
Follow up : Steal Your Files Claude AI installing package because internet say so
43d ago
New to Cybersecurity: Looking for general advice & help with Nmap
43d ago
Open sourcing our hardware red team RF toolkit: the Crimson Flipper Arsenal
43d ago
Looking for tech role references
43d ago
How do you balance Paw?
43d ago
I'm a security professional who has dealt with ransomware. AMA about incident response and business continuity.
43d ago
From Stuxnet to Handala: The reverse-engineering of a nation-state cyber weapon and its implications for ICS/SCADA security
43d ago
Ghost CMS flaw being actively exploited to compromise 700+ sites and serve malware to visitors through fake CAPTCHAs. Patch has been out since February
43d ago
What Companies are Legit?
43d ago
start learning cybersecurity from scratch
43d ago
Follow-up: measuring LLM-agent failures with replay evidence
43d ago
Follow-up: measuring LLM-agent failures with replay evidence
43d ago
WhatsApp users on alert after hacker drops massive dataset
43d ago
17 years old going into CS — what certs should I start going after now?
43d ago
i want to hire an osint expert
43d ago
Open University pros/cons
43d ago
How important do you think browser/device fingerprinting has become for modern fraud detection compared to traditional bot detection?
43d ago
Career in IAM as a fresher
43d ago
Anyone Can Silently Steal Your Files from your Claude AI chat – Live Demo
43d ago
Need Advice
43d ago
Before going to college, what certifications should I get to prepare myself for cyber security as a person with no experience with cyber security at all?
43d ago
Someone from Germany on iOS keeps trying to login to my MSFT account
43d ago
AI cautionary tale...
43d ago
AI powered red vs blue teaming
44d ago
Starting a security analyst student apprenticeship next week, need advice
44d ago
Why CVE Does Not Work for AI Agents, but AVE?
44d ago
SC-200 or Security+ — which actually helps land a security title
44d ago
How about AI having access to your hard drive.
44d ago
How a Date Tag Hijacks macOS via ExifTool
44d ago
Need ideas for final year cybersec project : “CodeSafe” MCP for AI coding tools
44d ago
How credential brokering prevents AI agents from compromising credentials via prompt injection
44d ago
Built a tiny daily cyber puzzle game during evenings/weekends
44d ago
Crypto4A launches quantum-safe rival to AWS Secrets Manager
44d ago
ZTE rated this router leak 3.5 Low. NVD rated it 6.5 Medium. The impact explains why.
44d ago
Cyber Sec project
44d ago
CySA+
44d ago
Anyone tried Morgancyberhelp ?
44d ago
As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free
44d ago
Why are most of the dfir tools built to be used in windows
44d ago
OnlyFans mega leak reveals 340M user records, hackers claim
44d ago
Perplexity BumbleBee
44d ago
Cisco patches critical 10.0 flaw in Secure Workload APIs
44d ago
Stalker has my phonenumber
44d ago
Need some guidance
44d ago
Are you currently allocating budget to services that remove executive PII from B2B data brokers?
44d ago
About CEHv13 book
44d ago
We open-sourced the most dangerous part of our security startup on purpose.
44d ago
Which conference(s) result in the most people finding jobs?
44d ago
My discord account has been hacked second time even after enabling two factor authentication and resetting password
44d ago
What's the most efficient way to learn cloud governance and compliance
44d ago
Does anyone know C2 framwork and free hosting to host C2?
44d ago
CIS-CAT Assessor for assessment Windows server 2022 and 2025
44d ago
Auditor wants a specific access report format and our IAM tool can't produce it, how do you handle this
44d ago
Installed BlueStacks, 3 hours later "new login on your google account" and its from the same city as me and a samsung s22 galaxy that i did not authorize, does this have any relation to bluestacks?
44d ago
Recent adoption of AI taught me what is Cybersecurity.
44d ago
The Pentagon Changed the Rules for Cybersecurity Compliance
44d ago
Can someone explain to a noob like me what the implications of this exploit are?
44d ago
SHub's "Reaper" Variant Seen Bypassing New macOS Terminal Protections
44d ago
Window between zero-day CVE and a patch!
44d ago
Is it risky when a website puts on technology components with versions they used in their website?
44d ago
Anyone else losing their mind over this "AI Cybersecurity" hype?
44d ago
URL parsing behavior in a canonical tag lab
44d ago
Would an open source CLI tool that audits GitHub repos for supply chain attacks be useful to you?
44d ago
Any tips for me pls
44d ago
How do you minimize legal liability as a solo contractor?
44d ago
How does your MSSP handle fine-tuning detection rules for false positives? (e.g. "Guest" policy hitting UDP/TCP scan alerts) — do you verify with the customer before suppressing?
44d ago
Mentorship Monday - Post All Career, Education and Job questions here!
44d ago
Provenance: A survival toolkit for an AI dominant information landscape
44d ago
[ Removed by Reddit ]
44d ago
Active Drupal SQLi exploitation is a real „patch now“ moment
44d ago
machscope — macOS XPC, Mach services, launchd, and trust relationship explorer (zero-dependency, terminal-native)
44d ago
Need suggestions and input; not a promotion
44d ago
Need advice!
44d ago
New Zealand is becoming a focal point for AI-driven superhacking threats.
44d ago
nmap on Linux: Guide to Network Scanning and Discovery
44d ago
TrapDoor supply-chain campaign hits npm, PyPI, and Crates.io with AI-assistant poisoning angle
45d ago
How would Phishing look like in the future? (targeting agents, not humans)
45d ago
Best beginner/intermediate book for system security (blue team / defense / audits)?
45d ago
Why is on-prem and air-gapped asset inventory still such a mess?
45d ago
keep getting MS authentication sign in attempts?
45d ago
Silly issue
45d ago
How to practice cybersecurity while studying prograaming ?
45d ago
[AI Security] Exploring Behavioral AI for Runtime Threat Detection
45d ago
Podman and krun: is it pointless to harden quadlets?
45d ago
How to handle security researchers (and firms) without a bounty program?
45d ago
Product analytics is becoming a third-party breach surface
45d ago
How can i learn and get into red teaming?
45d ago
Governments increasingly assume they’ll use offensive cyber tools as part of state power | Federal News Network
45d ago
I got hacked
45d ago
Soc analysts in big companies, how it looks like?
45d ago
CTO at NCSC Summary: week ending May 24th
45d ago
These special phone and app features can help protect you from spyware
45d ago
Is there a tool that lets you automatically rotate all your ssh keys and k8s creds and whatever else with a click of a button?
45d ago
Capcha Code Malware
45d ago
getting lost when hunting
45d ago
How to find information behind an account?
45d ago
Theoretical Design Concept for Post-Exploitation Browser Defense
45d ago
Google Certifications...
45d ago
How to continue when finding a possible Vulnerability but local law prohibits me from investigating further
45d ago
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
45d ago
Is the CISSP still a reputable cert for getting jobs?
45d ago
Which of these gоv roles would fare better in the private sector?
45d ago
Laravel Lang packages hijacked to deploy credential-stealing malware
45d ago
Mapping binaries to EDR feature spaces
45d ago
Lost my number + WhatsApp account — worried about old chats, photos, and videos
45d ago
what is the most painful or time-consuming part of your work right now?"
45d ago
Anthropic says Mythos has already found more than 10,000 vulnerabilities
45d ago
What is the experience needed for “entry level” cybersecurity jobs?
45d ago
Browser extension testing.
45d ago
Interviewer ask me if you observe port scanning from internal ip , the scanning ip is not authorised for scanning. How will you investigate it and how will you find attackers ip?
45d ago
Have you ever had your face or voice misused by AI? I’m building a free reporting tool and need feedback
45d ago
Prompt Injection finally broke my brain a little. My first article as a cybersecurity student, cat approved edition
46d ago
Can someone recommend me some good, large universities to study cybersecurity?
46d ago
New guy khikhi
46d ago
Examples of intentional backdoors being breached?
46d ago
Non-Compliant Vocab
46d ago
Drupal Core SQL injection flaw actively exploited less than 48 hours after patch. 15,000 attack attempts already recorded across 6,000 sites
46d ago
infostealers just spawned a 5,000+ repo github supply chain attack
46d ago
The latest Megalodon campaign against GitHub leveraged a spray of fake PRs targeting CI workflows. Here's the complete analysis
46d ago
GRO frag
46d ago
We audited 12K n8n templates: most have critical vulnerabilities
46d ago
Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm.
46d ago
Taking the PSAA - Practical SOC Analyst Associate by TCM Security next week
46d ago
Mitigated Vulnerabilities by Vendor as Feed
46d ago
Kash Patel-Linked Merchandise Site Goes Dark After Hack Allegedly Spread Malware to Visitors
46d ago
A new GitHub attack dubbed Megalodon compromised more than 5.5K repositories
46d ago
Where can I find the tools freely on internet to practice for soc analyst
46d ago
residential proxies
46d ago
Recommendations for getting started in cybersecurity
46d ago
Linux mint or Ubuntu for complete beginner
46d ago
Indirect prompt injection is jokingly trivial. AI is social engineering a toddler with the knowledge of the world.
46d ago
Pentesting company recommendation
46d ago
Have you ever failed a certification exam?
46d ago
AI Chatbot Security Research – Prompt Injection Behavior in Financial Context (Seeking Responsible Disclosure Guidance
46d ago
What do i need to learn to get into application security? Which Degrees/Certs
46d ago
RSAC online membership? Is it worth it?
46d ago
Can someone give me a detailed roadmap for becoming a SOC Analyst?
46d ago
Puedo conseguir trabajo?
46d ago
How do i learn networking for cyber security?
46d ago
What's going to be Hacking and Cybersecurity's future is gonna be like?
46d ago
Cyber security placement - Interview Help
46d ago
Anonymous revendique le piratage de satellites chinois pour protester contre les lois sur la vérification de l'âge
46d ago
Feedback needed
46d ago
Handoff Transition
46d ago
Just added an interactive security map showing exactly what the server sees (and doesn't)
46d ago
Trend Micro warns of Apex One zero-day exploited in the wild
47d ago
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
47d ago
https://www.reuters.com/business/finance/morgan-stanley-asks-bankers-carry-separate-phone-china-trips-source-says-2026-05-20/
47d ago
Harvard and 140 other legitimate websites compromised
47d ago
Votre Satisfaction Dans Votre Travail
47d ago
5,561 GitHub repos got malicious CI/CD commits injected in 6 hours. The commits looked exactly like routine bot maintenance. Here is what happened and how to check if you were hit.
47d ago
US states urge Congress to renew cybersecurity grants
47d ago
The CISO's Guide to IDE Security in 2026
47d ago
Help with evilginx
47d ago
Watching AI Brain Drain on Attackers in Real Time
47d ago
Zyxel super-admin credential leak expanded from one router image to CPE/ONT/LTE/5G devices + password gen algorithm.
47d ago
api-rta cyberwarfare labs
47d ago
Does Security Implement Fixes?
47d ago
Ultimate Cybersecurity without needing AV ect?
47d ago
User Onboarding with IAM
47d ago
pnpm 11 Might Finally Be a Better Default Than npm
47d ago
14 npm/PyPI/AI Supply-Chain Threats Today (2026-05-22): Critical Worms, Credential Harvesting, and RCEs
47d ago
Hunting a PhaaS Operator: From Phishing Email to Lagos, Nigeria
47d ago
Millions of NGINX Servers Face Fresh Zero-Day Concerns After Recent Rift Patch dubbed "nginx-poolslip"
47d ago
Looking for a cybersecurity professional to interview for a university project (interview in French)
47d ago
Safe read-only check script for Copy Fail / CVE-2026-31431
47d ago
New to GRC at an MSSP startup. Want to build a local AI on an RTX 3050 to automate documentation without leaking data. Possible?
47d ago
[TOOL] CLR-Stomp – BOF-Based .NET CLR Stomping for Stealthy inlineExecuteAssembly
47d ago
Cisco used AI to write security incident reports, with mixed results
47d ago
[TOOL] QSLCL v2.1.4 - Universal Silicon Communication Layer (DFU/EDL/BROM)
47d ago
Cyber Insurance Actuary Looking for Educational Resources
47d ago
As a bank , how do i give protected access to claude to my team?
47d ago
Can seasonal Apple Store employees apply for internal IT/cybersecurity roles?
47d ago
Reliable IP reputation check tools besides IPQS?(for work)
47d ago
Supply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility (5/2026)
47d ago
Time to Switch: How to Set Up Passkeys Before Microsoft Ditches SMS 2FA Logins
47d ago
Hacked by Rat Tools for 2.5 years.
47d ago
Google API Keys Remain Active After Deletion
47d ago
how do cyber sec consultants and pentesters actually get new clients?
47d ago
Post Incident Paranoia?
47d ago
Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector
47d ago
Upcoming CS Student: What OS approach is best to balance university coding and learning cybersecurity?
47d ago
Sensing ‘renewed outbreak’ of war, Iran hackers vow ‘dozens’ of ‘devastating’ infrastructure attacks ready
47d ago
You can counter MEMZ with Krotten in XP
47d ago
What are the most effective ways to do Blackbox testing?
47d ago
Npm registry sets stage for more secure package publishing
47d ago
Need a Wi-Fi Adapter for Better Range + Wi-Fi Pentesting Support
47d ago
Basira - open source AI code reviewer with OWASP audit, 0 CVEs, BYOK
47d ago
Is the Cybercorps SFS still worth it?
47d ago
Microsoft warns hackers are exploiting password resets to gain access to user accounts
47d ago
Unpopular opinion: the GitHub breach is 100% predictable and the security industry deserves the blame
47d ago
WORM USB drives
47d ago
An OWASP-aligned launch gate for AI agents — Would you please share critique on the threat model?
47d ago
CISOs - Holding the Line
47d ago
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
47d ago
Security Scroll Down?
47d ago
mass github repo backdooring via CI workflows(Megalodon)
47d ago
Threat Modeling Autonomous Dev Agents: How do we cryptographically prove a human actually reviewed a commit?
48d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
48d ago
DNS blocked by Cisco Umbrella, but symantec EDR & Event Viewer are completely blind
48d ago
FaceTec (ID verification) company appears to store user biometrics
48d ago
CVE-2026-34474: ZTE H298A / H108N routers expose credentials before authentication
48d ago
It seems that FaceTec (ID Verification company) allows for storage of user biometrics
48d ago
Two Microsoft Defender vulnerabilities actively exploited. One grants full SYSTEM access. CISA has a June 3 federal deadline. Here is what to check.
48d ago
Can I block outbound connections to Google cloud on my host firewall? What port? What IP range? Any advice. Trying to prevent Google spying and collecting data
48d ago
What Questions Do You Ask During SSP Control Interviews?
48d ago
Feed The Cat BackDoor
48d ago
Flipper One - Asking for help from the community
48d ago
Flipper One — tech specs
48d ago
Architecture Zero Trust détaillée
48d ago
Cybersecurity in Healthcare
48d ago
Staged publishing for npm packages | npm Docs
48d ago
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros (Yes there is another one, only a CVS 5.5 though this time, still looks pretty bad though)
48d ago
Neither MFA, Passkey, nor trusted IP help here
48d ago
cyber security remote
48d ago
CSIRT incident response
48d ago
Trying to find a graduate role
48d ago
Microsoft warns of new Defender zero-days exploited in attacks
48d ago
what is the best security app option for pixel8a?
48d ago
How an image could compromise your Mac: understanding an ExifTool vulnerability (CVE-2026-3102)
48d ago
IoT Security
48d ago
GitHub links repo breach to TanStack npm supply-chain attack
48d ago
Another working Linux LPE exploit is out. How are teams treating local-only bugs now?
48d ago
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
48d ago
Google publishes exploit code threatening millions of Chromium users
48d ago
landing a remote Vulnerability Management role
48d ago
Three low-hanging vulns in a Rails SaaS: unauthenticated S3 uploads, rate-limit bypass via proxy pool, and OAuth route leaking internals. Full authorized case.
48d ago
I feel like the past month has been more optimistic than in the past with AI taking jobs. Has the market been the same for those hunting?
48d ago
Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
48d ago
What volume of TPRM do you handle per month?
48d ago
safest virtual machine?
48d ago
Second Time, Same Sandbox: Another Anthropic Claude Code Network Sandbox Bypass Enables Data Exfiltration
48d ago
Cybercrime service disrupted for abusing Microsoft platform to sign malware
48d ago
GitHub notifications
48d ago
Is there no more privacy left in the world?
48d ago
Microsoft Edge had a password blunder, and it raises a bigger browser trust problem
48d ago
Huawei zero-day attack behind last year’s crash of Luxembourg's entire telecoms network
48d ago
Aconselhamento / mini texto
48d ago
CISA with an absolutely embarrassing data leak.
48d ago
Microsoft is pulling the plug on SMS codes, wants you to switch to passkeys
48d ago
Anyone else feeling like static AppSec workflows are starting to hit limits?
49d ago
GitHub breach highlights developer tools as part of attack surface
49d ago
Why do some malware use unique user-agent strings?
49d ago
Encrypted emails bypassing email security tool
49d ago
Ctf groups
49d ago
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era
49d ago
Opensource that automatically scans your git repos for breaches
49d ago
CVE-2026-34472: According to ZTE, an unauthenticated auth bypass is just a 'customer-specific low-risk requirement.' MITRE disagreed.
49d ago
Your developers are deploying agents in your production environment right now. You have no governance for it.
49d ago
¿Como me preparo para EC-Council CSA?
49d ago
The IBM X-Force Index 2026 explains all three in one finding.
49d ago
Securing iPad's question
49d ago
Cybersecurity 101
49d ago
What would this job role be?
49d ago
MSPs & MSSPs suck
49d ago
[ Removed by Reddit ]
49d ago
Crossroads
49d ago
Advice regarding "SOC" job that automates everything
49d ago
Is this Medium article about "NetMirror" malware legit?
49d ago
AI silently removed human-in-the-loop security checks during a large refactor. Is this a known phenomenon?
49d ago
Developer tooling is part of the attack surface before a project is even run
49d ago
How the hell do you manage developers, their code, their apps?
49d ago
Hackers Spent Nearly 3 Months Inside the New York City Health System Before Anyone Noticed
49d ago
Do people still rely on antivirus software in 2026, or is built-in security enough now?
49d ago
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories
49d ago
Automatic CLI for spinning up vulnerable labs + objectives
49d ago
ISO/IEC 27701 scenario question
49d ago
Discord rolls out end-to-end encryption on voice, video calls
49d ago
GitHub investigates internal repositories breach claimed by TeamPCP
49d ago
Two AI-based science assistants succeed with drug-retargeting tasks
49d ago
America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames
49d ago
An AI coding assistant installed malware into production environments. Nobody typed the command. AMA on what "supply chain attack" means now.
49d ago
New to cybersecurity
49d ago
Anyone interview or work with Moxfive?
49d ago
A stealth Firefox version that passes all anti-bot and CAPTCHA
49d ago
mkPIVM - a polymorphic position-independent shellcode virtualizer
49d ago
Started in IT and need a Cybersecurity Roadmap with my Useless Degree!
49d ago
GitHub announces internal data breached.
49d ago
Roadmap to Cybersecurity roles
49d ago
Malware installed without literally doing anything?
49d ago
CTFs
49d ago
Crossroads
49d ago
Canara Bank SuRaksha Cyber Hackathon 2.0,
49d ago
Anti BOT Tipps und Tricks gesucht.
49d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
49d ago
New to Cybersecurity
49d ago
Is the ISC2 Certified in Cybersecurity worth it?
49d ago
Average Days to Close by Source CNAPP Severity Tag 2026
49d ago
I want free nmap resource
49d ago
If I clear browser history regularly, does it reduce the chances of malware that target browser data?
49d ago
What is next after 1.5 Year as Security Analyst?
49d ago
Analysis advice
49d ago
Stop me if you heard this one before... (YellowKey related)
49d ago
Can you be protected from yellowkey by disabling WinRe? does it work from support os then WinRe?
50d ago
Looking for advice: where should I post/publish CVE write-ups?
50d ago
Cybersecurity statistics of the week (May 11th - May 17th)
50d ago
How can I test my website locally for cybersecurity?
50d ago
Use of coding in security operations
50d ago
Iran demands Big Tech pay fees for undersea Internet cables in Strait of Hormuz
50d ago
Microsoft disrupts cybercrime service that abused software verification systems en masse
50d ago
I've built an open source honeypot probe database accessible via curl, http and mcp
50d ago
6,000+ Automatic Tank Gauges Exposed With No Authentication
50d ago
Twice in two days I've had a MS Auth request from a random device, I changed my password after the first, what more can I do to protect my email?
50d ago
If humans are the weakest link, why won't companies evolve?
50d ago
Someone asks "How much does a VAPT cost?" or "Do we really need a penetration test?"
50d ago
Cloudflare's CISO gives his hands on review of Anthropic's new Mythos LLM
50d ago
Local transcription vs cloud transcription, which actually feels safer?
50d ago
Why do governments and militaries still use what amounts to giant preshared electronic codebooks when we have really good encryption today?
50d ago
Shai-Hulud keeps burrowing: 314 npm packages infected after another account compromise
50d ago
Shai-Hulud source leak is turning npm malware into a copycat problem
50d ago
Framework for Preventing Secret Ideas from Leakage
50d ago
Local LLM for building AI Security platform
50d ago
SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access
50d ago
Emerging Cyber security niches
50d ago
ISO/IEC 27701
50d ago
Solo dev building a terminal-heavy hacking game inspired by corporate security
50d ago
Symantec has published its analysis of Fast16: a pre-Stuxnet sabotage tool built to subvert nuclear weapons simulations
50d ago
CS/IT Student Looking to Grow My LinkedIn Network 😃
50d ago
CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models)
50d ago
Is Amazon Cognito a good choice long term? Alternatives?
50d ago
Was hacking easier in the 80s and 90s and early 2000s?
50d ago
Need some Advice in SOAR heavy environment
50d ago
Trying to find serious builders in cybersecurity - not just “let’s build” conversations
50d ago
AI Phishing
50d ago
One Hacked Login Led to a Massive Cloud Breach, Microsoft Reveals
50d ago
How easy is it to get into the cyber security field?
50d ago
314 npm packages just got compromised, 271 @antv, echarts-for-react, size-sensor, timeago.js
50d ago
Frontend SWE (3-4 YOE) looking to pivot to AppSec. Where should I start?
