Whats The Hax?

Browsers making connection on port 3389 from loopback 1h ago Defender Flagged DigiCert Root Certs as Malware 1h ago Another breach just hit Canvas (Instructure), and this one is worth a closer look. 1h ago Over 40% of UK firms suffered cyber attack last year, survey finds 2h ago EU should seek access to Anthropic's Mythos, Bundesbank says 2h ago Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha 2h ago IBM subsidiary managing Italy's PA infrastructure breached and attackers were inside for 2 weeks 3h ago Prerequisites for CARTP 3h ago [ Removed by Reddit ] 4h ago Career Transition Help 6h ago Feeling lost and disappointed about finding a job just venting 9h ago Slow at Learning/Cyber Security? 9h ago Suspicious traffic from web server 10h ago Mentorship Monday - Post All Career, Education and Job questions here! 11h ago Copy Fail Linux Kernel Vulnerability Now Patched in Debian, Ubuntu, and Others 13h ago Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks 13h ago Prompt Injection in 2026: The Five Attack Patterns That Actually Matter 13h ago What’s the hardest thing to learn in cybersecurity? 15h ago WhatsApp malware campaign delivers VBScript and MSI backdoors | Microsoft Security Blog 16h ago What are like the top but unknown Cybersecurity firms? 16h ago

VanGuard — open-source single-binary DFIR toolkit (Velociraptor, Hayabusa, Chainsaw, Loki, YARA) with TUI, air-gap support, and 28 pre-built use cases 1h ago CVE-2026-31431：我用 DeepSeek 复现了 AI 发现Copy Fail 提权的全过程 - CVE-2026-31431: I used DeepSeek to reproduce the entire process of AI detecting Copy Fail privilege escalation. 2h ago 《APT高级威胁研究报告》（2026 版）- Advanced Threat Research Report (2026 Edition) 2h ago nginxpulse: 轻量级 Nginx 访问日志分析与可视化面板，提供实时统计、PV 过滤、IP 归属地与客户端解析。- A lightweight Nginx access log analysis and visualization dashboard, providing real-time statistics, PV filtering, IP geolocation, and client resolution. 3h ago 蔓灵花组织使用NUITKA打包的python样本进行投递 - The Manlinghua organization used Python samples packaged in NUITKA for delivery. 3h ago gdrv3.sys - Reverse Engineering a Signed Kernel Driver with 13 Hardware Access Primitives 3h ago Added new vulnerable samples for IoBitUnlocker, Zemana and TfSysMon 5h ago AMSI Page Guard Bypass (Rust PoC) 5h ago Meet Bluekit: The AI-Powered All-in-One Phishing Kit 5h ago Malicious Ruby Gems and Go Modules Impersonate Developer Tools to Steal Secrets and Poison CI 5h ago A hacker group was detained in Lviv Oblast, which hacked game accounts and received almost UAH 10 million in profit from their sale in Russia 5h ago IRQL - Incident Response Query Language - A collection of Kusto (KQL) functions that unify security logs behind a consistent, analyst-friendly dialect 5h ago Nuclei template CVE-2026-41940.yaml - cPanel & WHM - Authentication Bypass via Session-File CRLF Injection 5h ago ARP Around and Find Out: Hijacking GPO UNC Paths for Code Execution… 5h ago Inside Shadow-Earth-053: A China-Aligned Cyberespionage Campaign Against Government and Defense Sectors in Asia 5h ago [2603.28728] Study of Post Quantum status of Widely Used Protocols 5h ago Malicious Intercom PHP Package Spreads Mini Shai-Hulud Attack to Packagist via Composer Plugin 5h ago Possible supply chain attack on version 2.6.3 · Issue #21689 · Lightning-AI/pytorch-lightning 5h ago code-needle: A VS Code plugin to execute arbitrary JavaScript code at runtime over a local HTTP endpoint. 6h ago Secure Boot Inventory Data In Configuration Manager 6h ago

/r/ReverseEngineering's Weekly Questions Thread 4h ago GitHub - 03DSmoothie/minecraft-cpp-versions: Minecraft recoded in C++ (multiple versions) 12h ago Automated RASP Bypass with Frida + AI Agent | nutcracker & aipwn demo 19h ago Please critique my reverse engineering ctf platform. It is meant for beginners but I would like input from serious reverse engineers. It is functionally done but I need criticism for further refinements, thank you! 22h ago "AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts 1d ago How to build .NET obfuscator - Part II 1d ago libghidra - SDK for automating Ghidra from Python, Rust, and C++ 1d ago Release: Open-source CAN bus reverse engineering suite tailored for offline ML signal decoding, MitM injection, and UDS analysis. 1d ago Why my macOS Messages badge lied to me (and the one-line fix) 2d ago Running Adobe’s 1991 PostScript Interpreter in the Browser 2d ago Hello! Here is my Oura Ring 4 pure Python driver! Let me know what you think :) 2d ago /r/ReverseEngineering's Triannual Hiring Thread 3d ago In-circuit NAND acquisition for edge devices (Raspberry Pi GPIO, no chip-off) 3d ago Revealing NVIDIA Closed-Source Driver Command Streams for CPU-GPU Runtime Behavior Insight 3d ago HexDig 1.0.0 a lightweight binwalk alternative working both on Windows and Linux, written in C++, give it a try! 4d ago GitHub - iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail: Rust implementation Exploit/PoC of CVE-2026-31431-Linux-Copy-Fail, allow executing customized shellcode (such as Meterpreter). 4d ago I built a free open-source CAN bus reverse engineering workstation in Python — 15 tabs, offline ML, dual AI engines, MitM gateway 4d ago Building a perfect clone of 1993 game SimTower (via RE) 5d ago How I reverse-engineered a SQLite WAL database inside a VS Code extension - custom merge engine, header byte patching, and protobuf decoding without a schema 5d ago AI solved our CTF in 6min 5d ago

