A roundup of 189 items curated from across the security community.
News
- Claude Mythos Has Found 271 Zero-Days in Firefox by Bruce Schneier.
271 Firefox bugs found by Claude Mythos in collaboration with Mozilla. Schneier breaks down the disclosure and what it means for browser security at scale.
Defender for Endpoint adds a public preview to restrict live response actions on high-value assets. The control SOC analysts running scripts as SYSTEM on tier 0 boxes have been asking for.
Bitwarden CLI was published as a malicious npm package after a compromise in the Checkmarx Trusted Publishing pipeline. Socket walks through the attack chain and the affected versions.
Microsoft now ships AAD Graph activity logs through Azure Monitor. Defenders finally get the table they have been waiting on for hunting credential abuse against Entra.
UK AISI evaluation of GPT-5.5 cyber capabilities. The model completed an end-to-end exploitation chain that AISI estimates would take a human expert ~20 hours.
Microsoft Defender flagged DigiCert AuthRoot registry entries and removed them on a chunk of endpoints. Looks like a detection mistake rather than a trust-store response, but worth knowing if you saw the alerts.
- Canvas breach disrupts schools and colleges nationwide by BrianKrebs.
Ongoing data extortion attack against the Canvas LMS disrupted classes at thousands of US school districts and universities. Attackers defaced the login page with a ransom demand threatening to leak data on 275 million students and faculty across nearly 9,000 institutions.
- OpenAI launches GPT-5.5 Cyber for defensive workflows by Dave Aitel.
OpenAI ships GPT-5.5 with Trusted Access for Cyber, plus a Limited Preview of GPT-5.5-Cyber. Targeted at secure code review, vulnerability triage, detection engineering, malware analysis, and patch validation.
Universal Linux LPE chaining xfrm-ESP and rxrpc bugs. No race, no panic on failure, deterministic. Even with the copy.fail mitigation applied, every major distro is still vulnerable.
- DigiCert breach traced to malicious screensaver in a support chat by Dominic Chell.
A DigiCert support analyst opened a .scr file from a customer chat. EDR blocked four infection attempts; the fifth got through. Over the next 11 days the attacker pulled 27 valid code-signing certificates from DigiCert’s internal portal before an outside researcher tipped DigiCert off.
Chrome silently installs a 4 GB Gemini Nano model file on user devices, no consent prompt, and re-downloads it if you delete it. Turns out the binary is a 6.3B INT4 build of Gemma 3 Nano with FP16 scales.
Taszk Security Labs releases TAPOcalypse: exploiting TP-Link smart devices via LAN, browser, and the cloud account. Vendor fixed some, the rest stand at embargo expiry.
LAB52 publishes a 142-page open-access report on EasterBunny, advanced espionage artifacts attributed to APT29. Plenty for IR teams to feed into hunts.
SLCyber’s research team disclosed a vulnerability that leaked PII and emails stored inside Salesforce Marketing Cloud instances, for any customer, with no authentication required. Writeup includes the disclosure timeline.
More this week (9)
- Anti-DDoS Firm Heaped Attacks on Brazilian ISPs by BrianKrebs.
- DarkSword Malware by Bruce Schneier.
- What Anthropic’s Mythos Means for the Future of Cybersecurity by Bruce Schneier.
- Medieval Encrypted Letter Decoded by Bruce Schneier.
- RT Logan D: Tired of EDR? From Joe Trudeau on the Depth Security team, and now public after numerous field-tested, successful engagements, introducing… by Dave Cossa.
- RT Socket: Update: Socket confirmed the Intercom compromise began with a local install of pyannote-audio, which pulled in compromised PyPI lightning a… by Giuseppe
N3mes1s. - Affiliate of #Conti / #Tommyleaks / #Akira #Ransomware sentenced to Prison by SwitHak ().
- RT blasty: to celebrate the release of Copy Fail and the professional way the embargo and disclosure was handled by all involved parties i have sacrif… by Alex Plaskett.
- RT Alex Neff: Targeted Keberoasting with NetExec If you have Write privileges over a user, you can temporarily add an SPN to your target user, req… by Will Schroeder.