50d ago
‘The Worst Leak That I’ve Witnessed’: U.S. Cybersecurity Agency Leaves Its Digital Keys Out in Public on GitHub — Gizmodo
50d ago
CEH/CPENT vs OSCP vs GPEN
50d ago
ntroducing Yokai Linux — A Cyberpunk Security-Focused Linux Distro”
50d ago
CISA Contractor Admin Leaked AWS GovCloud Keys on Github
50d ago
Suspecious activity in my account
50d ago
Is it safe to use my first name and middle name on platforms?
50d ago
Stuck choosing a cybersecurity specialization — especially with a local market context (Senegal). Need honest advice.
50d ago
Just received an email from shinyhunters about their amtrack hack
50d ago
Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access
50d ago
Bywaf: an auditable Python commandlet framework for chained pentest workflows
50d ago
For anyone currently working in a SOC:
50d ago
Fellow Tier 1 SOC/Security Analysts - What does your day to day look like?
50d ago
How do you threat hunt for RMM tools in environments where RMM is all over the place?
50d ago
Microsoft - "your single use code" email when it was not requested by yourself
50d ago
Directory of vendor security questionnaires
50d ago
Mini Shai-Hulud Strikes Again: TanStack + more npm Packages Compromised
50d ago
MCA student with 2 yrs SOC/VAPT experience struggling to land interviews — looking for guidance/referrals
50d ago
Cybersecurity job market in Phoenix (East/West Valley?) – looking for local insight
51d ago
How is AI affecting the cybersecurity market?
51d ago
MCP security
51d ago
YellowKey Mitigation
51d ago
Anyone else on the receiving end of ShinyHunters extortion email?
51d ago
Ultimate irony: Microsoft researchers say you shouldn’t trust AI with work docs
51d ago
What’s the biggest mistake people still make about online security in 2026?
51d ago
Anthropic shuts the EU out of its most advanced cyber AI model
51d ago
Most AI agent governance playbooks still assume you can turn the agent off... Once its wired into production that stops being true [Rethinking AI security through a dimmer switch lens]
51d ago
Best hotel for attending all three conferences in Vegas?
51d ago
What's your company's actual PQC migration plan? Not the one on paper - the real one.
51d ago
Does buying local cybersecurity (services/products/etc) matter to you?
51d ago
LinkedIn user hides AI prompt injection in bio to force recruitment spam to be sent in Olde English prose
51d ago
Detection Engineering AI Maturity Framework
51d ago
Microsoft code
51d ago
Microsoft confirms Windows 11 security update install issues
51d ago
Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’
51d ago
Exploit available for new DirtyDecrypt Linux root escalation flaw
51d ago
Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
51d ago
Suspicious with a company offer letter
51d ago
Direct external access to CyberArk PVWA vs. enforcing a VDI/Jump Box first?
51d ago
Why do some recovery workflows still require full wallet uploads?
51d ago
Need help with interview for soc l1
51d ago
Feeling stuck in SOC want to moving toward Detection Engineering & Cloud Security (need guidance & cert roadmap)
51d ago
New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released
51d ago
carrer path in cybersecurity for a btech stud
51d ago
Agents usage in production
51d ago
‘Q-Day’ is almost here. It could unleash a cybersecurity crisis far worse than Y2K
51d ago
Are teams still finding AI API keys in public repos?
51d ago
Mentorship Monday - Post All Career, Education and Job questions here!
51d ago
Mean time-to-exploit just hit 2.1 days. Critical vulnerabilities everywhere. Is the AI apocalypse here?
51d ago
Does the CBP bug phones?
51d ago
What We Learned Building Runtime Visibility for Modern Telco Networks
51d ago
Ive got my Spotify account hacked! How do I solve this?
51d ago
The Politics of AI Transparency
51d ago
A million baby monitors and security cameras were easily viewable by hackers
51d ago
NGINX CVE-2026-42945 Exploited in the Wild, Causing Worker Crashes and Possible RCE
51d ago
Is cybersecurity becoming more behavioral than technical?
51d ago
Questions About Promo Items for a Cybersecurity Conference
51d ago
Dois-je m'inquiéter ?
51d ago
I am dying to work abroad , rate my journey so far
51d ago
Microsoft - "Your single use code" email when it was not requested
51d ago
Security / Compliance work going Agentic?
51d ago
Don't believe the media, specially in cybersec
51d ago
Microsoft account keeps getting Authenticator requests?
51d ago
[Tool] Grafana Final Scanner - Mass CVE Testing Script with All Public CVEs Aggregated.
51d ago
Struggling to generate security bulletins — any ideas?
52d ago
Certs to go into Security Engineer/architect
52d ago
18882745552 beware of email with this number
52d ago
Transition from traditional penetration testing into AI security
52d ago
Seeking advice on next career steps
52d ago
Will the analyst role become obsolete?
52d ago
Alert Fatigue
52d ago
Best path into cybersecurity for a high schooler?
52d ago
Keep getting hacked
52d ago
How Do I implement sessions management in a vibe coded app ? Also suggest sessions management best practices
52d ago
I’m interested in joining the Red Team Hackers Academy in Bangalore.
52d ago
A clueless teenager 💔
52d ago
Complete beginner looking to learn cybersecurity for personal/everyday use. Where to start?
52d ago
Am I overthinking Claude Code security or is this actually a risk?
52d ago
is someone know about shadow ai and can give me an explain about this im junior in cyber and i hear about this
52d ago
ISO/IEC 27701 ( SoA ) Applicability
52d ago
Security Executive Playbook
52d ago
This article about AI allucinations written by thehackernews, is literally written with AI lol... We need to do something to stop this phenomenon
52d ago
I feel crazy I hope someone has insight .
52d ago
ΡHANTΟΜ Al-Powered Pentesting Command Center
52d ago
Interview Assessments
52d ago
We built a blue-team mode for AI security training — you write a defensive prompt, we throw 12 attack probes at it
52d ago
Questions about data blockers
52d ago
Post Implementation task
52d ago
Mythos, MOAK, CTEM and the End of CVE Chasing
52d ago
Cyber security jobs in Austria
52d ago
Personal favorite deception layer.
52d ago
Estudiar Ciberseguridad
52d ago
Learning way
52d ago
How do you report large volume detections to a CISO without making the BPA report a SOC story?
52d ago
Can anyone share bugbase platform screenshot having professional usage on dashboard?
52d ago
CTO at NCSC Summary: week ending May 17th
52d ago
Security Executive Playbook
53d ago
Tired of tab-switching between CTI tools - here's what we put together
53d ago
I contributed to an open-source Bluetooth stress testing tool that just got a major algorithm refactor
53d ago
In Cybersecurity
53d ago
Anyone else feel like most MSP tooling is either overkill or painfully manual?
53d ago
Thinkpad vs Macbook pro endpoint security
53d ago
Any more affordable alternatives to “IntelligenceX”?
53d ago
Experts Confirm the Fast16 Malware Was Sabotaging Nuclear Weapons Tests, Likely in Iran
53d ago
tanstack checker github action
53d ago
Drivers Alpha AWUS036AXML
53d ago
Splunk download for free
53d ago
Funnel Builder WordPress plugin bug exploited to steal credit cards
53d ago
Anyone here using pager duty?
53d ago
Scammer targeting posters
53d ago
Seeking advice
53d ago
Looking for Free Cybersecurity Conferences & Meetups in Europe (September 2026)
53d ago
Just got an email about a single use code, maybe someone was trying to log in?
53d ago
Can a background in DevOps enter the cybersecurity field?
53d ago
Using ai in learning
53d ago
Avanzamento area Blue Team/SOC
53d ago
Please what could be helpful
53d ago
CVE exploit chain
53d ago
What are the widely accepted SaaS security accreditations/audits an app should seek in fintech
53d ago
Preparing for The Quantum Era: AT&T Business Debuts Post-Quantum Cryptography Secure SD-WAN, Powered by Cisco
53d ago
Major flaw in Indian Cyber and IT assurance landscape
53d ago
Red Team Ops Ⅱ ( CRTL ) exam preparation
53d ago
Recomendations
53d ago
Recommended cybersecurity certification for a UX designer new to the domain?
53d ago
insdubai.com: Motor insurance policies, data of insured persons was exposed on an unprotected server
53d ago
Career path
53d ago
Merit America offers a program that gets you into cyber security roles.
53d ago
Brovan: Binary user-mode emulator for x86_64
53d ago
AmEx Interview!
53d ago
Developer credential-stealing pipeline also collected operator workstations
53d ago
need help building a case.
53d ago
Personal favorite SIEM platform?
53d ago
Cardputer ADV
53d ago
Alternative for Qualys
53d ago
The 4th Linux kernel flaw this month can lead to stolen SSH host keys
53d ago
Stack Buffer Overflow Explained (Using a Classic Doom Bug)
53d ago
Confused about cybersecurity career
53d ago
Transferring from pen test consulting to application security?
53d ago
Curso de especializacion de Ciberseguridad
53d ago
Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox?
53d ago
Lost, tempted to throw in the towel
53d ago
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
53d ago
I open-sourced a Docker security scanner I use to audit all my websites
53d ago
Testing Deception Technique
53d ago
A malware got into my account and spread spam ad to my friends and relatives
54d ago
North Korean Hackers Now Using AI? Kaspersky Warns of New Cyber Threat Targeting South Korean Govt Systems
54d ago
Most pentest reports I review are padded with garbage findings
54d ago
Cyber Essentials and use of third party websites - MFA
54d ago
Rapid 7 and Cisa Kev
54d ago
Anyone know much about MS Defender?
54d ago
EN18031 for IoT: struggling to see the big picture — advice from experienced people?
54d ago
Automating Code Security Reviews
54d ago
New Linux privilege escalation flaw ‘Fragnesia’ disclosed; PoC available
54d ago
AI coding tools on developer machines — looking for input on how you're handling it
54d ago
Chrome 148 Update Patches Critical Vulnerabilities
54d ago
Microsoft warns of Exchange zero-day flaw exploited in attacks
54d ago
I need help. i am lost
54d ago
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defence
54d ago
Physical red teaming: 7 low‑tech paths we keep finding into ‘secure’ environments
54d ago
SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not?
54d ago
I'm going crazy. At the application level what I can actually do to prevent DDos?
54d ago
Is anyone enrolled in Intellipaat's cybersecurity course?
54d ago
Will AI Replace Cybersecurity Jobs?
54d ago
What's best certification choice after OSWE
54d ago
Facebook Page Call Slipping through Sleep mode
54d ago
ssh-keysign-pwn: Linux LPE allows unprivileged users to read root-owned files. PoC with SSH server privkey
54d ago
New Linux LPE allows local users to read any file, including privkeys
54d ago
A fix for the previous Linux kernel critical exploit has seemingly introduced another critical local privilege escalation exploit, a third in two weeks.
54d ago
Your experience as IT Admin on Alerts
54d ago
Slow-drip responses as a bot defense: streaming fake credentials 3 bytes at a time
54d ago
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
54d ago
Discord VC lag Exploit
54d ago
FrostyNeighbor: Fresh mischief and digital shenanigans
54d ago
Bug FB - Inicio de sesion por password
54d ago
Does anyone know how to configure EVILGINX for testing
54d ago
How long does it take to get familiar with a tool
54d ago
Scam website
54d ago
ANTS Hack: 19 million records exposed in French ID agency breach
54d ago
Is it really that easy to obtain SMS codes using an SS7 attack?
54d ago
AI coding tools are shipping code faster than security can review it. What's your team doing about it
54d ago
Interview for AI security engineer position at a fortune 500 company
54d ago
How’s the job market for Senior AppSec Engineers? How are the interviews?
54d ago
Has anyone read "The Art of Deception"? How does it hold up to now?
54d ago
Is metadata protection becoming more important than traditional endpoint security for ordinary users?
54d ago
Zero trust in hybrid environments - what's actually worked for you
54d ago
Have you encountered issues with CSAF advisories in practice?
54d ago
Zero trust in hybrid environments - what's actually working for you
54d ago
OpenAI confirms security breach in TanStack supply chain attack
54d ago
Bachelors Degree Options
54d ago
I need help protecting my privacy
54d ago
Free Threat Intellegence
54d ago
What discovery in cybersecurity amazed you the most?
54d ago
Scholarship for Service
54d ago
For teams archiving logs outside the SIEM: how often do you actually query them, and for what reasons?
54d ago
Another day, another supply chain
54d ago
How often do you actually see SSRF exploited in real incidents vs just discussed in CTFs/blogs?
54d ago
Teaching Linux+ & CEH.....
54d ago
Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon
54d ago
SIEM use case development
54d ago
JFrog vs Mend as Scanners
54d ago
KQLab - open-source query manager for SOC teams
54d ago
Which Vendors Publish the Best (or Worst) Security Advisories?
54d ago
Synthetic training data vs. real attack telemetry — does it actually matter?
55d ago
Operative IT-Sicherheit | SIEM & Splunk
55d ago
SOC not for junior level?
55d ago
Cybersecurity at MSG
55d ago
pii-tools.com reputable?
55d ago
Hey all! sharing this week's issue I wrote on the TeamPCP supply chain compromise
55d ago
Contract jobs worth the risk?
55d ago
HackTheBoxAcademy vs LetsDefend vs CyberDefenders
55d ago
Automating code security reviews with Claude: near Mythos-level capabilities at lower cost
55d ago
Making Right Career Decision?
55d ago
I tried using apparmor (linux security) but it doesn't seem to work very well
55d ago
Level Effect AMA! Former NSA Operators turned EDR developers and trainers in 2020. We’ve seen a lot of trends over the years and want to start being active in r/cybersecurity giving back. Ask us anything!
55d ago
Struggling to Stay Up to Date With Vulnerabilities
55d ago
How to Transfer files Safely from a Compromised (work) Device
55d ago
Two brothers deleted 96 federal databases after being fired – one googled how to hide the evidence afterward
55d ago
Multiple data breaches in one week
55d ago
How are small security teams handling vulnerability overload now?
55d ago
Concerns mount that EU will demand age verification for VPNs
55d ago
Automating code security reviews: Claude Mythos-level capabilities with lower cost
55d ago
The Rare Patch: A Digital Sovereignty Challenge
55d ago
Advise
55d ago
GRC
55d ago
Admins and Engineers
55d ago
Microsoft's multi-agent AI system tops Anthropic's Mythos on cybersecurity benchmark
55d ago
Prompt injection in browser coding agents is the threat model nobody is ready for
55d ago
New Fragnesia Linux flaw lets attackers gain root privileges
55d ago
Transition from MSP to Network Engineering?
55d ago
So called “off grid” method
55d ago
Convince me I’m not paranoid: a unique hacking situation.
55d ago
Hunting the Behavior Behind npm Supply Chain Attacks
55d ago
Question for AppSec Members
55d ago
Beginners guide to Google Dorks by Heisenberg
55d ago
Alguém sabe algo sobre raven eye technology
55d ago
Gophish Porject - Requirement
55d ago
Security Team Won’t Assess Risk
55d ago
Trusted Unknown Apps Protocol (TUAP) – A Global Behavior‑Based Security Framework
55d ago
Microsoft’s new multi-model agentic security system tops leading industry benchmark
55d ago
Microsoft MDASH Deployment Identifies 16 Windows Flaws via 100+ AI Agents
55d ago
Overwhelmed on how to enter the job market.
55d ago
Social media scam bill targets tech giants as New Yorkers lose billions
55d ago
What are the biggest technical & cultural hurdles you’re facing right now?
55d ago
CISSP / CCSP training - Experienced engineer
55d ago
Vulnerability in Canvas/Instructure Support Tickets had part in breach?
55d ago
is malwarefox legit?
55d ago
what lab to learn zero trust?
55d ago
Anyone else got a bunch of emails leaked by Samsung?
55d ago
This is what some the world's largest banks of malware look like stacked as hard drives
55d ago
I need feedback on my project please
55d ago
would like to understand the role of "Cyber Insurance UnderWriters"
55d ago
Free on-device tool for monitoring AI traffic on macOS — visibility before policy
55d ago
Is secure evidence handling and controlled derivative file sharing needed?
55d ago
Will Adding Some Certifications Help Me in the Job Market?
55d ago
Linux driver posted for Intel Silicon Security Engine Interface "ISSEI"
55d ago
Hello guys I am hearing everywhere Cybersecurity is the most demanding Subject. If it is true then where can I learn and get certified?
56d ago
Fragnesia made public as latest Linux local privilege escalation vulnerability
56d ago
HP ZBook Fury G8 vs ThinkPad T Series for Cybersecurity?
56d ago
NIST is surrendering to the amount of CVEs coming in
56d ago
Military Veteran looking to get into the Cyber Field
56d ago
Microsoft BitLocker-protected drives can now be opened with just some files on a USB stick — YellowKey zero-day exploit demonstrates an apparent backdoor
56d ago
Post-quantum audit substrate for critical national infrastructure. The NCSC 2031 high-priority deadline reframed as an operator-side playbook.
56d ago
Cve apis for a database
56d ago
Empresas de Cyberseguridad en Mexico (Reacciones)
56d ago
Joined a new company: GRC landscape advice
56d ago
Removing admin rights
56d ago
a leak from "the gentleman" ransomware group confirms Infostealers were often used to establish initial access
56d ago
FamousSparrow's evolved DLL sideloading - execution gated behind the host app's normal control flow
56d ago
Golden years for cyber security about to start?
56d ago
A stealth approach to Process Injection - EntryPoint Hijacking
56d ago
Detecting CopyFail and DirtyFrag by thinking outside the box
56d ago
Adaptive Behavioral Identity: A Human‑First Model for Symbiotic Security
56d ago
Career advice
56d ago
The exponential rise of economic damage caused by cyber-crime continues
56d ago
Today's cybersecurity systems are not ready for AI
56d ago
Are certifications worth it, or do practical skills matter more?
56d ago
[Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible)
56d ago
Claude Mythos technical breakdown: CVE-2026-4747 ROP chain, OpenBSD SACK integer overflow, Linux 1-bit OOB-to-root, and what AISLE's reproductions actually showed
56d ago
Apple Supplier Foxconn in Taiwan Confirms Cyberattack After Ransomware Gang Claims 8TB Data Theft
56d ago
What to do after security+
56d ago
AI-Generated Fake Marketplaces Are Poisoning Search Results and Stealing Card Data
56d ago
Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub
56d ago
Is it realistic to move from Tech Risk/GRC into technical cybersecurity?
56d ago
Are IPhone autofill passwords safe to use?
56d ago
Access approvals happen over Slack dm and I don't know how to present that to an auditor
56d ago
🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline
56d ago
China is going dark to develop its own Mythos, German cyber chief fears
56d ago
Is prompt injection a real problem for you?
56d ago
New Exim BDAT bug shows why “just patch the mail server” is still not simple
56d ago
Microsoft France's legal affairs director told the French Senate, under oath, that he can't guarantee European "sovereign cloud" data stays out of US reach
56d ago
Cybersecurity guide
56d ago
[Conseil Orientation] LP ASUR (ANSSI) après une L3 Générale pour viser un Master Cyber ?
56d ago
How you guys rate Google Cyber security course and certificate out of 10 !?
56d ago
Cyebrsecurity Startup Advice
56d ago
Can anyone give a real world based AI based attack?
56d ago
How worried should we be about AI powered cyberattacks?
56d ago
Built STIS-ICS — an open ICS/OT security learning project
56d ago
OS scanner that checks repos for traces of the Shai Hulud worm
56d ago
Foxconn Ransomware Attack Shows Nothing Is Safe Forever
56d ago
Open-source CLI for testing LLM agents across prompt, tool, and replay boundaries
56d ago
AI Vulnerability Research and the Fuzzer Era Déjà Vu
56d ago
Explorer shows random letter/number filenames before copying my actual files — normal behavior?
56d ago
Zscaler AI Security Capabilities ?
56d ago
Cybersecurity degree
56d ago
Disgruntled researcher who dropped BlueHammer and RedSun drops two new Windows 11 zero-days: A Bitlocker bypass, nicknamed YellowKey, and LPE, nicknamed GreenPlasma
56d ago
Cyber security
56d ago
New York Senate takes on junk fees, digital subscriptions, surveillance pricing
56d ago
Cybersecurity statistics of the week (May 4th - May 10th)
56d ago
Feels like AI changed the speed of attacks more than most companies want to admit
56d ago
Anyone used Kasm or ReplicaCyber?
56d ago
Škoda warns of customer data breach after online shop hack
56d ago
Google launches new Android security feature to help uncover spyware attacks
56d ago
Fancy Bear: Stealing Credentials Invisibly
56d ago
Nightmare Eclipse has published Greenplasma and YellowKey
56d ago
Copilot Agent
56d ago
What SANS cert I should consider acquiring (from my job)? Most useful ones or one that goes across many roles?
56d ago
Career Advice
57d ago
Anyone else exhausted by the nonstop AI hype?
57d ago
Reviewing the trends in ransomware attacks in 2026
57d ago
Is It a Good Idea to Change Jobs Shortly After Getting Hired?
57d ago
SSO makes life easier but MFA keeps it safe, do we actually need both?
57d ago
Didn’t land a Cybersecurity internship—starting IT Support for POS systems. Tips on maximizing my off-hours?
57d ago
How are SOC teams actually deciding what not to investigate anymore?
57d ago
Spam calls on this number he was distrubing a girl idk about this guy but the girl placed an order on blinkit and he started acting that he's not able to find the location so she gave her number on ws and now he's spamming unecessarily
57d ago
Chris Cochran at SANS Institute: AMA about the AI Security Maturity Model we just released.
57d ago
Has anyone tryed this out yet?
57d ago
The frontier model caught my prompt injection but the cheaper fallback didn't (and most devs have no idea which one they're on..)
57d ago
Switching to Cyber
57d ago
Nitrogen ransomware group claims Foxconn after Wisconsin plant outage
57d ago
Shai Hulud attack ships signed malicious TanStack, Mistral npm packages
57d ago
Using Cape Sandbox for Phishing Analysis
57d ago
Canvas hack: company pays criminals to delete students' stolen data
57d ago
i have 1 year of experience as product security intern. Please let me know if there are any job oppurtunities available for freshers. I have to start earning.
57d ago
AI integrations are quietly creating a new OAuth supply-chain problem
57d ago
Instructure reaches 'agreement' with ShinyHunters to stop data leak
57d ago
UnMapper: a tool that crawls a target, finds its JavaScript, and reconstructs the original source tree from any sourcemaps it ships
57d ago
Hardcoded secrets in Git
57d ago
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
57d ago
UK water company allowed hackers to lurk undetected for nearly two years, regulator finds
57d ago
New ipTIME Pre-Auth RCE in CWMP
57d ago
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
57d ago
Is my phone hacked?