Any good open sources that bypass modern heuristic analysis? 5h ago Free apex hacks? 5h ago [SHOWCASE] Cascavel v3 8h ago Can HTTP POST bodies be intercepted without network or host access? 16h ago built a PE packer where every packed file has a different instruction set – custom VM with randomized opcodes, single C++ file (Want suggestions for future updates past v4) 23h ago Dump sql time based is too slow 23h ago North Korea rejects US cybercrime claims as 'absurd slander' 1d ago is credential stuffing using openbullet2 dead in 2026? 1d ago Hacking Wired Analog CCTV cameras going to a DVR (BNC and Coax) 1d ago Adobe-Clawback — bulk-download every PDF from your Adobe Creative Cloud account (Python, resumable, MIT) 1d ago Small models are better at cost-to-recall than large models like Mythos for vulnerability research 2d ago Bluetooth Spoofed Disconnect? 2d ago wM-Buster - Flipper Zero app to analyze smart meters for gas, electricity, water. ... 3d ago 🚀🔥 Evil-Cardputer v1.5.3 - TagTinker ESL 🔥🚀 3d ago I made a lightweight breach intelligence search engine (fully client-side) looking for feedback 3d ago Bringing back the 80s terminal aesthetic: GLYPHIS_IO BBS, a cyberpunk hacking sim set in alternate 1989 Japan... 3d ago Copy Fail — 732 Bytes to Root 4d ago GitHub fixes RCE flaw that gave access to millions of private repos 4d ago How to download Kaggle dataset safely...? 5d ago VECT Ransomware Is Actually a Wiper 5d ago

"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts 6h ago Acoustic Keystroke Recovery - Reconstructing Typed Text from a Laptop Microphone (Full Guide, 85% success rate) 22h ago How to exfiltrate data using only numeric outputs 1d ago For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall. 2d ago Every incident public companies have disclosed to the SEC, in one searchable database 2d ago r/netsec monthly discussion & tool thread 2d ago Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster 3d ago Seventeen vulnerabilities in Omi, fourteen days of silence 3d ago High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940) 4d ago Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root 4d ago The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs 4d ago The Thymeleaf Template Injection That Only Hurts If You Let It 4d ago Set up automated dependency scanning after the recent npm/PyPI supply chain attacks 4d ago A Route to Root in a 4G Industrial Router 5d ago [Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses) 5d ago The Bot Left a Fingerprint: Detecting and Attributing LLM-Generated Passwords 5d ago 89 vulnerabilities in XAPI / Citrix XenServer 6d ago [ Removed by Reddit ] 6d ago Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025) 6d ago Why a Decade of Writing Detection Logic Makes the Mythos Exploit Numbers Less Scary 6d ago

VirusTotal has one flag for this sus site 19h ago Anyone wanna learn the CEH or OSCP red teaming free 1d ago Fake Tailscale site on Google Ads uses ClickFix to get you to execute malware yourself 2d ago Minecraft Malware C2 Tracking 2d ago Minirat malware deployed via NPM targeting macOS machines 4d ago VECT Ransomware Is Actually a Wiper 5d ago The Malware Factory: GLASSWORM Forensics in Open VSX 5d ago Phishing-to-RMM Attacks: The Remote Access Blind Spot Businesses Can't Ignore 5d ago [ Removed by Reddit ] 5d ago Ikeja Electric Distribution Ransomware 5d ago Recently updated a authentic minecraft mod launcher called Modrinth 6d ago This appeared on scan today no downloads Vulnerabledriver:WinNT/Winring0 6d ago Ransomware is getting uglier as cybercriminals fake leaks and skip encryption entirely 6d ago New Lazarus APT Campaign: “Mach-O Man” macOS Malware Kit Hits Businesses 8d ago Save time and use Zig to write your Malware POC 9d ago Cracking CastleLoader’s Inno Setup Password 9d ago I built a C2 framework that uses Discord and Telegram for communication 9d ago fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet. 10d ago Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet 10d ago PSA: awstore.cloud is a MALICIOUS fake Claude API provider - warn your fellow devs 10d ago