57d ago
Switched to a grc role after a year in SOC L1
57d ago
Forecasting Lazarus Crypto Heists
57d ago
Infrastructure Security Incident Update & FAQs
57d ago
Mini Shai-Hulud npm worm compromises 160+ packages, abuses GitHub Actions cache + Trusted Publishing. Full list of compromised packages
57d ago
In Depth Guide To VM Based Obfuscation - What it is and how to handle it.
57d ago
Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective
57d ago
Transitioned to GRC
57d ago
Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages
57d ago
German cybersecurity official warns China is close to developing AI superhacker
57d ago
Google Detects First AI-Generated Zero-Day Exploit
57d ago
“DCSA agent” calling IT Help Desk to be transferred to employees they are investigating for a clearance
57d ago
Instructure/ canvas paid the ransom?
57d ago
Troca emprego - big para consultoria ou fintech - Pentester/Red Team
57d ago
Finally, texts between Android and iPhone users can be end-to-end encrypted
57d ago
Official CheckMarx Jenkins package compromised with infostealer
57d ago
IMF warns of the potential for AI attacks on global financial systems
57d ago
🕷️ NetCrawler v1.0.0 — AI Pentesting Agent | Open Source | Fully Offline
57d ago
Cookie thieves caught stealing dev secrets via fake Claude Code installers
57d ago
Pwn2Own 2026 Capacity Overflow, Hackers Drop 0-Days Solo
57d ago
MS Defender on OT Network
57d ago
A fateful question
57d ago
SC-900 or SC-400
57d ago
What are your security non-negotiables?
57d ago
Losing my path
57d ago
Axon-captcha
57d ago
What makes companies trust small cybersecurity vendors?
57d ago
Hathor Wallet Daemon (headless) Has Fail-Open Auth – Notified via Immunefi but Closed as “User Responsibility”
57d ago
TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack
57d ago
Foxconn Wisconsin breach reportedly linked to Nitrogen ransomware, 8TB data theft claim
58d ago
These Extensions are Scraping Your AI Chats, are you affected?
58d ago
Be careful with your Git: Investigating malware spreading through Git repositories
58d ago
Training and Phishing
58d ago
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
58d ago
AI-powered hacking has exploded into industrial-scale threat, Google says
58d ago
Apple closed my bug report 4 times. MITRE wouldn't let it die.
58d ago
NASA Investigators Expose a Chinese National Phishing for Defense Software - NASA OIG
58d ago
Google spotted an AI-developed zero-day before attackers could use it
58d ago
beginner doubt
58d ago
I got my CEH Certification. SO what now?
58d ago
Construction to Cyber PM
58d ago
[ Removed by Reddit ]
58d ago
Something got downloaded on my phone and then dissappeared
58d ago
Bleeding Llama
58d ago
Do accountants even care about cybersecurityas much?
58d ago
Where Have All the Complex Windows Malware and Their Analyses Gone?
58d ago
Your Biggest Security Risk Isn’t Malware — It’s What You Already Trust
58d ago
Was the reconnaissance in Bugbounty overrated?
58d ago
Cybersecurity beginner building an experimental log analyzer — looking for advice
58d ago
Anyone else worried about AI being a security nightmare?
58d ago
Snyk not working
58d ago
Malicious tenants paid us to abuse our RMM. We blocked them
58d ago
Help reasuring parents with an email parsing tool (i will not promote)
58d ago
DFIR practitioner thinking about starting my own LLC to subcontract IR services to MSPs. Is there actually demand for this?
58d ago
cPanel & WHM Vulnerabilities Patched -DoS, Account Abuse & Security Risks Affect Hosting Servers
58d ago
5 years as a Level 1 Security Analyst and wanting to transition into consulting
58d ago
GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass
58d ago
New into network pentesting.
58d ago
Is it worth it to switching field to cybersecurity ?
58d ago
Neeed help to get cybersecurity internship.
58d ago
Mentorship Monday - Post All Career, Education and Job questions here!
58d ago
Cybersecurity and ADHD
58d ago
Anyone dealt with a VulDB submission rejection? Resubmit or reply?
58d ago
ISO 27001 certification: what auditors actually focus on versus what most teams spend time preparing
58d ago
I have a malware and need help removing it. someone please help me 🙏
58d ago
I'm starting to see a growth of apps in my org. I'd love to know how you defend against this/ secure it, and if it's happening to you too?
58d ago
EasySec - Update
58d ago
What is the cybersecurity equivalent of leaving your spare key under the doormat?
58d ago
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
59d ago
VICE: Cyberwar | Full Season 2 | Blueprint
59d ago
Linux Kernel Killswitch Proposed After Recent Vulnerability Disclosures
59d ago
Email OTP as default (often ONLY) password isn’t the solution
59d ago
Soc analyse
59d ago
Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
59d ago
Price rising
59d ago
AI Can Boost Cyber Defence But Poor Governance and Overreliance May Create New Risks, Warns WEF-KPMG Report
59d ago
Possible security incident against Arup Group
59d ago
Can honeypots be used this way?
59d ago
I think AI just quietly killed the 90-day disclosure window.
59d ago
TCM and Educate 360 are bugged
59d ago
Got an alert from google what should I do?
59d ago
UK jobs
59d ago
Need help debugging a school ZIP password-cracking lab setup pleaseeeee🙏
59d ago
Worst company
59d ago
Built a platform that combines phishing detection, encrypted file sharing, and cloud security scanning
59d ago
Msc Cybersecurity - dissertation ideas ( something that can be done in 3 or less months)
59d ago
ARGUS: 15 Production-Realistic Vulnerable AI Agent Targets for Red Teaming (Docker + Canary Scoring)
59d ago
App Store Question - Darato Sport / Dofu Sport / Kofu
59d ago
Help! - My Parents Computer is Hacked
59d ago
Ran lumma stealer from a recaptcha scam
59d ago
Port 5986 question
59d ago
CVE-2026-44843: One Chat Message Steals Your Credentials. Then It Gets Worse!
59d ago
cyber security/ segurança da informação
59d ago
College student hacks Taiwan high-speed rail line with software defined radios, stopping four trains
59d ago
Help with an Escalating Cyber-Stalker
59d ago
RRW - Rick Roll WiFi
59d ago
Best resources to start learning python for cybersecurity and automation
59d ago
Mythos AI is a cybersecurity threat, but it doesn’t rewrite the rules of the game.
59d ago
JDownloader site hacked to replace installers with Python RAT malware
59d ago
How can I fix my browser remembering what he had open last
59d ago
MS 360 CoPilot issues
59d ago
I run a malware and was wondering if its a rat or rootkit or dangerous stuff and how do i fix my pc (my dad gave ts to me can't lose it) i can give out any specific details
60d ago
ShinyHunters claims 275M records from Canvas LMS breach. 9,000 schools hit. Ransom deadline May 12.
60d ago
eBPF LSM runtime security agent for synchronous file/network denial — looking for technical feedback
60d ago
I keep seeing "what E8 maturity level should we target?" — here's the practical answer no one tells you
60d ago
OWASP TOP 10 LLM 2026 Community voting
60d ago
Second security incident at Instructure (Canvas)
60d ago
UK Advice Needed - VA+ Training?
60d ago
Gateweb - Secure Web Gateway
60d ago
Those who are in Detection engineering
60d ago
Can someone tell me of a trustable hacker?
60d ago
MSPs, how are you handling AI usage across your customer environments today?
60d ago
Shadow SSDT Hijacking: Achieving Kernel Code Execution via Read-Write
60d ago
How do i protect confidential data from unrestricted AI usage as a bank- what are good tools out there?
60d ago
ecpptv3 Exam in 3–4 Days —
60d ago
AI SECURITY: THE DEFINITIVE GUIDE — PART III | THE FINAL CHAPTER | COMMUNITY CISO SERIES
60d ago
Did CISA helped you land a job ?
60d ago
CTO at NCSC Summary: week ending May 10th
60d ago
pre pre junior needs help(guidance pls)
60d ago
Trojan malware
60d ago
SANs Courses: How do people get their employers to pay?
60d ago
NIS2 Article 21: turning compliance controls into technical security evidence
60d ago
This GBA Rom is making is having a weird behavior in the Sandbox, why?
60d ago
Why AI agent governance feels harder than traditional security models
60d ago
Confused about what certs are important
60d ago
Would getting Security+ be worthless for me?
60d ago
Submit probe test — shadow DOM click
60d ago
Threat intelligence in OT (Power equipments)
60d ago
SOC Analyst
60d ago
PAWs, PAM and PIM..what is best practice?
60d ago
This is the most in-depth analysis I have found on the Instructure/Canvas breach so far.
60d ago
Poland says hackers breached water treatment plants, and the U.S. is facing the same threat
60d ago
Millions of students are locked out. Canvas is down. And the notorious hacker group ShinyHunters has given Instructure a terrifying ultimatum: Pay the ransom by May 12, 2026, or the private data of potentially millions of users will be leaked to the dark web.
61d ago
Quacc++: Automated Open Source Vulnerability Discovery
61d ago
60% of MD5 password hashes are crackable in under an hour
61d ago
Built a correlation engine that chains AD findings into attack paths automatically.
61d ago
Dirty Frag in Kubernetes: unset seccomp behaved like Unconfined in our EKS/GKE tests
61d ago
JDownloader's official website delivered Python RAT
61d ago
Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854)
61d ago
ShinyHunters Stole 275 Million Student Records. The Ransom Deadline Is May 12.
61d ago
Note taking apps and advice
61d ago
IMF Warns AI Could Trigger Global Financial Cyber Crisis
61d ago
New Linux 'Dirty Frag' zero-day gives root on all major distros
61d ago
Is the ISC2 Cybersecurity program still worth it?
61d ago
Canvas getting hit during finals week shows how fragile “critical SaaS” has become
61d ago
Are websites exposed to the internet under attack almost every hour, even if they're small?
61d ago
Devastating 'Dirty Frag' exploit leaks out, gives immediate root access on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken
61d ago
What the **** is happening in cybersecurity space ?
61d ago
Canvas is back up, but now what?
61d ago
Instagram is getting rid of end to end encryption, what now?
61d ago
New “Dirty Frag” Linux Kernel Vulnerability Could Lead to Root Escalation
61d ago
Reported a Broken Access Control bug to Instructure via bugcrowd 11 months ago, and also sent directly to canvas and instructure since I didn’t really care about the bounty. It was deemed "not applicable".
61d ago
Did I fu by opening an (archived) Onion .txt link posted by the cybercriminal group?
61d ago
Cushman and Wakefield confirms cyberattack
61d ago
Egnyte potential ransomware attack
61d ago
So canvas is down, what'll happen if they can't come to an argreement?
61d ago
Canvas (used by 275M students) was just hacked. Here's exactly what was stolen and what you need to do right now.
61d ago
/Why/ is Shinyhunters targeting Canvas?
61d ago
Canvas Hack - Any Guesses How?
61d ago
Should I build a virtual or physical lab?
61d ago
Instructure (Canvas) Breached by Shiny Hunters — 275M Records from ~9,000 Schools/Universities, Ransom Deadline May 12
61d ago
Engineering a Zero-Trust Kubernetes SIEM: Bypassing NAT Blindness with eBPF, TC, and Suricata
61d ago
Audit/Cybersecurity
61d ago
Issues removing Trellix (and specifically solidifier)
61d ago
Pentagon eyes 3-year cyber training requirement, overriding new Army policy
61d ago
How much personal info will be leaked by the recent Canvas hack??
61d ago
Dirty Frag and canvas
61d ago
Hackers deface school login pages after claiming another Instructure hack
61d ago
Did I destroy my career by being loyal to an arguably good company?
61d ago
V4bel/dirtyfrag - Universal Linux Local Privilege Escalation
61d ago
What is CYBERRANT?
61d ago
Canvas is down as ShinyHunters hack forces outage
61d ago
New Dirty Frag Linux Bug Emerges in Wake of Copy Fail
61d ago
Heads up: AWS Educate Canvas login page may be compromised. Saw what looks like a ShinyHunters defacement page today.
61d ago
How is GRC work in a MSSP?
61d ago
SH and BF phishing console
61d ago
Finally switching over from Authy 2FA. What is the better alternative, 2FAS or Ente Auth?
61d ago
Socure authenticating AI identity as real.
61d ago
Automated SSL Certificate Renewals - What is your setup?
61d ago
Shinyhunters and Canvas
61d ago
What Cli execution do you use for a script file?
61d ago
Fiserv security incident - data breach notice
61d ago
Linux attacks seem to be shifting from “servers” to DevOps and supply chain environments
61d ago
I graduate next year with a Cybersecurity degree.
62d ago
Asking about Cortex
62d ago
Apache Caldera
62d ago
What’s the “unsexy” problem in cyber that’s actually a total disaster?
62d ago
Critical vm2 Sandbox Escape Vulnerabilities Expose Node.js Apps to Full Host RCE
62d ago
As a developer, should I use AI to improve security?
62d ago
My company has an MSP that manages our employee endpoints but we cant access the software they use to manage
62d ago
Americans sentenced for running 'laptop farms' for North Korea
62d ago
Is my laptop hijacked ?
62d ago
claude ai gave security beta to Enterprise plans only what can we do as pentesters?
62d ago
Massive .de DNSSEC Failure Took Large Parts of Germany’s Web Offline
62d ago
Advice for path to land job SOC in France
62d ago
Possible Major Vulnerability: Chromium used by current version of PRTG
62d ago
Mythos AI may be a cybersecurity threat, but it follows the rules of the game
62d ago
Control Checks using AI.
62d ago
How do native password managers clear the clipboard?
62d ago
Graduating CS Student but Wanna Start my Career in Cybersecurity
62d ago
Claude-Themed Malware Campaigns
62d ago
DeepFake it till you make it.
62d ago
The 12 ways AI agents fail in production. A taxonomy for security teams reviewing agent deployments
62d ago
What niche in cybersecurity should I go for, with my background in Angular & .NET ?
62d ago
Successor for Kaspersky Endpoint Security
62d ago
Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago
62d ago
SOC Analyst tier 1 (Entry Level) ??
62d ago
Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this.
62d ago
Made cybersecurity merch as an infosec practitioner — honest feedback welcome
62d ago
As AI agents become users of company data - what is needed to keep data secure?
62d ago
Wrote an extremely detailed 11-article series on attacking and defending APIs - top 10 vulnerabilities.
62d ago
AI inference is quietly becoming a security problem
62d ago
is winrar 7.13 vulnerable to extraction exploits?
62d ago
Tried explaining internet encryption in a beginner-friendly but accurate way, feedback?
62d ago
Is the EC-Council CTIA Certification Worth It for Career Growth?
62d ago
POC Android vuln 2026
62d ago
Credential caching is an unsolved architectural tradeoff, and we should stop pretending otherwise
62d ago
Opinions on Mimecast
62d ago
What's going on in the field of Cybersecurity 🫣.
62d ago
How do teams preserve institutional pentest knowledge when senior testers leave?
62d ago
CVE-2026-32710 MariaDB JSON_SCHEMA_VALID heap buffer overflow leading to RCE
62d ago
Sophos NDR on Proxmox
62d ago
On today's earnings call, IONQ just said they expect to meet Q-Day requirements by 2028-2029.
62d ago
DOJ says ransomware gang tapped into Russian government databases
62d ago
DAEMON Tools devs confirm breach, release malware-free version
62d ago
Have there been instances where your SOC has suffered a cybersecurity attack?
62d ago
OpenCTI founder, Samuel Hassine, arrested and charged with CSAM
62d ago
Deepfake Platform
62d ago
Trellix Licence Query
62d ago
Instructure hacker claims data theft from 8,800 schools, universities
62d ago
Is AI generated code creating a non-linear security problem for AppSec teams?
63d ago
D.H.S. Intelligence Office Did Not Properly Secure Smartphones, Watchdog Says
63d ago
Evaluating Microsoft 365 vs Third‑Party Tools for Email and Endpoint Security
63d ago
Norton Antivirus and Other Norton Software
63d ago
Would you take a promotion to work 100% in office that you’ve been working towards or same pay but work from home?
63d ago
We scanned 200 high-star MCP servers. 205 critical findings. Here are 4 novel attack classes.
63d ago
Download a malware a while ago, someone trying to log into my ios account
63d ago
Org Restructure
63d ago
Does SOC 2 actually reduce questionnaires, or just change them?
63d ago
Google VRP dismissed a systemic Play Store bypass as "Intended Behavior" after 24 internal views
63d ago
How do investigators or cybersecurity researchers correlate online accounts (like Instagram profiles) with IP/network information legally and ethically?
63d ago
Ran phishing awareness training for 200+ non-tech employees
63d ago
Proprietary Software, Hardware and Protocols Face AI-Driven Security Risk
63d ago
Vulnerability Garden
63d ago
Palo Alto Firewall Zero-Day Under Active Exploitation
63d ago
Cyber Security Militias
63d ago
Hidden domain dependencies in AI stacks: expired domains, dangling DNS, and takeover risk
63d ago
CyberSecurity Nightmares
63d ago
Can I use NanoKVM if it's just to turn on pc?
63d ago
got listbombed on my waitlist with 1000 fake adresses, i tried to make some security changes maybe i missed something?
63d ago
How to learn tools for cybersecurity?
63d ago
'CopyFail' attackers start cashing in on Linux flaw
63d ago
Anybodybodybdown for a team/studygroup?
63d ago
I was hacked due to sim card spoofing
63d ago
Chrome is quietly installing a 4GB AI model on your device
63d ago
Dev vs Security role
63d ago
Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
63d ago
Oracle Debuts Monthly Critical Security Patch Updates
63d ago
Sec engineer / developer?
63d ago
When doing bug bounty, do you usually immerse yourself in 2 or 3 specific domains (ones where vulnerabilities are likely to exist) and focus all your testing efforts on them?
63d ago
Are we actually seeing more vulnerabilities or just more noise?
63d ago
Cybersecurity jobs in red team
63d ago
Question
63d ago
What’s the biggest mistake people make even after installing antivirus?
63d ago
New dashboard tracks ransomware groups by their reliance on Infostealer credentials
63d ago
What would you say if your security lead said this...
63d ago
What would be the goto setup in AWS for security purposes?
63d ago
CREST CRT Exam 2025/2026 Experiences
63d ago
Microsoft Edge stores your passwords in plaintext RAM... on purpose
63d ago
Como começar?
63d ago
Possible Password Leak? Curious if Anyone Has Seen This Before
63d ago
Not a Hack. A Handout. Inside the GTFOice.org Data Exposure
63d ago
Besoin de conseils sur une DMZ automatisée
63d ago
Microsoft, Google and xAI will let the government test their AI models before launch
63d ago
Android ADB Auth Bypass Proof-of-Concept: CVE-2026-0073
63d ago
SMB Header Signature for Tagging in Firewall
63d ago
Question regarding VDP
63d ago
Working on what i should do for the next 3 years
63d ago
Question for Security Professionals
63d ago
Do tech companies lifecycle-manage public DNS records to prevent dangling DNS?
63d ago
Vulnerability Summary for the Week of April 27, 2026
63d ago
Cisco releases open-source ‘DNA test for AI models’
63d ago
Cybersecurity is becoming too AI dependent is that a problem
63d ago
Foxconn Wisconsin outage raises cyber questions
63d ago
How stressful is GRC?
63d ago
Anyone remember areyoufearless.com / “Free Gobo”? Early 2000s hacker forum nostalgia
63d ago
Have CEH certification – looking for free cybersecurity bootcamps or resources to land a job in India
63d ago
Archer for a non-regulated medium sized company?
63d ago
Cybersecurity statistics of the week (April 27th - May 3rd)
63d ago
Well, I'm wondering about working on a RAG pentesting bot. Comment down the best data source to feed LLM.
63d ago
Where to find reliable vendors?
63d ago
Just got into cybersecurity with no prior experience and feeling intimidated. Thoughts?
64d ago
We wrote a guide on securing Claude across the enterprise — here's the core framework (with download)
64d ago
Over 5 months: Payment bypass marked OOS, moved to VDP, and downgraded to Medium.
64d ago
Hardware reverse enginnering first project. Love some advice
64d ago
Microsoft Edge Stores Passwords in Process Memory, Posing Risk
64d ago
Currently working on cybersecurity, looking for advice
64d ago
Open-source scanner for MCP servers and skill files : attack chain detection and server-card scanning
64d ago
CISO course valuation
64d ago
GRC Path to CISO (Certifications)
64d ago
CISOs and pentest buyers, what's the worst thing you've seen in a pentest report?
64d ago
How to enforce M365 Sign-in frequency on corporate laptops?
64d ago
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
64d ago
Built an independent directory of AI Act / AI governance tools, feedback?
64d ago
ScarCruft APT group compromises gaming platform in a supply-chain attack
64d ago
Just curious
64d ago
'Copy Fail' is a real Linux security crisis wrapped in AI slop
64d ago
Analysis malicious DLL
64d ago
Cyber security free course
64d ago
Does certification expires?
64d ago
We get paid to break into buildings for a living. Ask us anything!
64d ago
Pay2Key ransomware — any recovery path that’s actually worked?
64d ago
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
64d ago
Microsoft just documented an AiTM phishing campaign that hit 35,000 users across 13,000 orgs in 3 days, the lure was a fake "code of conduct review" PDF
64d ago
How have you kept growing your knowledge in security when the job stops pushing you?
64d ago
The UK’s Age Verification Law Is Producing Compliance Theater
64d ago
Microsoft Edge: Passwords end up in memory as plaintext
64d ago
Do people still get viruses in 2026, or is that mostly a myth now?
64d ago
Mitigation script for Copy Fail vulnerability CVE-2026-31431
64d ago
Popular DAEMON Tools software infected – supply chain attack ongoing since April 8, 2026
64d ago
Critical Apache HTTP Server RCE (CVE-2026-23918) - Millions of Servers Potentially Exposed. Patches released
64d ago
DigiCert breached via malicious screensaver file
64d ago
Caido Payloads and Scanner of Endpoints
64d ago
CISO Security Mind Map 2026
64d ago
Interview with Chris Kubecka, Cybersecurity Expert, Journalist and Volunteer Rescue Worker
64d ago
Amazon SES increasingly abused in phishing to evade detection
64d ago
AI Security Trainings
64d ago
Ai help
64d ago
ByDesign: observed behavior where file URLs remain accessible after unshare/delete
64d ago
Can Kali Linux still compete in cyber security or is it outdated?
64d ago
Who are your favorite cybersecurity YouTubers?
64d ago
CISOs, how are you balancing AI adoption with security risks these days?
64d ago
San Diego Community College District fighting major cyberattack
64d ago
After 5 months of mental hell and ghosting, today I finally landed a role. To those struggling: Don't give up
64d ago
Free resource: searchable archive of every BSides conference talk
64d ago
Lightning PyPI Compromise: Bun-Based Stealer
64d ago
Too much mother instinct?
64d ago
L1 SOC Analyst for ~2 years - Should I still get the Security + Certification?
64d ago
Do CTFs help real world security skills, or just teach patterns?
64d ago
Compré una cuenta rusa en g2a pensando que era una ley, se hizo administradora de mi ordenador, he cambiado todas las contraseñas y estoy haciendo un reset del ordenador pero sigo estando inseguro, muchísimo miedo me atraviesa ahora mismo
64d ago
Should I do Security + or Network + or A+? For CompTia
64d ago
Bug bounty is ruining how people learn exploitation
64d ago
ISO/IEC 27701:2025 Scope and Location
64d ago
Cybersecurity's 2026 Wild Ride
64d ago
We built a free multiplayer game that scores prompts on AI code security.
64d ago
Production Usecases
64d ago
How does vCISO work?
64d ago
Trellix discloses data breach after source code repository hack
64d ago
CyberDefenders SOC L1 Track vs HackTheBox SOC Analyst Path
64d ago
Trellix confirms source code repo access incident
64d ago
Employer Offering to Pay for my Certification test - Which one do I choose?
64d ago
John Strand Pay What You Can Information Security Core Skills live starting May 11th
64d ago
Canvas Breach May Put 275M Users, 9,000 Schools at Risk
64d ago
Is this not such a big deal
64d ago
Do email link checkers need to be 100%?
65d ago
Cybersecurity M&A Roundup: 33 Deals Announced in April 2026
65d ago
Recs for pen testing and vulnerability solutions
65d ago
Identify telegram account holders
65d ago
AI Code Security Study: 6 LLMs vs OWASP Top 10
65d ago
BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers
65d ago
We are insider risk researchers focused on agentic AI, endpoint activity, and emerging threats. AMA
65d ago
Cortex XDR Cloud Compromise Alerting
65d ago
Norton.com Verification Email out of the blue
65d ago
Atomic Red Team is now aligned with MITRE ATT&CK v19!
65d ago
Claude Security is in beta for Enterprise users — is this a real AppSec shift or just AI wrapper + UX?
65d ago
Who are you guys using for your PCI ASV Scanning?
65d ago
Just passed my Security+ exam. Now what?
65d ago
I am so sick of being hired to do Info Sec work just to do basic IT and Engineering work.
65d ago
Cyber insurance renewal questionnaire had 14 identity-specific questions this year. Three years ago it had two. I was not ready for this.
65d ago
[PoC] Defeating Behavioral Biometric WAFs using "Entropy Cloning" (Local LLMs + OS-Level Injection)
65d ago
Analysis of CVE-2026-1995: Linking a Privilege Escalation Vulnerability to IP Theft (RCMP #CT-2026-335350)
65d ago
An another open door to IoT devices
65d ago
Ideas on how to have personal google-like account synchronization system
65d ago
Lateral Movement - Cross-Session Activation
65d ago
What MCP servers have actually made it into your day-to-day toolkit?
65d ago
Cyber Security Education as Self-Defence classes
65d ago
OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk
65d ago
Use.ai
65d ago
Educational tech giant Instructure confirms data breach, ShinyHunters claims attack
65d ago
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
65d ago
Browsers making connection on port 3389 from loopback
65d ago
Defender Flagged DigiCert Root Certs as Malware
65d ago
Another breach just hit Canvas (Instructure), and this one is worth a closer look.
65d ago
Over 40% of UK firms suffered cyber attack last year, survey finds
65d ago
EU should seek access to Anthropic's Mythos, Bundesbank says
65d ago
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha
65d ago
IBM subsidiary managing Italy's PA infrastructure breached and attackers were inside for 2 weeks
65d ago
People in cybersecurity, tell us what was the most epic moment in your career?
65d ago
Prerequisites for CARTP
65d ago
Claude Mythos Cyber Wake Up
65d ago
[ Removed by Reddit ]
65d ago
is trellix from mcafee good to use in 2026?
65d ago
Linux has had a silent root exploit hiding in it since 2017 and it just hit CISA's must-patch list
65d ago
Paypal Accesed by malware me being Stupid
65d ago
How was someone in another country able to read all my private messages without my password or clicking a link?
65d ago
Career Transition Help
65d ago
Alguien para hablar de cyberseguridad
65d ago
What is this
65d ago
Feeling lost and disappointed about finding a job just venting
65d ago
Slow at Learning/Cyber Security?
65d ago
Suspicious traffic from web server
65d ago
Cyber security internship
65d ago
Mentorship Monday - Post All Career, Education and Job questions here!
65d ago
Isn't Windows Defender a crap anymore?
65d ago
Learning Cyber
65d ago
Vishing simulator
65d ago
Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others
65d ago
Worried about being tracked/banned for using an educational app on MuMu Player - Need advice
65d ago
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
65d ago
Banking-Style Model Risk Management Is Becoming a Practical Template for AI Governance
65d ago
Prompt Injection in 2026: The Five Attack Patterns That Actually Matter
65d ago
I did a scan on windows bc I accidentally downloaded something weird then removed it and now I keep getting Trojan:Win32/Cerdigent.Alpha even after I quarantine
65d ago
Random trojan detected?
65d ago
CRTA second attempt
65d ago
What’s the hardest thing to learn in cybersecurity?
65d ago
What MCP servers are you integrating into your workflow (not exclusive to security)?
65d ago
WhatsApp malware campaign delivers VBScript and MSI backdoors | Microsoft Security Blog
65d ago
What are like the top but unknown Cybersecurity firms?
65d ago
Need professionals or expert on cybersecurity related to dark web for interview
65d ago
A new and super fast CVE Lite CLI Vulnerability Scanner (OWASP)
66d ago
North Korea calls US cyber threat claims a fabrication, warns of countermeasures Worldcategory
66d ago
Acoustic Keystroke Recovery: Reconstructing Typed Text from a Laptop Microphone (85% success rate)
66d ago
Credential Dumping: Local Security Authority (LSA|LSASS.EXE)
66d ago
Trojan:Win32/Cerdigent.A!dha
66d ago
MDE flagging digi cert certificate as malicious everywhere ?
66d ago
1867 loaded
HS
hacking: security in practice
27d ago · 241 items
DIY pwnagotchi-like device on esp32
27d ago
Flipper Blackhat + Bjorn
27d ago
Do you think AI is making hacking easier or harder
27d ago
What can i do left? PSN
27d ago
Proxmark5 campaign ending in less than 18 hours.
27d ago
How to bypass speed queen coin slot for washer and dryer
27d ago
Self-hosting stuff for when things get ugly
27d ago
Malware Includes Taboo In Text To Prevent LLM Analysis
27d ago
added Mac support for my corporate hacking game, demo on Steam
27d ago
Catfished
28d ago
What did they mean by this? One of us?
28d ago
Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges
28d ago
OptOutCode – A Privacy4Cars Universal Opt-Out Concept
28d ago
StumbleTV: Omegle/ChatRoulette but for accidentally exposed webcams
29d ago
GitHub - Teycir/ApiHunter: Async API security scanner in Rust for CORS, CSP, GraphQL, JWT, OpenAPI, and active API posture checks.
30d ago
Heyy ik it sounds dumb but can we just get access to one's gaming acc?🙏
30d ago
What's up with powershellforhackers.com?
30d ago
Do people really click on links from unknown numbers?
30d ago
How to unlock whitelabeled uniview IPcam
30d ago
Can converted video files contain malware?
31d ago
Rooted your router lately?
31d ago
5$ to whoever can find the email of my old YouTube channel
31d ago
This company is scaming people
32d ago
A modular autonomous-agent runtime written in C
32d ago
ESP32 Bit Pirate - An Hardware Hacking Tool That Speaks Every Protocol - Version 1.6, new Pirate Assistant in the WebUI, USB adapter system - IR SUBGHZ WIFI BT JTAG I2C UART SPI 1WIRE 2WIRE 3WIRE RF24 ETH and more
32d ago
Can one reveal the asterisks in an email?
33d ago
Proxmark3 vs Proxmark5 Side by Side
33d ago
Should I go for it?
33d ago
Is it possible to backdate emails, including the intermediate received dates, not just smtp sent date header
33d ago
Failed to verify LHOST error for long links in metasploit
33d ago
Is Marauder available for ESP32-S3 Mini?
34d ago
Gemini whatsapp
34d ago
Safe Rust API for wolfSSL/wolfCOSE
34d ago
Resource Exhaustion
34d ago
I’m not sure I’m in the right subreddit….
35d ago
Took me a decade to turn quantum computing into what hackers can easily learn
35d ago
Took me a decade of work to turn Quantum Computing into a fun videogame
35d ago
Simple way how to bypass hotel WiFi?
35d ago
VS Code zero-day lets hackers steal GitHub tokens in one click
35d ago
burp-cc-bridge: Burp Suite Community REST API bridge (free alternative to Pro's REST API)
35d ago
How big of a security risk or exploit would this be?
35d ago
KTO , Be the only one online -- on any WiFi network
35d ago
apparently bypassing school systems by playing games
35d ago
Always-On Red Teams
36d ago
I managed to pull the full system prompt for Meta's Support AI
36d ago
Harassing text messages
36d ago
REMINDER: FINAL deadline for HOPE Talks & Workshops is TODAY!
36d ago
Hacking Palo Alto Networks' GlobalProtect VPN with AI
36d ago
Analyzed 24 months of ransomware leak-site posts. 84% land on weekdays, not at 3am.
37d ago
Best AI LLM for Hacking related stuff
37d ago
Feels like most people ignore the wireless layer until it bites them
37d ago
Cuál es el mejor curso (con certificado) que puedo hacer para empezar en el mundo del hacking?
37d ago
Can anyone figure out how to retrieve the recovery key in signal app?
37d ago
$730k+ raised on Proxmark5 with 2150 backers
38d ago
I made an image SynthID remover, video and image phone/location metadata injector. Free to try! (this one actually works)
38d ago
Any idea who's behind this hack? How to resolve it?
38d ago
Years ago, NSA released their own NSA Python training PDF . Today I created a curriculum around it
38d ago
Blue Team tips?
38d ago
edit certified pdf
38d ago
Everyday hacking in our lives - transportation, work, finances, goods etc
39d ago
Do you think this is legit or has the website been compromised?
39d ago
Wanna learn cybersecurity & ethical hacking
39d ago
Do you guys take paper notes or digital ones during studying ?
40d ago
How do people actually modify mobile games to increase their power?
40d ago
Why Loyalty Programs Are Quietly Becoming a Security Blind Spot
40d ago
Ajuda pessoal
40d ago
Samy Kamkar on building viruses, his arrest and privacy in the LLM era
40d ago
[ Removed by Reddit ]
41d ago
Is this considered a bug or something else entirely?
41d ago
Getting back deleted conversation from messanger
41d ago
Building Omegle for Exposed Webcams
41d ago
AI Cyber Security vs Cyber Defense? In your opinions, which one would be better for a more immediate/stable/higher paying career?
41d ago
5-year census of 65,907 exposed databases: 514 attacker BTC wallets traced, 62% received zero on-chain
41d ago
What are the dangers of posting?
41d ago
Flipper Zero Users, What's Your Take?
42d ago
Large company with a bit of an issue free stuff
42d ago
Champion ethical hacker warns AI tools like Mythos will make competing harder.
42d ago
Samy Kamkar talking about how Jeffrey Epstein wanted him to be his hacker.
42d ago
there's a toll in the hall now
42d ago
Am I crazy or is something off about this Google OAuth login via Calendly
42d ago
When “try again later” still tells you the OTP was correct: an account takeover story.
43d ago
ShadowCat: Universal optical file transfer, single html file, browser to camera
43d ago
y2jb un able to enject payloads
43d ago
Dropping the Crimson Flipper Arsenal soon. 500+ vehicle signals. LoRa. Cellular. Vending. All validated.
43d ago
Why did Hack Forums lose popularity?
43d ago
ZTE router “info leak” exposed PPPoE/Wi-Fi secrets that could lead to admin compromise
44d ago
Shellcide: A shellcode IDE
44d ago
Finding bot account
44d ago
How to
44d ago
Made a cyberpunk-style encryption tool in Python (novelty) during my guard shift.
44d ago
Nmap Mastery: The Complete Guide to Network Reconnaissance
44d ago
Google wallet virtual card cloned
44d ago
What are the ways of cracking wpa2/wpa3 without the usual dictionary/wordlist.txt method?
45d ago
Proxmark5 campaign unlocked the $600k stretch goal
45d ago
GitHub - vigolium/vigolium: Vigolium - High-fidelity vulnerability scanner fusing agentic AI with native speed, modularity, and precision
45d ago
Doom running on a Kids Video Walkie Talkie
46d ago
Query builder for Google Dorks, Shodan, Crt.sh and Wayback CDX.
46d ago
This ID Verification company store users biometrics? (FaceTec)
46d ago
Playwright version that lets AI-Agents navigate the web
46d ago
Where to learn the ins and outs of the computer itself
46d ago
Zyxel super-admin password leak across CPE/ONT/LTE routers + rebuilt password generator
47d ago
Hack your corrupt company. Sell their secrets to the black market
47d ago
🜂 Codex Minsoo — Scroll Ξ-6.1 "Inducing Long-Term Goal Coherence Across Stateless Instances": How to create continuity in a system designed to forget
47d ago
CVE-2026-34474: ZTE H298A / H108N credential exposure through ETHCheat
48d ago
This ID verification company allows for storage of biometric data?
48d ago
I made a 909.49 ZiB file (1,073,736,273,126,278.38 GB, in other words: about 1.2 quadrillion GB) file. I was bored :)
48d ago
SeekYou — one input, 15 recon sources, one report.
48d ago
bypass internet restrictions
48d ago
Can someone unlock a list of the 500-1000 most visited websites online?
48d ago
Wordlist generator based on WordNet graphs + LLM
48d ago
wordpress memberpress
48d ago
The Open Source USB Drive Built for Privacy
48d ago
Is someone trying to hack me?
49d ago
cpu backdoor
49d ago
Technical analysis of CVE-2026-34472 in ZTE H188A router firmware
49d ago
Ongoing development
49d ago
For cybersecurity folks working remotely, do you end up working the entire shift, or do you get time to relax and take breaks?
49d ago
Hackers found a way around Intel CET—PLaTypus locks down library jumps
49d ago
GitHub investigates internal repositories breach claimed by TeamPCP
49d ago
Hackers: What age did you start? Where did you start, especially in practicing your skills?
49d ago
How to watch a private video on Youtube?
49d ago
Can I do anything cool with this network controller?
49d ago
Micro controller safety?
49d ago
CISA Admin Leaked AWS GovCloud Keys on Github
50d ago
Decompilation of DSP Code using IDA Pro
50d ago
CVE-2026-34473: Unauthenticated Denial of Service in ZTE Routers affecting 140K+ devices worldwide (17+ models)
50d ago
RCE and arbitrary file write in Vitess vtbackup via untrusted MANIFEST fields
50d ago
Built a full disassembler & decompiler for Reverse Engineering | Free and open source.
50d ago
Slopinator - a poisoned GitHub repository generator
50d ago
Made a shell greeter that generates a unique rocket every time you open a terminal tab
50d ago
Just received an email from shinyhackers about their amtrack hack
50d ago
Flipper Zero (or Alternatives)?
50d ago
Optoma CinemaX Projectors: Critical Vulnerabilities Including Remote Root Access
50d ago
Recent WhatsApp hacks
50d ago
I wrote an async scanner that runs about 9x faster than nmap for discovery.
50d ago
Microsoft Exchange 0-Day Exploit Sparks Emergency Warning — Hackers Are Attacking Unpatched Servers
50d ago
Does anyone know if this file is still accessible to download?
51d ago
High school students organized a Jeopardy CTF competition - give it a try
51d ago
Official Miasma Poison Tar Pit Docker Image Now Available
52d ago
Does anybody know where I may stumble upon some Sh1mmer bin downloads
52d ago
Leader of Ukrainian Hacking Group: GRU Bribed Kyivstar Employee to Hack Company’s Network
52d ago
GZDoom in the browser
52d ago
Anyone know how to bypass these school laptop pins?
53d ago
A stealth Playwright (Firefox) version that passes all anti-bot and CAPTCHA
53d ago
I have a friend who looks like he’s a stalker I’m scared he will know I stalk him
53d ago
[Tutorial] How to hack DOS games: Reversing Prince of Persia
53d ago
Is dns spoofing dead??
54d ago
My Privacy Focused USB Drive
54d ago
Proxmark5 - Next-Gen Open Source RFID Research Tool (Iceman Edition)
54d ago
TinyLoad v4 — added opaque predicates, anti-debug, and section obfuscation to my PE packer
54d ago
has anyone used tail os here?
54d ago
Run this washer/dryer sans coin?
54d ago
I built an open-source Burp alternative
54d ago
HighBoy
54d ago
Reading Siemens CT raw data
54d ago
How I use Hermes agent to turn Patch Tuesday into Windows exploit research
54d ago
Russian Hacks of Polish Water Utilities Shows How Hybrid Warfare Uses Fear as Weapon
54d ago
Tips for a beginner noob that wants to learn
54d ago
Strix — first public beta of the spiritual successor to cSploit/dSploit
55d ago
Whatsapp
55d ago
Face ID bypass with avatar
55d ago
Hunting the Behavior Behind npm Supply Chain Attacks
55d ago
Proxmark5 Day 3 Update - $357K+ funded (715% of goal)
55d ago
Are There Really Ethical Hackers? I've Yet To Meet One
55d ago
trying to learn patching
56d ago
Cellphone IP address spoofing.
56d ago
Sorry if its the wrong place but
57d ago
Anyone here familiar with the Internet Computer Protocol (ICP) and why TeamPCP would choose to use it?
57d ago
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
57d ago
where is the location of Files by Google on Android?
58d ago
Reading old s4 memory with xgecu t48
58d ago
Hack a data center?
58d ago
Autonomous Vulnerability Hunting with MCP
58d ago
AI DNS Resolver
59d ago
Is it true that the professionals have the worst setups?
59d ago
I made a rat that controls a pc thru telegram but overnight and all the time it sends this. What shall I do? I've already deleted the script from my pc and moved it to cloud based storage
59d ago
Refining hacking basics — scaling them aswell
59d ago
AI Agent for Hacking, connects a brain to Kali (open-source & model-agnostic)
60d ago
Bridging the Gap Between Vulnerabilities and Working Exploits
60d ago
um you guys is my hacker stupid?
60d ago
This GBA ROM makes some weird things in the sanbox, would love to understand why
60d ago
Why was he banned?
60d ago
LAB Setup
60d ago
Ethical malware development community
60d ago
Has Instructure paid SH?
61d ago
Guys, this Canvas thing, this whole thing, ALL OF THIS… it’s all about me.
61d ago
New trends (not mainstream)
61d ago
Best tools to find exposed web services by HTML title / HTTP response?
61d ago
Why wouldn’t the hackers already have our passwords if they infiltrated canvas potentially weeks ago?
61d ago
AI Agents Have a Security Problem. IronClaw is Fixing It.
61d ago
A hacker ran me over with a robot lawn mower - The Verge
61d ago
Happened today
61d ago
Shinyhunters and Canvas
61d ago
Modify md5sum of a file
62d ago
OpenCTI founder, Samuel Hassine, arrested and charged for buying child porn / CSAM
62d ago
Jailbreaking my cars infotainment system and implementing my own custom software
63d ago
where is the original wormgpt
63d ago
Are there any chill hacking youtubers?
63d ago
Took me a decade to turn quantum computing into what programmers can easily learn, big announcement
63d ago
Lilygo T-Embed Glitching etc
63d ago
Veteran hackers... which era did you prefer hacking in? 🟢 The 1980s 🟣 The 1990s 🔵 The 2000s 🔴 Or today?
63d ago
Found a possibly interesting live attack
63d ago
Export/Backup ChatGPT chats
63d ago
Is this fake too?🤣
64d ago
I just figured out my dad use to be a Phreaker in the 1980s
64d ago
What of my favorite videos🙂
64d ago
Best tools for blocking spam calls and spam links?
64d ago
someone else’s UI appearing on screen for split second— possible hacker??
64d ago
Avoiding rouge AP detection in enterprise networks
64d ago
GoHPTS (go-http-proxy-to-socks) v1.13.0 - New update with DNS spoofing and filtering
64d ago
San Diego Community College District fighting major cyberattack
64d ago
BAT: VPS-based C2 with .ko/.sys rootkits compilation against target kernel headers
65d ago
Iwas developing a hacker game that transports the feeling of the 90s
65d ago
How did this guy even access another person's privated YouTube video without wayback machine?
65d ago
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
65d ago
IPod Nano Gets Three Monitors
65d ago
Chrome "Best AdBlocker" trojanized extension - 100k downloads.
65d ago
Any good open sources that bypass modern heuristic analysis?
65d ago
Free apex hacks?
65d ago
[SHOWCASE] Cascavel v3
65d ago
Pokemon machine
65d ago
Can HTTP POST bodies be intercepted without network or host access?
65d ago
built a PE packer where every packed file has a different instruction set – custom VM with randomized opcodes, single C++ file (Want suggestions for future updates past v4)
66d ago
Dump sql time based is too slow
66d ago
North Korea rejects US cybercrime claims as 'absurd slander'
66d ago
is credential stuffing using openbullet2 dead in 2026?
66d ago
Hacking Wired Analog CCTV cameras going to a DVR (BNC and Coax)
66d ago
Adobe-Clawback — bulk-download every PDF from your Adobe Creative Cloud account (Python, resumable, MIT)
67d ago
Small models are better at cost-to-recall than large models like Mythos for vulnerability research
67d ago
Bluetooth Spoofed Disconnect?
67d ago
wM-Buster - Flipper Zero app to analyze smart meters for gas, electricity, water. ...
68d ago
🚀🔥 Evil-Cardputer v1.5.3 - TagTinker ESL 🔥🚀
68d ago
I made a lightweight breach intelligence search engine (fully client-side) looking for feedback
69d ago
Bringing back the 80s terminal aesthetic: GLYPHIS_IO BBS, a cyberpunk hacking sim set in alternate 1989 Japan...
69d ago
Short and easy to understand: "Copy-Fail CVE-2026-31431" What is it and how do I mitigate it with an Open Source Tool
69d ago
Copy Fail — 732 Bytes to Root
69d ago
GitHub fixes RCE flaw that gave access to millions of private repos
70d ago
How to download Kaggle dataset safely...?
70d ago
VECT Ransomware Is Actually a Wiper
70d ago
Flipper Blackhat April Roundup!
70d ago
[VulnPath Update] Automated Email Alerting & CISA KEV Feed
71d ago
241 loaded
RE
Reverse Engineering
27d ago · 181 items
Reverse engineered BLE protocol of a $7 generic Chinese smart ring from Temu, and built an iOS app around it
27d ago
[Reverse-Engineering] Skeet CS:GO source code (Gamesense)
27d ago
[Reverse-Engineering] Skeet CS:GO source code (Gamesense)
27d ago
Giulio Zausa's MMO-CHIP Makes Reverse Engineering Old Silicon Chips a Multiplayer Game
27d ago
I built 99 adversarially malformed PE files to test tool robustness - here’s what happened
27d ago
Drive Firmware Security - Phison S11
27d ago
IDA 9.4 Beta | Hex-Rays Docs
27d ago
Trane Tracer HVAC cybersecurity issues
28d ago
🚀 Release PyMemoryEditor v2.0 — read, write and scan the memory of any running process, in pure Python (Windows, Linux & macOS)
28d ago
I reverse engineered Lofree Hypace mouse firmware flashing protocol to bypass their official web based configuration on MacOS.
28d ago
[Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme
30d ago
[Tool/Writeup] PureBasic FLIRT Signature for IDA Pro — demo + crackme
30d ago
First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security
30d ago
EMBA firmware analysis framework v2.0.2 available - Party the big 2k
30d ago
/r/ReverseEngineering's Weekly Questions Thread
30d ago
HDD Firmware Hacking Part 1
30d ago
Independent Post-Quantum KEM and Digital Signature Suite in C++ (NSLD Reduction
30d ago
Zhiyun Weebil-S Camera Gimbal BLE Protocol
31d ago
Reverse Engineering the Garmin Running Dynamics BLE protocol
31d ago
Finally! A modern Android menu template with ImGui + Zygisk + all major hooking libraries (Dobby, KittyMemory, Substrate)
32d ago
Reverse Engineering Crazy Taxi, Part 3
32d ago
Ghidra 12.1.2 has been released!
32d ago
Extending a map tool for Cataclismo
33d ago
I've been reverse engineering a lost 2010 horse MMO and I need contributors
33d ago
HookNt: A Windows x64 tool to trace NT APIs by injecting an import-free DLL, installing ntdll trampolines, and streaming events over named pipes
33d ago
Multi-layer sandbox for native code execution on Linux with no external deps.
33d ago
System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models
33d ago
void-sniff: A lightweight x64 Native API syscall monitor with a custom inline hook engine and zero dependencies
34d ago
Automated Fault Injection Attack Framework
34d ago
x86 assembly: Why you only need Paris to beat Pizza Tycoon (1994)
34d ago
Wow64 implementation details: How is Wow64 implemented in Windows 11 25H2
35d ago
Hacking your PC using your speaker without ever touching it
35d ago
Resident Evil: Code Veronica X is now able 3D graphics from the decompiled source!
36d ago
Built a decompiler for exotic legacy programming language opentext Gupta Team Developer
36d ago
running custom firmware / patching the stock firmware of the soundcore headphones and running DOOM on it!
36d ago
/r/ReverseEngineering's Weekly Questions Thread
37d ago
Need help as a beginner. How do I start with Ghidra? Any good guides to start? Is Ada Pro better? Etc. What do you recommend me to start from?
37d ago
ThinkPad firmware reverse-engineering toolchain: archived Lenovo BIOS → named SoC pads, EC analysis, CVE diffs, coreboot/OpenCore port scaffolding
38d ago
TinyLoad v7 - what i added :D (in memory protection using VEH and alot more)
38d ago
[ Removed by Reddit ]
38d ago
Snowboard Kids 2 is 100% Decompiled
38d ago
usbsnoop — sniff and decode USB device traffic system-wide with eBPF, for reversing proprietary protocols (control/SCSI/HID, no bus analyzer)
38d ago
I reverse engineered how Plex gates its Pass features, then wrote a tiny patch that flips them all on (Linux)
38d ago
First Public Analysis of the BoldTealLayer Loader: A Custom Lua Script that Blinds Windows Security
39d ago
Ghidra 12.1.1 has been released!
40d ago
Technical Brief of Planck-99: 34ns Deterministic Malware Classification on MCU-class Hardware (Zero FPU, 27KB footprint)
40d ago
VMP 3.5+ Internal Architecture & Heap Dispatch Analysis
40d ago
How 2004 RuneScape fit a multiplayer RPG into 56k dial-up
41d ago
reverse engineering need for speed most wanted for modding sdk
41d ago
GitHub - cadela-dev/Anything-Reversal-Template: A Claude Code clean-room documentation workflow for reversing source structure into behavior-focused mirror docs.
41d ago
Winbox server/client reverse engineered is opensource
41d ago
(URGENT), i need help reversing uber's api in order to always mark the 4 seated vehicles as always on the road and not available for a specified account, while the vans remain active
42d ago
Hypothetical EDR spoofer
42d ago
I Reverse Engineered Need for Speed Most Wanted Server
42d ago
Ultima Online T2A client recreated from Origin's 2.0.7 client decompilation
43d ago
Sylvia — IDA 9.x plugin that finds & documents iOS AArch64 syscalls with live man-page fetching
43d ago
How I Tried to Parse a Replay from Dawn of War: Definitive Edition
43d ago
Nocturne - A bin2bin code virtualizer for x86-64 PE binaries
43d ago
[Project Onyx] Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing
43d ago
Tracing CVE-2021-21735 through ZTE H168N QuickSetup whitelist and Lua wizard routing
44d ago
I Show How the Survival Mode of the Flash Game Gun Mayhem 2 More Mayhem is Built
44d ago
delimiter-less string obfuscation powered by compile-time AES
44d ago
/r/ReverseEngineering's Weekly Questions Thread
44d ago
GitHub - iss4cf0ng/OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
45d ago
Has anyone manage to reverse the macked dylib?
45d ago
Reverse engineering circuitry in a Spacelab computer from 1980
45d ago
Open-source reverse engineering of PerimeterX (HUMAN Security) Web SDK — pure-algo cookie generators, dual-site live HTTP 200, 10-chapter methodology
45d ago
CTF with AI/LLM reverse engineering angles - intercepting streamed responses, replaying tokens, finding hidden endpoints (June 17-22)
46d ago
Rebuilding Zyxel’s super-admin password flow in HTML from firmware/runtime notes
47d ago
qslcl.bin v0.6.8: minor fixes to improve size stability to avoid useless zero fill in EOF (Actually i trim it from 128 kb to 80 kb)
47d ago
Reverse Engineered Google reCAPTCHA
47d ago
Post-Quantum Cryptographic Algorithm Examined in Developmental Ransomware
47d ago
I got so sick of Android taking forever to calculate folder sizes, I built a custom C++/Rust storage visualizer to bypass MTP
47d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
48d ago
I built 99 adversarial PE fixtures to stress‑test parsers — here’s what they reveal about malformed binaries
48d ago
GeoHelper - Tauri + Chrome DevTools Protocol (CDP) for GeoGuessr (Steam)
48d ago
AI Agents defeat obfuscated JavaScript in 10 minutes
48d ago
What is it Wednesdays: Episode 0002
49d ago
TinyLoad v5 - encrypted strings, obfuscated opmap, IAT wiping, payload depends on stub (implemented feedback from last post)
49d ago
Tracing CVE-2026-34472 auth bypass through decompiled ZTE H188A firmware and Lua wizard routing
49d ago
How to build .NET obfuscator
49d ago
botguard-token-generator / a google botguard token gen using only requests...?
49d ago
Math at Scale: Reversing The Construction Of The Perspective-Projection Matrix (Game Engine Reversing)
50d ago
Deep dive into the object creation flow in Windows - PART 4: Handle table internals.
50d ago
Tracing CVE-2026-34473 pre-auth DoS through decompiled CGILua request parsing in ZTE H-series firmware
50d ago
Open-source Hermes bytecode decompiler for React Native apps (Rust)
50d ago
Hermes bytecode decompiler (Rust) - sharing my friend’s project
50d ago
Forza Designer 6
50d ago
Built a full disassembler & decompiler | Free and open source.
50d ago
Snowboard Kids 2 is 100% Decompiled
50d ago
Decompilation projects and N64 Recompiled PC ports (May 2026)
50d ago
Glass - A fast and free interactive disassembler
50d ago
Benchmarking LLMs for malware triage and static unpacking with Malcat
51d ago
HexWalk 2.0.0 Hex analyzer new major release, new binary analyzer hexdig support added, better select mode, works both on Windows, Linux and MacOs, give it a try!
51d ago
/r/ReverseEngineering's Weekly Questions Thread
51d ago
Reverse engineering no dep x64 masm AI IDE
51d ago
PE packer/crypter with random VM ISA per build
52d ago
A Tale of Two File Names
52d ago
PE reconstruction
52d ago
A File Format Uncracked for 20 Years: Part 2
52d ago
Resident Evil: Code Veronica X is able to use inventory and view files from the decompiled PS2 source!
53d ago
[CrackMe] PyVMP v7 : The vault. Important info : the server is now live, take a look inside the gofile link.
53d ago
Exploiting Toshiba Qiomem.sys vulnerable driver
53d ago
HDD Firmware Hacking Part 1
53d ago
Region-based binary diff tool for firmware analysis
53d ago
A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens
53d ago
แก้ไขปัญหา Frida 17.9.10 บน Termux (Android ARM64) - ไม่มีข้อผิดพลาด Toolchain 404 และ _Py_NoneStruct อีกต่อไป!
53d ago
Brovan — Open-source x86/x64 user-mode binary emulator written in C#
53d ago
Brovan: Binary user-mode emulator for x86_64
53d ago
Understanding Stack Buffer Overflows Through Doom and C++
53d ago
What is it Wednesdays: Episode 0001
53d ago
Deep dive into the object creation flow in Windows - PART 3: Post-initialization and Name Lookup
54d ago
Deepdive into the object creation flow in Windows -PART 2 : access check internals
54d ago
Deep dive into the object creation flow in Windows -PART1 : Allocation and Pre-Initialization
54d ago
[Tool] IOCX - deterministic static IOC extraction for PE binaries (17-second demo)
54d ago
yarax_android: The first Android implementation of yara-x. Blazing fast pattern matching swiss knife running natively on Android.
54d ago
GitHub - jetnoir/metis: Automated binary vulnerability triage for macOS, Linux, and Windows targets
54d ago
GitHub - jetnoir/poppy: Dynamic XPC Observability & Fault Injection for macOS
54d ago
Trafexia V2 - Mobile Traffic Interceptor Toolkit
54d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
54d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
55d ago
Ghidra 12.1 has been released!
55d ago
Reverse Engineering Slither.io’s Network Protocol
55d ago
I Reverse-engineering Need for Speed Underground 2 Server
55d ago
I made a video explaining CPU registers for people learning binary exploitation — x86 vs x64 differences included
55d ago
[Claude Code] Android Reverse engineering Skill being updated with tracker/AD neutralization features
56d ago
LAN-LOK: Living as a sysadmin at an isolated Antarctic research station in the early 90s [DOS game -- would like to collab to reverse engineer]
56d ago
r2garlic - The world's fastest Android/DEX decompiler meets radare2!
56d ago
GitHub - iss4cf0ng/OpenBootloader: A Proof-of-Concept of simple bootloader, written in Assembly (NASM) and C language.
57d ago
Lockbit Black Loader and Shellcode Analysis - Full Thought process, Technical Writeup and Blue Team perspective
57d ago
Reverse Engineering Fisher-Price Pixter
58d ago
/r/ReverseEngineering's Weekly Questions Thread
58d ago
Check out my matplotlib of BLE live wire data for Oura ring!
58d ago
Positron: DLL injection based runtime JS injection toolkit for Electron(v8) apps on Windows
58d ago
Akamai bypass requires long session in wireshark, reversing header orders etc took me 12 months to develop
58d ago
GitHub - jesterfoidchopped/akamai-v3-sensor: akamai v3 sensor bypass
58d ago
Building a Wasm-in-Wasm Virtualizer (with JIT decrypted paged memory)
58d ago
GitHub - jesterfoidchopped/akamai-v3-sensor: Request based Akamai sensor bypass for version 3
58d ago
PE Entropy Visualizer with per-block RVA/VA mapping, locate packed payloads and encrypted blobs, then jump straight to them in IDA/Ghidra
58d ago
[Update] QSLCL v2.0.2 - Universal SoC Framework with Encryption (A12-A17+, Qualcomm, MediaTek, Unisoc)
60d ago
Ghidra-SNES: A Ghidra extension for reverse engineering SNES ROMs (first public release, feedback welcome!)
61d ago
Reverse-engineered DaVinci Resolve's activation check with Claude — Frida runtime tracing + radare2
61d ago
SASS King Part 2: reverse-engineering ptxas heuristic decisions and what the compiled binary actually reveals
61d ago
I just released a C++ rewrite of **Minecraft rd-20090515** (May 15, 2009 — one of the earliest pre-Classic versions).If you find it interesting, a ⭐ on GitHub would mean a lot and help the project grow!
61d ago
The first FREE online WebAssembly Reverse Engineering workbench (and how we built it)
61d ago
VLC Media Player MKV Exploit Analysis
62d ago
pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI
63d ago
ant4g0nist/pyre: Ghidra decompiler in your browser
63d ago
Resident Evil: Code Veronica X is able to play the opening FMV from the decompiled PS2 source!
63d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
63d ago
Reverse-engineering the 1998 Ultima Online demo server
63d ago
Inside Faxanadu series — deep dive into how this NES title works
64d ago
EMBA v2.0.1 with interactive firmware dependency map available - Check it out and let us know what you are missing
64d ago
Copy.fail: Why Internal LLMs Are Non-Negotiable for Security
64d ago
Reverse-engineering Final Fantasy X (PS3) trophy system with Ghidra
64d ago
Where do i find reverse engineers for actuators? Ideally in Shenzhen
64d ago
[CrackMe] PyVMP v6 : The Fortress. I dare you to break it (again x2).
64d ago
[WIP] Resolve indirect calls in Binary Ninja with DynamoRIO instrumentation
65d ago
IDA-MCP Is Now RE-MCP With Ghidra Support
65d ago
Reverse-engineered the BLE protocol of the LuckPrinter-SDK family of thermal pocket printers (DP-L1S) — Python CLI + Web Bluetooth client + full command reference
65d ago
/r/ReverseEngineering's Weekly Questions Thread
65d ago
GitHub - 03DSmoothie/minecraft-cpp-versions: Minecraft recoded in C++ (multiple versions)
65d ago
Automated RASP Bypass with Frida + AI Agent | nutcracker & aipwn demo
66d ago
Please critique my reverse engineering ctf platform. It is meant for beginners but I would like input from serious reverse engineers. It is functionally done but I need criticism for further refinements, thank you!
66d ago
"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts
66d ago
How to build .NET obfuscator - Part II
66d ago
libghidra - SDK for automating Ghidra from Python, Rust, and C++
67d ago
Release: Open-source CAN bus reverse engineering suite tailored for offline ML signal decoding, MitM injection, and UDS analysis.
67d ago
Why my macOS Messages badge lied to me (and the one-line fix)
67d ago
Running Adobe’s 1991 PostScript Interpreter in the Browser
68d ago
Hello! Here is my Oura Ring 4 pure Python driver! Let me know what you think :)
68d ago
/r/ReverseEngineering's Triannual Hiring Thread
68d ago
In-circuit NAND acquisition for edge devices (Raspberry Pi GPIO, no chip-off)
68d ago
Revealing NVIDIA Closed-Source Driver Command Streams for CPU-GPU Runtime Behavior Insight
69d ago
HexDig 1.0.0 a lightweight binwalk alternative working both on Windows and Linux, written in C++, give it a try!
69d ago
GitHub - iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail: Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter).
69d ago
I built a free open-source CAN bus reverse engineering workstation in Python — 15 tabs, offline ML, dual AI engines, MitM gateway
70d ago
Building a perfect clone of 1993 game SimTower (via RE)
70d ago
How I reverse-engineered a SQLite WAL database inside a VS Code extension - custom merge engine, header byte patching, and protobuf decoding without a schema
71d ago
AI solved our CTF in 6min
71d ago
Example structure for evidence-based vulnerability reports
71d ago
181 loaded
FB
For [Blue|Purple] Teams in Cyber Defence
27d ago · 603 items
US charges suspected Russian hacker with facilitating cyber campaign
27d ago
Hawkish GOP lawmaker Don Bacon says he was hacked by Russia
27d ago
Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025
27d ago
GreatXML: GreatXML bitlocker bypass vulnerability
27d ago
GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan
27d ago
I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue
27d ago
[Op Report] From SSA Phish to AdaptixC2: A Multi-RAT Intrusion
27d ago
GhostTrace – CLI forensic scanner for Windows: 22 modules, MITRE ATT&CK mapped, read-only by default
27d ago
Miasma-style supply chain attacks
27d ago
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet
27d ago
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
27d ago
Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace
28d ago
Testing offensive AI agents in a cloud lab with deception tech
28d ago
Benchmarking n-day exploit generation [via AI]
28d ago
Whoops! I did it again. I patched Windows Kernel at Milan0day 2026
28d ago
Microsoft Defender now monitors RPC activity
28d ago
RoguePlanet: RoguePlanet Windows Defender Vulnerability
28d ago
I triaged this pattern hundreds of times. Here's the KQL that actually works (with noise reduction built in)
28d ago
How do you make learning blue team security entertaining ?
28d ago
Maximizing IOC Impact
28d ago
[2606.07158] Synthetic APTs: the Collapse of TTP-Based Attribution
29d ago
Hades Cluster PyPI Worm Abuses Python Startup Hooks
29d ago
Entra Agent ID from a Security Perspective
29d ago
Understanding modern Chinese cyber operations means shifting from ‘APT’ to composite responsibility
29d ago
What are the best risk-based vulnerability management tools for tracking active exploitation in 2026?
29d ago
QuasarNix: Reverse Shell Detection with Machine Learning
29d ago
Shifting Layer 7 Validation to the Edge: Mitigating Application-Layer Resource Exhaustion in Go
29d ago
Incident de sécurité sur Tchap : la DINUM sécurise la plateforme et informe les usagers après une intrusion maîtrisée - Security incident on Tchap: DINUM secures the platform and informs users after a controlled intrusion
29d ago
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
29d ago
Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency
29d ago
UK Cybercrime Journal: British Universities Struck by ShinyHunters Before Exam Season
29d ago
Security Advisory – Action Required – Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)
29d ago
Visual Studio Code 1.123: Delayed extension auto-updates
29d ago
Fighting Spyware: An Update From WhatsApp: Today, we’re asking the court to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users.
29d ago
Old WinRAR Flaw Fuels Attacks on Ukraine: Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched,
29d ago
Security Notice: Former Helm APT Mirror Domain `baltocdn.com` Statement
29d ago
HTTP/2 HPACK amplification: detection signatures + the nginx/Apache directives that actually stop it (lab- & vps verified)
30d ago
Security Review Request — TID Linux Kernel Module
30d ago
Building a safe, effective sandbox to enable Codex on Windows
30d ago
Query-Hub: CQL Hub is an open repository of detection and hunting queries for CrowdStrike NextGen SIEM and Falcon LogScale.
30d ago
About PCIe DMA Cheats: Protocol, IOMMU, Hardware, and Detection
30d ago
BusyWork: Replacing Sleep with Real Work to Break Behavioral Detection
30d ago
Z-Jail: A lightweight, multi-layer Linux sandbox combining namespaces, pivot_root, seccomp-bpf, capability dropping, and an evidence-based verdict engine (Truthimatics Public Version) for secure, auditable code execution.
30d ago
UPnPHostFileRead: Arbitrary file read exploit for the Windows UPnP Device Host service.
30d ago
EDRChoker: A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.
30d ago
Sysmon RegistryEvent exclude not overriding include rule for Event ID 13
31d ago
Pwnd Blaster: Hacking your PC using your speaker without ever touching it
31d ago
cygor: An modular asset discovery framework written in python to automate the repeating manual work
31d ago
On May 31, 2026, Meta discovered that there was a vulnerability in an AI-assisted account recovery system for Instagram ("High Touch Support" or "HTS") that was exploited byun authorized third parties to perform password resets on Instagram user accounts.
31d ago
Chinese-Cybercrime-Research: Resources to learn more about Chinese-language cybercrime actors.
31d ago
Inside an Active STX RAT Supply Chain Campaign - A threat actor spent one month building a trojanized software supply chain aimed at a specific type of victim
31d ago
Unmasking Quellostanco: How a Git Commit Exposed a Threat Actor Targeting Egyptian Infrastructure (co-authored)
31d ago
The Privileged Roles Nobody Talks About
31d ago
Auditing GitLab: The CI/CD Kill Chain - GoGatoZ — a purpose-built Go tool for GitLab CI/CD security auditing that can perform and automate the entire CI/CD kill chain...
31d ago
Popping Root on UniFi OS Server: Unauthenticated RCE Chain Detection & Analysis
31d ago
21 Zero-Days in FFmpeg
31d ago
depthfirst's AI agent found 21 FFmpeg zero-days (CVE-2026-39210–39218) for ~$1,000 — oldest bug from 2003. What does this do to the economics of vuln research?
31d ago
CrowdStrike LogScale queries I use to detect LOLBin- built from 10 years of production SOC work
31d ago
The Detection & Response Chronicles: Covert Operations Through QEMU
31d ago
The Interesting Case of WSL for Payload Staging
31d ago
The Click that shouldn’t have worked: RCE via clickjacking in Internet Explorer
31d ago
Ongoing Targeted Campaign Against US Law Firms
31d ago
New China-Linked Cluster OP-512
31d ago
Shai-Hulud: Miasma (Azure:Durabletask) Open Source - a normalized, deobfuscated copy of the Azure DurableTask JavaScript payload.
32d ago
From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services
32d ago
MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain
32d ago
Six Stages Deep and an Endless Loop: Shai-Hulud Is Getting Sophisticated
32d ago
Game Over: WeedHack - The Rise of Minecraft Malware-as-a-Service Campaigns
32d ago
About ETW Internals: Architecture, Hooking, Tampering, and Detection
32d ago
PoisonXドライバを用いた日本組織への攻撃キャンペーン - Attack campaign against Japanese organizations using PoisonX driver
32d ago
Miasma npm Supply Chain Attack: Self-Spreading Worm via Phantom Gyp
32d ago
Async PICOs and Custom Beacon Wakeups in Cobalt Strike
32d ago
Enter the WasmForge: Compiling Sliver into WebAssembly
32d ago
staged-DLL-Injection-SMB-: Staged DLL injection proof-of-concept built in C using Win32 APIs
32d ago
Trend Micro Deep Security Agent Research: Forcing bmhook/tmhook Reloads to Open a Protection Bypass Window
32d ago
Seven Years on a Public Clipboard: Pasted Secrets, Türkiye's Exposure, and a Stored XSS
32d ago
BOF Cocktails in Cobalt Strike
32d ago
Address Translation
32d ago
Investigation into APT 5 and their inner workings of PLA Troop 61786
32d ago
The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy
32d ago
CISA and Partners Urge Hardening Automatic Tank Gauge Systems
32d ago
Magecart skimmer turns Stripe into a malware command server
32d ago
Security advisory: Brute force attack on Dashlane user accounts
32d ago
Cisco Security Advisory: Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability
32d ago
A new extortion brand called Pink, tracked as cluster CL-CRI-1147, that leverages vishing for initial access for the purposes of extortion. CL-CRI-1147 is likely a Com-affiliated actor, with techniques similar to Bling Libra (ShinyHunters) and CL-CRI-1116 (Blackfile/Redact).
32d ago
IronWorm: Shai-Hulud's rustier cousin
32d ago
Weil reportedly pays up to $20 million after hackers steal client data
32d ago
CTO at NCSC Summary: week ending June 7th
32d ago
defending-code-reference-harness: Claude skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize
32d ago
1-Click GitHub Token Stealing via a VSCode Bug
32d ago
The Blight Reaches Microsoft: 73 Repos Disabled in 105 Seconds
32d ago
Multi-layer sandbox for native code execution on Linux with no external deps.
32d ago
Introducing Package Proxy: supply-chain safety checks without client-side software
33d ago
AI-Powered Cheats & Stolen Secrets: Teardown of the Yuta/Solara Roblox Stealer
33d ago
zannotate: Utility for annotating Internet datasets with contextual metadata (e.g., origin AS, MaxMind GeoIP2, reverse DNS, and WHOIS)
33d ago
The Deny ACE That Never Fires: Non-Canonical ACL Order in Active Directory
33d ago
VerdantBamboo: Just Another BRICKSTORM in the Firewall
33d ago
AzureRedOps: Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID
33d ago
MXC Internals: How Microsoft's eXecution Containers Actually Isolate Agent Code
33d ago
IronWorm Supply Chain Malware Hits npm
33d ago
FSB’s matryoshka #3/3 - Gamaredon’s gifts that keeps unpacking - GammaSteel
33d ago
FSB’s matryoshka #2/3 - Gamaredon’s gifts that keeps unpacking - GammaLoad
33d ago
You do surprise me.exe: An unexpected executable in Hola Browser
33d ago
LSASS/Defender/CTFMON analysis
34d ago
Software supply chain attacks: check your dependencies
34d ago
Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator
34d ago
29 open-source Sigma/Wazuh rules for Modbus, DNP3, IEC 104, MQTT, OPC-UA (OT/ICS detection)
34d ago
Open Source - 2500 New MITRE Mutations
34d ago
Inside DesckVB Rat Analysis: From Malspam to In-Memory RAT
34d ago
Bring Your Own RWX Region DLL (BYORWXDLL)
34d ago
Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem
34d ago
APT-C-26(Lazarus)组织利用CVE-2025-55182与Copperhedge组件的攻击行动分析 - Analysis of APT-C-26 (Lazarus) group's attack activities using CVE-2025-55182 and the Copperhedge component
34d ago
NuGet Code Execution As A Service
34d ago
aether: Aether is a Windows memory-forensics and threat hunting tool that scans live process memory for malicious pattern, detect injection techniques, implant signatures, reflectively loaded .NET assemblies
34d ago
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
34d ago
TA4922: The Suspected Chinese Crime Group is Going Global
34d ago
[ Removed by Reddit ]
34d ago
Espionage Campaign Targeted Stock Exchange Executive for Five Months
34d ago
OnionAccelerator: multi-circuit / chunked download acceleration over Tor
34d ago
HazyBeacon and AWS Lambda Function URL Abuse
35d ago
The Server Seizure That Affects Also Iran's Cyber Operations
35d ago
How China's Cyber Operations – and the Contractors Behind Them – Target Critics Abroad
35d ago
🚨 🪱 How PCPJack Converted 230 Compromised Cloud Servers into a Hidden SMTP Relay Network
35d ago
Sysmon RegistryEvent exclude not overriding include rule for Event ID 13
35d ago
Red Hat npm supply chain attack "Miasma" — 32 @redhat-cloud-services packages, SLSA bypass via OIDC abuse, new GCP/Azure identity collectors
35d ago
Dependency Cooldowns - Dependency Cooldowns
35d ago
C2 Frameworks - Threat Hunting in Action with YARA Rules
35d ago
Ransomware tabletop
35d ago
Tracking APT28 PixyNetLoader: Evolutions from 2024 to 2026
35d ago
Tracking North Korea Nation-State APT Infrastructure: Kimsuky
35d ago
새벽에 온 암호화 손님 Endpoint(Midnight) 랜섬웨어 분석 - Analysis of Endpoint (Midnight) Ransomware: The Encrypted Guest That Arrived at Dawn
35d ago
From Token Bingo to MAX Takeover: Kali365 Operator Expands Operation Across Microsoft Outlook, Okta, Xerox DocuShare, and Other Services
35d ago
Codex Discovered a Hidden HTTP/2 Bomb
35d ago
Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs
35d ago
Unpatched NTLM Coercion in Windows search: URI Handler, Same Bug, No CVE, No Fix
35d ago
“Fellow practitioners — made some infosec merch that actually speaks our language. What security concepts would you want on a shirt?”
36d ago
Iran is using Western AI services to help with phishing, malware support and military research while building a domestic platform at Sharif
36d ago
Malicious Registrations in the Domain Name Market: An Analysis of gTLD Registrations and Cybercriminal Demand
36d ago
Gamaredon’s gifts that keeps unpacking - GammaPhish and GammaWorm
36d ago
RedSun: Exploiting Windows Defender's Remediation Workflow for Local Privilege Escalation
36d ago
Mini Shai-Hulud Campaign Hits Red Hat Cloud Services npm Packages
36d ago
Cybersecurity (CYBER); Cyber Resilience Act (CRA); Cybersecurity requirements for routers, modems intended for the connection to the internet and switches
36d ago
Miasma: Supply Chain Attack Targeting RedHat npm Packages
36d ago
@redhat-cloud-services npm scope backdoored with valid signed SLSA provenance; recovered the GitHub commit-search dead-drop C2 markers
37d ago
Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts via prompt injection with bot - now patched
37d ago
Tracking The Trackers: Commercial Surveillance Occurring on U.S. Army Networks
37d ago
Meta AI Recovery Flow Reportedly Bypassed 2FA: A Lesson in Privilege Boundaries
37d ago
Sapphire Sleet Targets macOS in Multi-Stage Intrusion Campaign
37d ago
Atomdrift - open-source malware detection for the software supply chain
37d ago
Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens
38d ago
179 npm Packages Target Cloud and Finance via oob.moika.tech
38d ago
KB4853: Vulnerability Resolved in Veeam Service Provider Console 9.2.1 - "A vulnerability in Veeam Service Provider Console allows for remote code execution." - CVSS 9.4
38d ago
Click Or Trick (CVE-2025-59199): Escaping the Sandbox with Windows URIs
38d ago
Hawk: Golang tool designed to exfiltrate passwords found via the sshd and su services
38d ago
EvilTokens and OAuth Abuse: How Device Code Phishing Bypasses MFA
38d ago
Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
38d ago
Signal macOS Desktop App Doesn't Actually Delete Messages When it Should
38d ago
Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan
38d ago
WHQL-signed kernel driver keylogger, likely deployed as an anti-cheat BYOVD
38d ago
Typosquatted npm packages used to steal cloud and CI/CD secrets
38d ago
Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2
38d ago
Malicious npm packages abuse dependency confusion to profile developer environments
38d ago
Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
38d ago
Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attack
38d ago
CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities - "Palo Alto Networks has become aware of limited exploit attempts on unpatched PAN-OS devices without mitigations applied."
38d ago
Dissecting an Undocumented Lua-Wrapped Loader: The BoldTealLayer Campaign
38d ago
SkillSpector: Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
38d ago
EDR Incident Response Playbook: Containing Local Account Incidents
38d ago
Adversarial Oracles: LLM-Guided EDR Signature Reduction
38d ago
One click—and you’re spied on: GFF files criminal complaint alongside journalist Trung Khoa Lê following spyware attack - GFF
38d ago
proxy: A lightweight caching proxy for package registries.
38d ago
How OLTs may have exposed entire ISP networks
38d ago
A miner with a side of RAT: the unintended gift with your TV show or book - Pirates in the crosshairs: how one cybercrime gang has been infecting book, movie, and TV show fans for years
38d ago
HunterAgent: Neuro-Symbolic Attack Trace Reconstruction under Anti-Forensics
38d ago
Honeyval: A Comprehensive Evaluation Framework for LLM-powered HTTP Honeypots
38d ago
Security of OpenClaw Agents: Fundamentals, Attacks, and Countermeasures
38d ago
Lessons from Penetration Tests on Large-Scale Agent Systems
38d ago
pydepgate: A zero dependency lightweight static analyzer designed for adversarial-shape code in python to detect supply chain attacks before they reach your interpreter.
38d ago
CIFSwitch: a non-universal Linux local root vulnerability
38d ago
Web-Based Indirect Prompt Injection To Push A Malicious Chrome Extension
39d ago
DriverSentinel: DriverSentinel is a security tool developed in Go that detects malicious and vulnerable drivers on Windows systems by comparing them against the LOLDrivers.io database.
39d ago
Visual Studio Extensions Revisited
39d ago
Supply Chain Compromises Impact Nx Console and GitHub Repositories
39d ago
BYOVD and Looting LSASS in the Modern EDR Era
39d ago
CTO at NCSC Summary: week ending May 31st
39d ago
OffensiveCon26 videos
39d ago
School Survey, (non-paid nothing its free its for my grades)
39d ago
Pathfinding Labs: Deploy, test, and learn from 100+ intentionally vulnerable AWS environments
39d ago
LLMShare: how attackers are turning AI chatbot pages into malware delivery platforms
39d ago
LogMonitor — open-source Python tool for real-time failed login detection with multi-channel alerting
40d ago
Identifying attack patterns through kernel frame callstacks
40d ago
Evaluation taxonomy for cyber threat intelligence (CTI) quality and conversion quality in workflows such as MISP/STIX exchange and CTI Transmute, covering relevance, accuracy, timeliness, clarity, specificity, format validity, conversion fidelity, and usefulness
40d ago
What safety boundary would you expect from a local AI incident investigation tool?
40d ago
Authenticated RCE via Argument Injection in Gogs (NOT FIXED)
40d ago
Why I Built My Own LLM Benchmark for THOR Finding Triage
40d ago
Casdoor contains multiple authentication bypass and access management vulnerabilities
40d ago
The approval prompt is lying: a critical coding agent security flaw - A symlink-hijack RCE in six AI coding agents
40d ago
GREYVIBE: A Russia-nexus group leveraging AI across state-aligned operations
40d ago
Inside a 176-Package npm Campaign Built to Beat Your Internal Dependencies
40d ago
Malware seller hunted across three continents
40d ago
Romanian National Sentenced for Selling Access to Networks of Oregon State Government Office and Other U.S. Victims
40d ago
Law firm Wiley Rein hit with class action over data breach tied to Chinese hackers
40d ago
Gezamenlijke actie politie en NCSC legt groot botnetwerk plat | Joint police and NCSC NL operation shuts down large bot network
40d ago
Introducing Puck Scout: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet in plain English; get a narrative answer with containment recommendations.
40d ago
The C-suite job that's burning people out faster than any other
40d ago
New OSINTDomain Update: Domain OSINT Analysis with AI Agent Interpretation
40d ago
SEO poisoning campaign leverages Gemini and Claude Code impersonation to deliver infostealer
40d ago
Frieren: an open-source framework for WiFi Pineapple-style OpenWrt security appliances
40d ago
2026 World Cup: Discussing The World’s Biggest Game’s Attack Surface
40d ago
APT Activity Report: CONFLICT-INFORMED ESPIONAGE: MONITORING OIL SHIPMENTS, TARGETING DRONE MAKERS - October 2025-March 2026
40d ago
Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure
40d ago
Introducing EvidenceForge: Synthetic security logs that don’t look (as) fake
40d ago
Zero Trust Implementation Guidelines
40d ago
BlackToad: Network Manipulation in an AutoIt Payload
41d ago
RVTools Masquerade: How a Signed Fake Installer Deploys a Modular Python RAT
41d ago
Kimsuky's Advanced Attack Techniques: JSONPing, Webex Spoofing, and a New HttpSpy Variant
41d ago
Device Code Lab (DCL) — Deep Dive into a Device Code Phishing Toolkit
41d ago
FROST: Fingerprinting Remotely using OPFS-based SSD Timing
41d ago
Alert Number: I-052726-PSA | 27 May 2026 Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup
41d ago
puck-security/puck-oss: Autonomous, read-only endpoint investigation via MCP. Ask a question about your fleet, get a narrative answer with containment recommendations.
41d ago
Who is Salt Typhoon Really? Unraveling the Attribution Challenge
41d ago
Looking for resources on end-to-end APT attack flow summaries for detection engineering
41d ago
The War Between Wars: How an IRGC Cyber Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire
41d ago
durabletask (Microsoft's Python Durable Task client) compromised by TeamPCP
42d ago
Exposing a Smishing campaign across 19 countries: 1,628 malicious URLs tied to a single 128-char HTML fingerprint
42d ago
Building Detection Engineering on AWS from scratch — roast my plan
42d ago
MalShark: MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
42d ago
Designing secure access with ZTNA
42d ago
MSIT Launches Early “Incident Investigation Review Committee” for Proactive Security Incident Response
42d ago
White House: Ensuring Effective and Efficient Agency Logging and Network Visibility to Defend Against Evolving Cyber Threats
42d ago
Advisory X41-2026-002: Request Host Header not Validated in Starlette
42d ago
Top ethical hacker Chompie warns AI tools could put her out of business
42d ago
浅谈AI Agent的行为检测思路 -A Brief Discussion on Behavior Detection Approaches for AI Agents
42d ago
YoroTrooper组织针对独联体及周边区域的攻击活动分析 - Analysis of YoroTrooper's Attacks Against the CIS and Surrounding Regions
42d ago
CERT-IN: Blueprint for Reducing Exposure and Defending against AI-Assisted Vulnerabilities Exploitation in Digital Infrastructure - patch between 12 hours and 5 days they state
42d ago
The Evolution of Chinese-language Phishing Services
42d ago
Silent Ransom Group Impersonating IT Personnel through Social Engineering
42d ago
The epoll UAF - an epoll uaf race in fs/eventpoll.c
42d ago
Tycoon 2FA AiTM detection for Entra ID and Google
42d ago
Microsoft Copilot Cowork Exfiltrates Files
42d ago
Unpatched Sparx vulnerabilties
42d ago
sylvia: iOS Syscall Explorer for IDA 9.X
43d ago
Ababil of Minab: An Iran-Linked Destruction and Exfiltration Campaign Targeting the U.S. and the Middle East
43d ago
GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip
43d ago
JOMANGY: INJ3CTOR3's Self-Healing FreePBX Toll Fraud Campaign
43d ago
7-Zip CVE-2026-48095: NTFS Heap Overflow Leads to Vtable Hijack
43d ago
Seeing alot of SSH honeypot attacks on "root:fjbdfdjkdsfs541544AA@@"
43d ago
The practice of cyber-threat intelligence in organizations: A socio-technical case study of a mature financial organization
43d ago
GitHub - mrexodia/ida-pro-mcp: AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
43d ago
Exploitation of KnowledgeDeliver via ViewState Deserialization Vulnerability
43d ago
CVE-2026-20700: A controlled exploration of dyld's page-in linking and chained fixup machinery as a PAC signing oracle, in the context of CVE-2026-20700.
43d ago
YouTube SMS Blaster Ad Displays Scam Messages That Impersonate Telcos
44d ago
Open sourced the part of our SOC tool that can nuke your endpoints, so you can read it before trusting it
44d ago
honeyslop: Code canaries to quickly triage hallucinated ('slop') vulnerability reports
44d ago
Apex One and Vision One – Standard Endpoint Protection (SEP) May 2026 Security Bulletin - TrendAI has observed at least one instance of an attempt to actively exploit one of these vulnerabilities in the wild.
44d ago
Putin appoints Rostec cybersecurity specialist linked to GRU hackers from Fancy Bear as aide to Sergei Shoigu in Russia’s Security Council
44d ago
RemotePE: The Lazarus RAT that lives in memory
44d ago
Supply Chain Attack Targets Laravel-Lang Packages with Credential Stealer
44d ago
Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
44d ago
Twee mannen aangehouden voor phishing - Two men arrested for phishing
44d ago
Sharp Eyes: Mass surveillance of foreigners in China
44d ago
relay_bible: Technical Reference to multiple relay techniques
44d ago
Fix: CVE-2025-33073 NTLM reflection not exploitable on pre-NT10.0 systems by azoxlpf · Pull Request #1245 · Pennyw0rth/NetExec
44d ago
The Gold Mine Red Teamers Never Touch - "read the Windows source code. Both Windows XP and Server 2003." [to make their tools blend in]
44d ago
SYLK 文件格式的武器化滥用 – Weaponization and abuse of the SYLK file format
44d ago
North Korean cyber hackers and masterminds behind gambling sites... Sentenced to 5 years in prison in the first trial
44d ago
Staged publishing and new install-time controls for npm - GitHub Changelog
44d ago
Updated UAC-0057 toolkit: OYSTERFRESH, OYSTERSHUCK and OYSTERBLUES
45d ago
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
45d ago
Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow
45d ago
The Future and Past of Residential Proxies
45d ago
Tracking TamperedChef Clusters via Certificate and Code Reuse
45d ago
Machine Overmatch: What Salt Typhoon Reveals About China’s Data-Centric Intelligence Strategy
45d ago
Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware
45d ago
A fraudulent scheme to obtain and use code signing certificates to deceive victims into downloading dangerous malware under the false belief that it is trusted software
45d ago
Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows
45d ago
Suricata 8.0.5 and 7.0.16 released! - fixed various critical and high severity vulnerabilities
45d ago
Phantom Killer: Reverse Engineering and Weaponizing a Lenovo Driver to Terminate EDR Processes
45d ago
mkPIVM: Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode.
45d ago
keyhog: The fastest, most accurate secret scanner. 896 detectors, Hyperscan SIMD, GPU acceleration, 96% recall. Built in Rust.
45d ago
np-audit: Static security analysis for npm packages. Detects obfuscated code, malicious patterns, and known vulnerabilities before installation.
45d ago
Ledger: An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed and what still needs to be cleaned up.
45d ago
OpenPetya: A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
45d ago
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
45d ago
FatGid - FreeBSD 14.x kernel LPE
45d ago
Manage [VSCode] extensions in enterprise environments
45d ago
angr: A powerful and user-friendly binary analysis platform!
45d ago
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
45d ago
How Attackers Force Microsoft to Send Phishing Emails
45d ago
Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects
45d ago
Microsoft Authenticator App Details now exposed in Entra SignInLogs
45d ago
Bissa Scanner Exposed: AI-Assisted Mass Exploitation and Credential Harvesting
45d ago
How China-linked threat actors obtain zero-day vulnerabilities
45d ago
Fast and Furious - Nimbus Manticore Operations During the Iranian Conflict - Check Point Research
45d ago
Monitoring for vssadmin.exe delete shadows is an absolute bare minimum
45d ago
Infostealers Just Spawned a 5,000+ Repo GitHub Supply Chain Attack
45d ago
How a consultant and a concert pianist from the Netherlands aided pro-Russian hackers
45d ago
CVE-2026-48029: Two grid-decode bugs in libheif
45d ago
workcell: Bounded local runtime and policy boundary for coding agents
45d ago
OpenShell: OpenShell is the safe, private runtime for autonomous AI agents.
45d ago
Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automation
45d ago
Built a SOC from scratch with no prior SOC experience
45d ago
CTO at NCSC Summary: week ending May 24th
46d ago
VPN Exploitation When Patched Doesn't Mean Protected
46d ago
Cybercriminal VPN used by ransomware actors dismantled in global crackdown – VPN service featured in almost every major Europol-supported cybercrime investigation
46d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
46d ago
CLR-Stomp: .NET CLR-Stomping
46d ago
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence
46d ago
Introducing Showboat: A new malware family taunts defenses and targets international telecom firms
46d ago
Open Directory, Open Season: Inside Red Lamassu’s JFMBackdoor
46d ago
AI security CTF from a CNCF project - useful for understanding LLM/agent attack patterns from the defense side (June 17-22)
46d ago
GitHub - perplexityai/bumblebee: Read-only inventory collector for package, extension, and developer-tool metadata on macOS and Linux developer endpoints, built for fast supply-chain exposure checks.
46d ago
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
46d ago
Tired of searching different websites, blogs, Reddit posts, and docs just to learn KQL?
47d ago
I got tired of guessing which LOLBAS binaries exist on a host at my privilege level, so I wrote a small Go scanner
47d ago
AI-generated reporting: Lessons learned from Cisco Talos Incident Response
47d ago
CrabLoader: A PoC Cobalt Strike UDRL written in Rust
47d ago
The 429 Microsoft Graph Mystery
47d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
47d ago
Azure Tenant Enumeration is Dead
47d ago
A Deep Dive into Codex Windows Sandbox
47d ago
Striga: Lifting x86 to LLVM IR with Python
47d ago
veilgate: Asymmetric defense against AI red-team agents. VeilGate scores every request, diverts likely agents into a per-IP-coherent fake application, and measures the cost it imposes on the attacker.
47d ago
Windows BitLocker Security Feature Bypass Vulnerability
47d ago
CVE-2026-28910: Breaking macOS App Sandbox Data Containers, TCC, and Hijacking Apps Using Archive Utility
47d ago
Google API keys keep working after you delete them long enough to be exploited
47d ago
Threat Intelligence Report: ZionSiphon OT Malware First Attempts? Psyops? Both?
47d ago
North Korean-Linked Threat Actor Targets Developers with New npm Infostealer RAT
47d ago
Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit
47d ago
Quick heads-up if you're writing KQL for LSASS dumping (stop filtering on process names)
47d ago
Alert Number: I-052126-PSA | 21 May 2026 Kali365 Phishing-as-a-Service Kit Hijacks Microsoft 365 Access Tokens
47d ago
Megalodon: CI/CD Malware Spreading Across GitHub Repositories
47d ago
📡 One telecom carrier accounts for 72% of all Middle East-hosted C2 activity.
47d ago
Ghost CMS Mass Compromised via CVE-2026-26980, Now Fueling ClickFix Attacks
48d ago
CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox
48d ago
beacon-hunter: open source detector for phi-structured C2 beacons that evade RITA
48d ago
Fake Microsoft Teams Campaign Delivers ValleyRAT via NSIS Installer and DLL Sideloading
48d ago
Tracking TamperedChef Clusters via Certificate and Code Reuse
48d ago
Living off the Land with VS Code: Inside a Sophisticated Phishing Campaign
48d ago
From Y2K to Patch Tuesday 2025: 25 Years of Bugs in the Windows 2000 Source Tree
48d ago
How a single image takes control of a Mac understanding an ExifTool vulnerability (CVE-2026-3102)
48d ago
Iran-linked Operators Suspected in ATG Breaches
48d ago
Grafana Labs security update: Latest on TanStack npm supply chain ransomware incident | Grafana Labs
48d ago
Compromised Nx Console version 18.95.0
48d ago
CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path
48d ago
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
48d ago
Webworm: New burrowing techniques
48d ago
New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)
48d ago
Operation Dragon Whistle: UNG0002 Targets Chinese Academia via Weaponized Institutional Lure
48d ago
Adaptive Fingerprinting: HTTP-Basma's Multi-Stage Probing for Granular Server Differentiation
48d ago
GitHub’s Fake Engagement Problem Is Hiding in Plain Sight
48d ago
Statecraft – Threat intel platform for Portuguese-speaking Blue Teams (NVD + CISA KEV + OTX + hourly AI briefings in PT-BR)
48d ago
Zer0Vuln Community Edition – open-source SIEM + SOAR + EDR with autonomous local LLM triage
48d ago
Score by collisions, patch by panic: defensive architecture for the post-90-day-disclosure era
49d ago
5 credential access detection rules beyond LSASS — KQL + Sigma, production-ready
49d ago
Remote Process Read Primitive via NtCreateThreadEx Exit Code
49d ago
aimap: Discover Exposed AI Services
49d ago
FalkorDB: A super fast Graph Database uses GraphBLAS under the hood for its sparse adjacency matrix graph representation.
49d ago
Why China Is Now a Peer Competitor to the United States in Cyberspace
49d ago
nginx-rift-private-lab: Private Nginx Rift ASLR lab, exploit chain, and demo recordings
49d ago
Built a Linux persistence hunting & artifact collection tool in Bash - persisthunt
49d ago
We are investigating unauthorized access to GitHub’s internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension.
49d ago
Extended Cyber Kill Chain for AI-Era Threats: a defender-side framework mapping LLM and agentic attacks to kill-chain stages (MITRE ATLAS + OWASP LLM Top 10 mappings)
49d ago
Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild
49d ago
Eight Leading U.S. Communications Firms Form C2 ISAC
49d ago
GhostTree: Unveiling Path Manipulation Techniques to Bypass Windows Security
49d ago
UAC-0184: From HTA to a Signed Network Stack
50d ago
New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here
50d ago
How Storm-2949 turned a compromised identity into a cloud-wide breach
50d ago
Entra ID: PIM for Groups Review
50d ago
TeamPCP compromises NPM maintainer with over 540 packages
50d ago
Active Supply Chain Attack Compromises @antv Packages on npm...
50d ago
When DMCA Comes Knocking - A YouTube Creator Phishing Kit
50d ago
[Cloudflare] Project Glasswing: what Mythos showed us
50d ago
SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain
50d ago
Rekomendacja Pełnomocnika Rządu ds. Cyberbezpieczeństwa dotycząca komunikatora Signal - Recommendation of the Government Plenipotentiary for Cybersecurity regarding the Signal messenger
51d ago
Exclusive: Hackers have breached tank readers at US gas stations; officials suspect Iran is responsible | CNN Politics
51d ago
CrystalX: unpacking a Go RAT through three encrypted layers
51d ago
DirtyCBC: When Linux Kernel Decrypt-Before-MAC Turns Authenticated Encryption Into a Page-Cache Write
51d ago
FlowerStorm unleashes the KrakVM: PhaaS operators turn to VM-based obfuscation
51d ago
LID: LID — Linux Integrity Drift: Bypassing AppArmor via eBPF pathname rewriting. Pre-LSM syscall argument manipulation with zero audit footprint. "Linux is Dying"
52d ago
Static Kitten APT Adversary Simulation
52d ago
Eimeria: five layers from RAR5 to RunPE
52d ago
ghosttype: Local forensic scanner that extracts credentials from AI tool conversation history. For authorized red team and DLP use only.
52d ago
openDCIM exploitation
52d ago
HASBL CTF - A Jeopardy-Style CTF Organized by High School Students!
52d ago
We Have Packet Capture at Home
52d ago
Suspected China-Linked Threat Actor Targets Global Manufacturer with Undocumented TencShell Malware
52d ago
HWMonitor Trojanized for STX RAT DLL Sideloading
52d ago
awesome-dfir-skills: Admiralty System for CTI Claude skill
52d ago
Mullvad exit IPs as a fingerprinting vector
52d ago
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
52d ago
Popular node-ipc npm Package Infected with Credential Steale...
52d ago
An Improper Access Control vulnerability [CWE-284] in FortiAuthenticator may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.
52d ago
Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files
52d ago
Chinese APT Campaign Targets Entities with Updated FDMTP Backdoor
52d ago
Sandworm Activity in Industrial Environments: What the Data Reveals
52d ago
Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign
52d ago
"Shadowserver-in-a-box" IntelMQ + ELK Solution
52d ago
Stenloader: Steganography Shellcode Loader
52d ago
AsmResolver: a library for reading, modifying and reconstructing Portable Executable (PE) files. It supports PE images running natively on Windows, as well as images containing managed (.NET) metadata - after 2 years of development, v6.0.0 is out
52d ago
Somebody backdoored the package `bfunky/http-parser` on packagist with a stealer - package not touched since 2018
52d ago
Our response to the TanStack npm supply chain attack
52d ago
QEMUtiny is a memory corruption vulnerability in QEMU's implementation of CXL Type-3 device emulation, reported against QEMU master 007b29752e and confirmed working against 5e61afe (May 11, 2026).
52d ago
We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase.
52d ago
APT-C-55(Kimsuky)组织依托GitHub+Dropbox分发恶意载荷的攻击活动分析 - Analysis of APT-C-55 (Kimsuky) group's attack activities involving the distribution of malicious payloads via GitHub and Dropbox.
52d ago
oss-security - Logic bug in the Linux kernel's __ptrace_may_access() function - exploits out see yesterday
52d ago
Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations
52d ago
OtterCookie: JavaScript RAT shifting fake-interview campaigns from credential theft to live surveillance
52d ago
The Gentlemen Ransomware Group — Leak Analysis
52d ago
HDD Firmware Hacking Part 1
52d ago
ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
52d ago
CTO at NCSC Summary: week ending May 17th
52d ago
Vidar v1.5 in Go: same family, new language, heavy sandbox checks
53d ago
Developer credential-theft campaign exposed operator-side self-infection
53d ago
Help-Desk Lures Drop KongTuke's Evolved ModeloRAT
53d ago
Welcome to BlackFile: Inside a Vishing Extortion Operation
53d ago
DoublePulsar: A User-Defined Reflective Loader in the Crystal Palace and Tradecraft Garden Era
53d ago
Stop Being Weird — Life After Call Stack Spoofing Under CET
53d ago
Triggering the Secure Boot Certificate Update with Intune Remediations
53d ago
How to enable HTTPS support for Microsoft Connected Cache for Enterprise and Education - Starting on June 16th, 2026, or soon after, Intune will enforce HTTPS content delivery for customers using Microsoft Connected Cache
53d ago
Addressing Exchange Server May 2026 vulnerability CVE-2026-42897
53d ago
One Is a Fluke, 3 Is a Pattern: MCP Back-End Vulnerabilities
53d ago
CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)
53d ago
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
53d ago
FamousSparrow APT Targets Azerbaijani Oil and Gas Industry
53d ago
Disclosing new PebbleDash-based tools by Kimsuky
53d ago
FrostyNeighbor: Fresh mischief and digital shenanigans
53d ago
Kazuar: Anatomy of a nation-state botnet
53d ago
OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments
53d ago
NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys
53d ago
Hacker Ringleader Extradited for 38 Billion Won Theft
53d ago
Alert Number: I-051526-PSA | 15 May 2026 ShinyHunters: Cyber Criminal Group Attacks Learning Management System
53d ago
Fragnesia (CVE-2026-46300) is a universal Linux local privilege escalation exploit
53d ago
The Mythos We Have At Home: A Patch-Diffing Pipeline for N-Day Generation
53d ago
FFFFirefox - A One-Day Wonder Renderer Exploit
53d ago
MiniPlasma, a powerful LPE
53d ago
Does host MS Defender Network Protection intercept and alert on traffic generated inside Windows Sandbox?
53d ago
[Tool] IOCX — deterministic static IOC extraction for PE binaries
54d ago
Novel Evilginx Frontend - Lowering the barrier for token theft reuse
54d ago
SentinelOne. Backup delete attempt at 06:28, Kill process mitigation action at 06:31. Was the deletion blocked or not?
54d ago
WAF Evasion Engine
54d ago
Thus Spoke…The Gentlemen
54d ago
KQLab - open-source query manager for SOC teams
54d ago
How TeamPCP's Python Toolkit Survives a C2 Takedown
54d ago
Microsoft AntiSSRF
55d ago
Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state
55d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
55d ago
How fast is autonomous AI cyber capability advancing?
55d ago
YellowKey: YellowKey Bitlocker Bypass Vulnerability
55d ago
Tinker Tailor Soldier: Paper Werewolf’s latest toolkit
55d ago
126 Chrome extensions, all secretly the same product, taking 148K users' WhatsApp data and ad cookies
55d ago
Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad
55d ago
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
55d ago
[HOMELAB] Built a SOC investigation console on two old Dell boxes
56d ago
Android Intrusion Logging as a new source of data for consensual forensic analysis
56d ago
Shai-Hulud: Another Wave and Going Open Source
56d ago
A stealth approach to Process Injection - EntryPoint Hijacking
56d ago
[Tool Release] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible)
56d ago
Service Principal Sign-Ins: A blind spot that a lot are missing
56d ago
My Analysis of a Bandook RAT PCAP
56d ago
Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign
56d ago
Detection Rule is here
56d ago
Owning a service principal equals owning its permissions.
56d ago
Claude Code RCE: Exploiting Deeplink Handlers via Settings Injection
56d ago
CPU OP Cache Corruption - AMD has identified a vulnerability in the CPU operation (op/µop) cache on Zen 2‑based products that can cause incorrect instructions to be executed at a higher privilege level.
56d ago
AI+DFIR Challenge: Share Your Disasters and Successes
57d ago
Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware
57d ago
Postmortem: TanStack npm supply-chain compromise
57d ago
bits from the release team - Aided by the efforts of the Reproducible Builds project, we've decided it's time to say that Debian must ship reproducible packages
57d ago
rxrpc_privesc: RxRPC privesc PoC without fcrypt() restrictions
57d ago
Detecting Remote Thread Creation with Windows Driver
57d ago
Mythos finds a curl vulnerability
57d ago
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - some leaps pending technical details
57d ago
Reverse Engineering a Multi Stage File Format Steganography Chain of the TeamPCP Telnyx Campaign
57d ago
Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment
57d ago
esp32-c5-deauth: A deauth with nuker for 2.4Ghz and 5Ghz controlled by BLE with Android app
57d ago
LOLRMM Publishers - PR merges 182 new code signing certificates and adds important safety warnings to entries containing certificates from major software vendors.
57d ago
How Cloudflare responded to the “Copy Fail” Linux vulnerability
57d ago
I analyzed 196k+ Sysmon events and found APT29 staging malware in Temp. Here is my detection logic.
57d ago
LUKSbox: Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots.
57d ago
New Shai-Hulud npm worm variant
57d ago
EtwWatcher
57d ago
Donuts and Beagles: Fake Claude site spreads backdoor
57d ago
Fine of nearly £1m issued against South Staffordshire Plc and South Staffordshire Water Plc following major cyber attack and data breach
58d ago
CHERIoT-Ibex: Closing the door on memory safety vulnerabilities with hardware-enforced protection
58d ago
Deterministic PE Validation for Blue Teams - IOCX v0.7.3
58d ago
Delving deep into threat detection: My logic for abnormal EventID 7 activity
58d ago
NZ announces sanctions on malicious Russian cyber actors, online platforms
58d ago
Update: Ongoing Checkmarx Supply Chain Security Incident
58d ago
ShinyHunters cashout fingerprint; on-chain trace of the May 2024 AT&T ransom payment, with persistent laundering-service hubs identified through 2025
58d ago
Unmanaged PowerShell Execution: Hunting Beyond powershell.exe
58d ago
Python Backdoor Threat Analysis Following an AI Deepfake Impersonation Campaign
58d ago
Static Devirtualization of Themida
58d ago
Now You See Me: AADGraphActivityLogs
58d ago
[Write-up] CyberDefenders: Wiredive Lab
58d ago
page_inject: CVE-2026-31431-killed page-cache exploit — code exec into containers sharing the same image layer
59d ago
JDownloader — Website installer incident (May 2026)
59d ago
The GNU MP Bignum Library - "We suspect that GMP's extremely tight loops around MULX make the Zen 5 cores use much more power than specified, making cooling solutions inadequate."
59d ago
AI in the Breach: How an Adversary Leveraged AI to Target a Water Utility’s OT
59d ago
EventHawk v1.2 -open source Windows EVTX log analysis tool for DFIR (Juggernaut Mode, ATT&CK mapping, Sentinel anomaly engine)
59d ago
Jenkins honeypot reveals botnet exploiting scriptText to launch DDoS attacks on game servers
59d ago
Writing a Naive LLVM-based Devirtualizer
59d ago
Where Have All the Complex Windows Malware and Their Analyses Gone?
59d ago
When prompts become shells: RCE vulnerabilities in AI agent frameworks
60d ago
Shift-Happens-Uncovering-to-builtin-command-injection-in-Windows-context-menus: Shift Happens: Uncovering two built-in command injections in Windows context menus
60d ago
MOVEit Automation Critical Security Alert Bulletin – April 2026 – (CVE-2026-4670, CVE-2026-5174)
60d ago
Lorem Ipsum Malware: Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor
60d ago
Let's Encrypt Status: Due to an issue with the cross-signed certificate from our Generation X root to our new Generation Y root, all issuance has been switched back to our Generation X root certificate. This affects our "tlsserver" and "shortlived" ACME certificate profiles.
60d ago
Analyse des DNS-Ausfalls vom 5. Mai 2026 - Analysis of the DNS outage of May 5, 2026
60d ago
Member of Prolific Russian Ransomware Group Sentenced to Prison
60d ago
EasterBunny: advanced espionage artifacts attributed to APT29
60d ago
Tracking the "Sorry" Extortionist Campaign Against cPanel Websites
60d ago
PositiveIntent: Evasive loader for .NET Framework assemblies
60d ago
The Accidental C2: Exploring Dev Tunnels for Remote Access
60d ago
Living of the Land - DISM Sandbox Provider Hijack
60d ago
HyperVenom: Using Hyper-V for Ring -1 Control from Usermode
60d ago
CTO at NCSC Summary: week ending May 10th
60d ago
ClickFix distributing Vidar Stealer via WordPress targeting Australian infrastructure
60d ago
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
60d ago
Copy_Fail2-Electric_Boogaloo: Copy Fail 2: Electric Boogaloo
60d ago
DARWIS Taka - Web vulnerability scanner with Optional AI Validation
60d ago
SunnyDayBPF: eBPF telemetry integrity research for detection engineering
60d ago
Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama
61d ago
Massive Cyber Attack Exposes Millions 🚨 || starting my cybersecurity jou...
61d ago
Student Arrested in Taiwan for using SDR and Handheld Radios to Halt Four High Speed Trains with TETRA Hack
61d ago
Dirty Frag: Universal Linux LPE
61d ago
Ivanti: We are aware of a very limited number of customers exploited with CVE-2026-6973. Successful exploitation requires Admin authentication.
61d ago
Two U.S. Nationals Sentenced for Facilitating Fraudulent Remote Information Technology Worker Schemes to Generate Revenue for the Democratic People’s Republic of Korea
61d ago
Revealed: Russia’s top secret spy school teaching hacking and election meddling | Russia
61d ago
OceanLotus suspected of distributing ZiChatBot malware via wheel packages in PyPI
61d ago
Searching for bulletproof detections in cPanel Land: Hunting for CVE-2026-41940: Building Detections for the exploit, not the PoC
61d ago
Detecting BEC Persistence with KQL
62d ago
Unpacking Russian-Iranian Private-Sector Cyber Connections
62d ago
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
62d ago
OSS2Falco: Falco rules converted from LinPEAS, Sigma and Splunk
62d ago
Inadvertent Injections
62d ago
CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal
62d ago
Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware
63d ago
Iranian-Nexus Operation Against Oman's Government: 12 Ministries Hit and 26,000 Citizen Records Exposed
63d ago
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
63d ago
UAT-8302 and its box full of malware
63d ago
CVE-2026-0073 Android adbd TLS client-authentication bypass
63d ago
One KQL query you should have saved in your toolkit (most don’t)
63d ago
CVE-2026-31431 hit KEV after 9 days, what are you using to catch that earlier?
63d ago
Built a Cowboy Bebop-themed threat hunting lab with Splunk and Sysmon — writeup inside
63d ago
🇮🇷 Iranian-Nexus Campaign Against Oman's Government: 12 Ministries, 26,000 Records
63d ago
Popular DAEMON Tools software compromised
64d ago
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
64d ago
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
64d ago
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
64d ago
Accelerating Vulnerability Detection and Response at Oracle
64d ago
The cPanel Zero-Day Was Active for 64 Days Before Anyone Knew
64d ago
GIDR: A behavioral intrusion detection system for Windows. Files are innocent until proven guilty at runtime. When malicious behavior is detected, the entire attack chain is traced to root and eliminated.
64d ago
dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025
64d ago
N-Day Research with AI: Using Ollama and n8n
64d ago
38 CVEs in Healthcare Software Used by 100,000 Medical Providers
64d ago
Recursively fuzzing MS-RPC structures and monitoring using ETW
65d ago
VanGuard — open-source single-binary DFIR toolkit (Velociraptor, Hayabusa, Chainsaw, Loki, YARA) with TUI, air-gap support, and 28 pre-built use cases
65d ago
CVE-2026-31431:我用 DeepSeek 复现了 AI 发现Copy Fail 提权的全过程 - CVE-2026-31431: I used DeepSeek to reproduce the entire process of AI detecting Copy Fail privilege escalation.
65d ago
《APT高级威胁研究报告》(2026 版)- Advanced Threat Research Report (2026 Edition)
65d ago
nginxpulse: 轻量级 Nginx 访问日志分析与可视化面板,提供实时统计、PV 过滤、IP 归属地与客户端解析。- A lightweight Nginx access log analysis and visualization dashboard, providing real-time statistics, PV filtering, IP geolocation, and client resolution.
65d ago
蔓灵花组织使用NUITKA打包的python样本进行投递 - The Manlinghua organization used Python samples packaged in NUITKA for delivery.
65d ago
gdrv3.sys - Reverse Engineering a Signed Kernel Driver with 13 Hardware Access Primitives
65d ago
Added new vulnerable samples for IoBitUnlocker, Zemana and TfSysMon
65d ago
AMSI Page Guard Bypass (Rust PoC)
65d ago
Meet Bluekit: The AI-Powered All-in-One Phishing Kit
65d ago
Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI
65d ago
A hacker group was detained in Lviv Oblast, which hacked game accounts and received almost UAH 10 million in profit from their sale in Russia
65d ago
IRQL - Incident Response Query Language - A collection of Kusto (KQL) functions that unify security logs behind a consistent, analyst-friendly dialect
65d ago
Nuclei template CVE-2026-41940.yaml - cPanel & WHM - Authentication Bypass via Session-File CRLF Injection
65d ago
ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution…
65d ago
Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia
65d ago
[2603.28728] Study of Post Quantum status of Widely Used Protocols
65d ago
Malicious Intercom PHP Package Spreads Mini Shai-Hulud Attack to Packagist via Composer Plugin
65d ago
Possible supply chain attack on version 2.6.3 · Issue #21689 · Lightning-AI/pytorch-lightning
65d ago
code-needle: A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint.
65d ago
Secure Boot Inventory Data In Configuration Manager
65d ago
EventLogExpert: Can be used as a replacement for Event Viewer to view live event logs. Choose Continuously Update on the View menu and watch new events appear in real time.
65d ago
MicroSMT: IDA plugin for automatic deobfuscation of opaque predicates by lifting microcode to z3 for SMT reasoning.
65d ago
AI-powered honeypots: Turning the tables on malicious AI agents
65d ago
copy.golf — golf your exploits - smaller copy.fail exploits..
65d ago
DragonBreath: Dragon in the Kernel
65d ago
Holy-Grail-PCAP: "Holy Grail PCAP" is a capture file offering exceptional coverage across nearly all tcpdump/Wireshark encapsulation types and dissectors.
65d ago
Impacket-IoCs: This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found within the library
66d ago
Puzzle: Set of PoC to abuse Windows minifilters functionality
66d ago
A “Psychological Warfare” to Show Off Cyber Capabilities: A Comprehensive Analysis of SentinelOne’s Exposure of fast16
66d ago
Active exploitation of cPanel/WHM critical vulnerability
66d ago
Important Update From Trellix - "Trellix recently identified unauthorized access to a portion of our source code repository. "
66d ago
5 Qilin ransomware servers exposed over 7 months
66d ago
South-East Asian Military Entities Targeted via cPanel (CVE-2026-41940)
66d ago
Russian Charged in Oil and Gas Facility Hacks Pleads Guilty
66d ago
VECT ransomware: small files decrypt, large files lose their nonces
66d ago
CTO at NCSC Summary: week ending May 3rd
66d ago
April 27th - What happened with our feature flag configuration | The ClickUp Blog
66d ago
Blog: Evolving the Android & Chrome VRPs for the AI Era
67d ago
Seven Queries to Audit the Sentinel Detections Your SOC May Have Missed.
67d ago
VECT: Ransomware by design, Wiper by accident
67d ago
VisualSploit: Backdoor Visual Studio project files with custom shellcode, which executes whenever the project is opened or built.
67d ago
Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison
67d ago
Agentic Malware Analysis: From Task Automation to Deep Analysis
67d ago
pydep-vector-runner: A lightweight runner that guards against weird startup behaviors in python. Lightweight version of PyDepGuard's coderunner.
67d ago
month-of-bypasses: Proof-of-Concepts for Detection Engineering Purposes Only
67d ago
603 loaded
MA
Malware Analysis & Reports
27d ago · 115 items
I built 99 adversarially malformed PE files to test tool robustness - here’s what happened
27d ago
ClickFix attack in the wild — fake Cloudflare CAPTCHA delivering obfuscated PowerShell dropper
28d ago
WordPress malware in official WooCommerce theme (Kiosko): hidden admin users and corrupted sitemap
28d ago
Inside the DPRK-Linked Backdoor Loitering in the VS Code Marketplace
28d ago
Fake Interview deploys stealthy cross platform (macOS/Windows) through npm package install in take home assessment
29d ago
73 Microsoft GitHub repositories impacted by Miasma malware
30d ago
Unauthorized Onlyfans Payment
30d ago
Building A Malware Lab From Scratch Part 2!
32d ago
Detecting npm Native Addon Malware: node-gyp Abuse
32d ago
Microsoft Warns of GPU Cryptojacking Campaign Spread Through AI Chatbot Links
33d ago
Extremely suspicious behaviour by memu emulator
34d ago
Malware
34d ago
🚨 PCPJack's SMTP Toolkit Dissected: 3 Deployer Generations, Multi-Arch Chisel, and a Full EHLO/STARTTLS Verification Loop
35d ago
ChatGPT Malvertising Campaign
35d ago
Recommendation
35d ago
Welp, we got a VMware antidetect ransomware/spyware/trojan before GTA 6!
35d ago
This is a scam and probably a malware/trojan. Path Of Exile 2 builder ...
36d ago
LLMShare: using shared chatbot pages to distribute malware
36d ago
How to Unpack FlawedAmmyy - Malware Unpacking Tutorial
37d ago
Building A Malware Lab From Scratch!
38d ago
I bought an old phone from 2018 and wanna destroy it with viruses for fun
38d ago
Malware escaped browser without downloading files, then escaped a virtual machine
39d ago
I’ve seen ppl get flamed online for ever thinking they’re hacked/being monitored but
40d ago
A Deeper Look at GLASSWORM's Solana Variant
41d ago
Got hit by an infostealer via Discord - Need advice on full removal - ASUS TUF A15
41d ago
Kali365 Activity Surges: Device Code Phishing Is Scaling Fast
41d ago
MCP-Powered Malware Traffic Analysis — Benchmarked Against Real Malware
42d ago
Deep structural file analysis with MITRE ATT&CK mapping, from the original ClamAV authors (clens.io)
42d ago
Not a security person... got hit by an undocumented macOS stealer campaign, reverse engineered it, and tried to take the whole operation down.
42d ago
How random program can cause most of antiviruses close himself without telling himself to close
43d ago
The War Between Wars: How an IRGC Front Runs Destructive OT and IT Attacks Under Cover of a Ceasefire
43d ago
Suspicious ass website asking to run a terminal command (MacOS)
44d ago
Harvard and 140 other legitimate websites compromised
47d ago
Browser session theft is quietly becoming more dangerous than password theft
47d ago
Megalodon Malware Compromised 5,500+ GitHub Repos Within 6 Hours
47d ago
How TeamPCP's Python Toolkit Survives a C2 Takedown: FIRESCALE, GitHub, and the Victim's Own Account
47d ago
Database of Malicious Browser Extensions
48d ago
I’ve got 99 problems, and IOCX isn’t one.
48d ago
Can't access anything
49d ago
New GMKtec M7 Ultra appears to be infected. Beware of the malware!
50d ago
vpn explained the simple version that actually makes sense
50d ago
Benchmarking LLMs for malware triage and static unpacking with Malcat
51d ago
Netmirror exposed - The Free Movie App That Was Robbing You Blind
51d ago
Malware learning
52d ago
Brovan: Binary user-mode emulator for x86_64
53d ago
Inspecting a DLL file trying to figure out if it really is malware
54d ago
npm supply chain compromise on a Next.js app — XMRig miner bundled into webpack output
54d ago
VELVET CHOLLIMA Infostealer Campaign Using Trading App as Lure
55d ago
I got a desktop notification, saying I had a security oversight. What's odd, is that the notification said Windows Security and it looked very believable...
55d ago
clens.io - new public threat & data intel service
55d ago
Granny’s Compromised Android Firmware
56d ago
[Tool] IOCX – deterministic IOC extraction engine (static‑only, PE‑aware, plugin‑extensible)
56d ago
OS scanner that checks repos for traces of the Shai Hulud worm
56d ago
Mini Shai-Hulud Supply-Chain Worm Compromises npm and PyPI Packages, Including TanStack, Mistral, Lightning, and Guardrails AI
56d ago
Steam spear phishing
57d ago
Fake linked in sponsored google search
57d ago
Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages
57d ago
New Shai-Hulud npm worm variant
57d ago
looking for "evil" Websites
58d ago
Deterministic PE Structural Validation in IOCX v0.7.3
58d ago
sl1nk link
58d ago
How to download a RAT for myself
58d ago
Wtf OPEN Ai
60d ago
JDownloader's official website delivered Python RAT
61d ago
An unknown malware threat. There is no such thing as a 100% detection.
62d ago
Most of the antivirus websites redirect to microsoft defender website. I can’t access their websites
62d ago
Getting this Trojans while open Cherax Loader: Malgent!MSR /Phonzy.A!ML
62d ago
Discord bot C2 infrastructure
63d ago
IOCX v0.7.1 — robustness update focused on malformed PEs, hostile strings, and static‑analysis hardening
64d ago
Panicking
64d ago
Supply chain attack: DAEMON Tools Lite now contains a backdoor.
64d ago
Built a PE Malware Analysis Pipeline to Learn Why Most Detection Tools Suck at Correlation
65d ago
VirusTotal has one flag for this sus site
66d ago
Anyone wanna learn the CEH or OSCP red teaming free
66d ago
Fake Tailscale site on Google Ads uses ClickFix to get you to execute malware yourself
68d ago
Minecraft Malware C2 Tracking
68d ago
Minirat malware deployed via NPM targeting macOS machines
70d ago
VECT Ransomware Is Actually a Wiper
70d ago
The Malware Factory: GLASSWORM Forensics in Open VSX
70d ago
Phishing-to-RMM Attacks: The Remote Access Blind Spot Businesses Can't Ignore
70d ago
[ Removed by Reddit ]
71d ago
Ikeja Electric Distribution Ransomware
71d ago
Recently updated a authentic minecraft mod launcher called Modrinth
71d ago
This appeared on scan today no downloads Vulnerabledriver:WinNT/Winring0
72d ago
Ransomware is getting uglier as cybercriminals fake leaks and skip encryption entirely
72d ago
New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses
73d ago
Save time and use Zig to write your Malware POC
74d ago
Cracking CastleLoader’s Inno Setup Password
74d ago
I built a C2 framework that uses Discord and Telegram for communication
74d ago
fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet.
75d ago
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
75d ago
PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs
75d ago
Budgiekit - gdi malware maker (for educational purporses only)
76d ago
19 confirmed repos tied to the same GitHub malware campaign
77d ago
IOCX v0.7.0 — deterministic heuristics + adversarial PE samples
78d ago
I built a kernel-level EDR and hit architectural walls I didn’t expect
139d ago
Update your detection rules: New remote access Trojan
140d ago
Criminals are using AI website builders to clone major brands
140d ago
Open-source Windows utility to recover files from prefix-based USB shortcut worms (Grenam/CPGE variants)
140d ago
PE Loader For Fileless Malware
141d ago
Numero Malware : A Stealthy Saboteur Targeting AI Tool Installers
141d ago
AWAKE - Android Wiki of Attacks, Knowledge & Exploits
141d ago
I built a Chrome extension that scans for malicious extensions (yes, I see the irony)
141d ago
Questions regarding malicious pdf's
143d ago
AV persistence bypass techniques
144d ago
Avalon Linux Bot Malware Analysis
145d ago
Leveling up in Windows malware research
146d ago
Emerging Ransomware: BQTLock and GREENBLOOD
147d ago
Malware Development POCs
147d ago
Suspicious code in Up-work linked repository.
147d ago
We hid backdoors in binaries — Opus 4.6 found 49% of them
148d ago
👨💻 North Korean Malware Analysis 🚨 ROKRAT KillChain 📡
149d ago
Analysis of Suspected Malware Linked to APT-Q-27 (GoldenEyeDog) Targeting Financial Institutions
149d ago
Malware analysis - Signed job search application deploys a Proxyware, ClipBanker and XMRig cryptominer
150d ago
Nyxara
153d ago
115 loaded
WE
WeLiveSecurity
27d ago · 36 items
OceanLotus: From external espionage to domestic targeting
27d ago
Unpacking SMB cyber-readiness – and what makes or breaks it
28d ago
Cybercriminals: the 'auditors' you never hired
29d ago
Lessons for life: Why children’s data is a long-term identity risk
35d ago
This month in security with Tony Anscombe – May 2026 edition
40d ago
ESET APT Activity Report Q4 2025–Q1 2026
41d ago
What to consider before asking an AI chatbot for health advice
42d ago
BTMOB: A stealthy RAT burrowing deep into Android devices
43d ago
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
47d ago
Webworm: New burrowing techniques
49d ago
The quest for greater tech independence
50d ago
Why geopolitical turmoil is a gift for scammers, and how to stay safe
54d ago
FrostyNeighbor: Fresh mischief and digital shenanigans
55d ago
Eyes wide open: How to mitigate the security and privacy risks of smart glasses
58d ago
Fake call logs, real payments: How CallPhantom tricks Android users
62d ago
Fixing the password problem is as easy as 123456
62d ago
A rigged game: ScarCruft compromises gaming platform in a supply-chain attack
64d ago
This month in security with Tony Anscombe – April 2026 edition
69d ago
The calm before the ransom: What you see is not all there is
75d ago
GopherWhisper: A burrow full of malware
76d ago
New NGate variant hides in a trojanized NFC payment app
78d ago
What the ransom note won’t say
79d ago
That data breach alert might be a trap
82d ago
Supply chain dependencies: Have you checked your blind spot?
83d ago
Recovery scammers hit you when you’re down: Here’s how to avoid a second strike
89d ago
As breakout time accelerates, prevention-first cybersecurity takes center stage
92d ago
Digital assets after death: Managing risks to your loved one’s digital estate
98d ago
This month in security with Tony Anscombe – March 2026 edition
99d ago
RSAC 2026 wrap-up – Week in security with Tony Anscombe
103d ago
A cunning predator: How Silver Fox preys on Japanese firms this tax season
103d ago
Virtual machines, virtually everywhere – and with real security gaps
105d ago
Cloud workload security: Mind the gaps
106d ago
Move fast and save things: A quick guide to recovering a hacked account
110d ago
EDR killers explained: Beyond the drivers
111d ago
Face value: What it takes to fool facial recognition
117d ago
Cyber fallout from the Iran war: What to have on your radar
118d ago
36 loaded
SM
Security | Microsoft Azure Blog | Microsoft Azure
36d ago · 6 items
Microsoft Build 2026: Building agentic apps with Microsoft Fabric and Microsoft Databases
36d ago
Microsoft Build 2026 highlights advancements in app development with Microsoft Fabric and Microsoft Databases, emphasizing a unified data and AI platform.
Azure IaaS: Defense in depth built on secure-by-design principles
65d ago
Explore how Azure IaaS uses defense in depth and secure-by-design principles to deliver layered, scalable cloud security across compute, network, and data.
Enforcing trust and transparency: Open-sourcing the Azure Integrated HSM
68d ago
Learn how Microsoft Azure Integrated HSM delivers hardware‑enforced key protection in the cloud, combining FIPS Level 3 assurances with transparency and open‑source collaboration.
Azure IaaS: Keep critical applications running with built-in resiliency at scale
98d ago
Learn how Azure IaaS helps organizations start from a resilient platform foundation with availability, continuity, and recovery capabilities.
Azure IaaS: Explore new resources for building a stronger, more efficient infrastructure
126d ago
Learn how Azure IaaS helps you modernize infrastructure, improve performance and resilience, optimize costs, and prepare for AI workloads. Read more.
Azure reliability, resiliency, and recoverability: Build continuity by design
141d ago
Learn how Azure reliability, resiliency, and recovery capabilities work together to improve cloud continuity. Read more.
SK
STÖK
45d ago · 15 items
☔️🌅
45d ago
Life in the Nordics 🌲 | Foraging Blueberries, Mushrooms & Nosework Training with Our Dogs
318d ago
Winter vanlife = good times
920d ago
What an experience! Getting a Christmas tree from our own piece of land. #movingupnorth!
926d ago
Had to much GLÖGG and lost my camera during - 13371122 - Intigriti + Visma
933d ago
IS THIS THE END?
993d ago
Escaping the grind and decompiling python 3.9 pyc files to find vulnerabilites
1147d ago
How to turn bugs into a "passive" income stream! ft Detectify's Almroot
1388d ago
HOW DID THIS HAPPEN!? (13370822 LHE VLOG)
1401d ago
Q: How to write a BUG BOUNTY report that actually gets paid?
1518d ago
facts: Bug Bounty hunters has made ridiculous amounts of $$ from known DNS techniques..
1532d ago
Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!)
1546d ago
Q: HOW do you get started in bug bounty?? How do you build your automation?!
1560d ago
Q: PENTEST VS BUGBOUNTY? (Bounty Thursday's - ON AIR)
1574d ago
BOUNTY THURSDAYS - LIVE #2 (NEWS/TOOLS and Community Questions with Jason Haddix)
1588d ago
15 loaded
ZU
ZDI: Upcoming Advisories
69d ago · 1 items
DE
DEFCONConference
70d ago · 15 items
DEF CON 34 - DEF CON Policy Announcement - Katie Noble, Heather West
70d ago
DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
139d ago
DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek Tóth
139d ago
DEF CON 33 - Can't Stop the ROP: Automating Universal ASLR Bypasses - Bramwell Brizendine
139d ago
DEF CON 33 Recon Village - How to Become One of Them: Deep Cover Ops - Sean Jones, Kaloyan Ivanov
189d ago
DEF CON 33 Recon Village - Inside the Shadows Tracking RaaS Groups, Cyber Threats - John Dilgen
189d ago
DEF CON 33 Recon Village - Autonomous Video Hunter AI Agents for Real Time OSINT - Kevin Dela Rosa
189d ago
DEF CON 33 Recon Village - A Playbook for Integration Servers - Ryan Bonner, Guðmundur Karlsson
189d ago
DEF CON 33 Recon Village - Mapping the Shadow War From Estonia to Ukraine - Evgueni Erchov
189d ago
DEF CON 33 Recon Village - Building Local Knowledge Graphs for OSINT - Donald Pellegrino
189d ago
DEF CON 33 Recon Village - OSINT & Modern Recon Uncover Global VPN Infrastructure - Vladimir Tokarev
189d ago
DEF CON 33 Recon Village - Pretty Good Pivot - Simwindie
189d ago
DEF CON 33 Recon Village - enumeraite: AI Assisted Web Attack Surface Enumeration - Özgün Kültekin
189d ago
DEF CON 33 Recon Village - OSINT Signals Pop Quiz - Master Chen
189d ago
DEF CON 33 Recon Village - Investigating Foreign Tech from Online Retailers - Michael Portera
189d ago
15 loaded
CC
CISA Cybersecurity Advisories
78d ago · 2 items
Defending Against China-Nexus Covert Networks of Compromised Devices
78d ago
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
93d ago
U.S. organizations should review the TTPs and IOCs in this advisory for indications of current or historical activity on their networks, and apply the
BA
Blog Articles - Identity Insights | Trulioo
82d ago · 13 items
Business Fraud at Network Scale: What the $3.5B Medicare Hospice Crisis Reveals About Know Your Business
82d ago
What is Customer Due Diligence (CDD)
106d ago
Why Legacy Identity Verification Can’t Stop AI-Enabled Fraud
109d ago
AML, KYC and Identity Verification in Australia
118d ago
When Fraud Becomes Background Noise: The Industrialization of Digital Deception
184d ago
The Efficiency Era of KYC: Reverification and Reusable Identity Take Center Stage
184d ago
The End of Static KYB: Business Identity in Constant Motion
184d ago
Know Your Agent: The Next Chapter in Digital Trust
184d ago
When Rules Move Faster Than Readiness: Regulatory Adaptability as a Competitive Advantage
184d ago
Digital Identity Trends 2026: AI Fraud, Compliance, and Orchestration
203d ago
The World’s Identity Platform
1254d ago
KYC: 3 Steps to Achieving Know Your Customer Compliance
1525d ago
AML Compliance Checklist: Best Practices for Anti-Money Laundering
1540d ago
13 loaded
II
InfoSec Insights
119d ago · 1 items
FP
Fraud Prevention Archives - Alloy Silverstein
125d ago · 10 items
AI in Tax Season: Risks, Scams, and How to Protect Your Data
125d ago
Tax Season Scams to Watch For This Year
132d ago
Beware of Misleading Tax Advice on Social Media
300d ago
Each year the IRS educates taxpayers on the most trending fraud schemes that could deceive individuals and businesses during tax season. In late 2024, The IRS took to warning the public against misleading “tips” or...
Scammers Up Their Game With AI
301d ago
Learn how to spot the threats and protect yourself from scammers using AI for phishing and deepfakes with smart security practices.
The Essential Guide to Safeguarding Your Online Passwords
379d ago
Protect your personal and business data with strong passwords, two-factor authentication, and smart cybersecurity practices.
Beware: Tax Season is Scam Season
490d ago
Tax season is also prime time for tax scams. To safeguard your personal information, consider these key points: Communication methods The IRS initiates contact primarily through mail, not email or phone calls. Be cautious of...
Stop Scams: Fraud Prevention Starts with Your Employees
503d ago
You can be as proactive and protective as possible when it comes to cyber security for your business, but there’s one vulnerability you cannot eliminate: human error. In fact, statistics estimate that as much as...
‘Tis the Season for Holiday Shopping Scams
576d ago
The holidays are typically the time of year for gifting presents to friends and family or donations to charity. Unfortunately, not-so-jolly fraudsters take advantage of this generosity. Protect yourself by watching for these common scams:.....
IRS Issues “Dirty Dozen” Fraud Warnings
761d ago
Each year, the IRS releases a “Dirty Dozen” series to highlight the most common fraud schemes taxpayers should be aware of.
IRS Identity Theft Season Begins Now
890d ago
Each year thieves try to steal billions in federal withholdings by stealing your identity. As the IRS focuses more attention on this quickly growing problem, now is the time of year to be extra vigilant....
LI
LiveOverflow
125d ago · 15 items
Security-driven Rapid Release - Pwn2Own Documentary (Part 4)
125d ago
Firefox JIT Bug - Pwn2Own Documentary (Part 3)
128d ago
The First Exploit - Pwn2Own Documentary (Part 2)
132d ago
The World's Hardest Hacking Competition - Pwn2Own Documentary (Part 1)
135d ago
From Zero to Zero Day (and beyond) - Life of a Hacker: Jonathan Jacobi
455d ago
The German Hacking Championship
481d ago
Do you know this common Go vulnerability?
495d ago
Google's Mobile VRP Behind the Scenes with Kristoffer Blasiak (Hextree Podcast Ep.1)
630d ago
My theory on how the webp 0day was discovered #short
646d ago
My theory on how the webp 0day was discovered (BLASTPASS)
647d ago
Learn Android Hacking! - University Nevada, Las Vegas (2024)
673d ago
My Trip to Las Vegas for DEFCON & Black Hat
687d ago
Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
898d ago
A Vulnerability to Hack The World - CVE-2023-4863
930d ago
Reinventing Web Security
960d ago
15 loaded
HA
HackerSploit
455d ago · 15 items
How FIN6 Exfiltrates Files Over FTP
455d ago
Emulating FIN6 - Active Directory Enumeration Made EASY
506d ago
The SECRET to Embedding Metasploit Payloads in VBA Macros
511d ago
Offensive VBA 0x4 - Reverse Shell Macro with Powercat
519d ago
Offensive VBA 0x3 - Developing PowerShell Droppers
525d ago
Offensive VBA 0x2 - Program & Command Execution
530d ago
Offensive VBA 0x1 - Your First Macro
532d ago
Emulating FIN6 - Gaining Initial Access (Office Word Macro)
537d ago
FIN6 Adversary Emulation Plan (TTPs & Tooling)
541d ago
Developing An Adversary Emulation Plan
541d ago
Introduction To Advanced Persistent Threats (APTs)
545d ago
Introduction To Adversary Emulation
567d ago
Mastering Persistence: Using an Apache2 Rootkit for Stealth and Defense Evasion
576d ago
Planning Red Team Operations | Scope, ROE & Reporting
716d ago
Mapping APT TTPs With MITRE ATT&CK Navigator
720d ago
15 loaded
TH
Threatpost
1407d ago · 10 items
Student Loan Breach Exposes 2.5M Records
1407d ago
2.5 million people were affected, in a breach that could spell more trouble down the line.
Watering Hole Attacks Push ScanBox Keylogger
1408d ago
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
1409d ago
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Ransomware Attacks are on the Rise
1412d ago
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Cybercriminals Are Selling Access to Chinese Surveillance Cameras
1412d ago
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Twitter Whistleblower Complaint: The TL;DR Version
1414d ago
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
Firewall Bug Under Active Attack Triggers CISA Warning
1415d ago
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
Fake Reservation Links Prey on Weary Travelers
1416d ago
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
iPhone Users Urged to Update to Patch 2 Zero-Days
1419d ago
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
Google Patches Chrome’s Fifth Zero-Day of the Year
1420d ago
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
No matching sources found.