Techniques and Write-ups
Cisco Talos starts collecting phone numbers found in scam emails as IOCs and reports on cluster reuse patterns across campaigns.
- Rowhammer Attack Against NVIDIA Chips by Bruce Schneier.
New Rowhammer attack against NVIDIA Ampere GPUs. GDDR bitflips give adversaries full control of CPU memory; the boundary GPUs were thought to provide turns out to be permeable.
- CVE-2026-33824: Remote Code Execution in Windows IKEv2 by TrendAI Research Team.
TrendAI Research details a wormable double-free in the Windows IKE service. Recently patched. Reachable on internet-facing IPsec VPN endpoints.
Calif team’s writeup of a QEMU and UTM virtual machine escape, with PoCs.
Calif team’s writeup of an RCE in the Ladybird browser, with PoC. Part of the MAD Bugs series.
- Palo Alto CVE-2026-0300: PAN-OS captive portal exploited in the wild by AndrewMohawk⁽ⁿᵘˡˡ⁾.
Buffer overflow in PAN-OS captive portal (CVE-2026-0300) actively exploited. Unauthenticated attackers hit the User-ID Authentication Portal with crafted packets. CVSS 9.3.
Synacktiv kicks off a series on bypassing the CVE-2025-33073 mitigations to pop SYSTEM shells via authentication reflection. Part one is up.
Four-part deep dive into Windows’ AFD.sys, the kernel-side backbone of socket I/O. Covers undocumented interfaces, the TCP handshake, sending and receiving packets.
REST then WebSocket then SSH then MsgPack RPC. SpecterOps takes apart VS Code Dev Tunnels and finds a C2 framework underneath, with remote exec and file ops on top.
Auth bypass in cPanel/WHM tracked as CVE-2026-41940, full writeup from watchTowr. Also: high-fidelity scanner from assetnote.
Synacktiv’s writeup of an over-the-air Philips Hue Bridge compromise via a Zigbee bug, demoed at Pwn2Own Cork 2025.
OpenAI on the origin and shape of jailbreak attacks against frontier models. Useful framing if you are building or defending agentic systems.
CVE-2026-34621 was uploaded to VirusTotal months before Adobe assigned a CVE. NefariousPlan walks through the disclosure-timeline gap and what it means for defenders relying on VT as an early-warning signal.
winterknife updates KernelToUserInjector to dodge ALLOCVM, WRITEVM, PROTECTVM, and QUEUEUSERAPC ETW threat-intelligence sensors, with sample EtwTi logs in the repo.
Origin on Codex on the Wire: agent features become tradecraft when they ship documented IPC for remote sessions. One bind flag turns a compromised endpoint into a remotely controlled agent.
Novel post-exploitation via WinGet’s COM API, executing through Microsoft-signed binaries. Also: Octoberfest7’s BOF POC.
Yarden Shafir on KDP pool, the Windows kernel feature replacing the secure pool. Quick read on how it works and what the migration looks like.
TrustedSec on hijacking trusted Group Policy UNC paths for code execution and NTLM relay, no rogue GPO infrastructure or SYSVOL modifications required.
TrustedSec walks the full Kerberos authentication flow and shows how to drive every stage of it with the Titanis toolset.
Kaspersky disclosed a DAEMON Tools supply chain compromise active since April 8, with thousands of infections across 100+ countries. Nextron contributed Sigma rules covering DNS lookups to the typosquatted C2, execution of trojanized binaries, and stage-drop activity.
- Two command injections in Windows context menus by Remi GASCOU.
SpecterOps finds two command injection bugs in the Windows Explorer “Open PowerShell window here” context menu. A folder name like
folder; calctriggers arbitrary PowerShell when the user shift-right-clicks.
Tim Becker writes up the heap-grooming technique behind a character-constrained overflow in MariaDB’s JSON_SCHEMA_VALID, turned into full RCE. Discovered by Xint Code and disclosed at ZeroDay Cloud.
Most MCP servers ship with a wide-open OAuth registration endpoint. One curl command is enough to land an account takeover. Timely if you have AI agents wired into LAN-side MCP servers.
A tour through EDR internals and the bypass primitives that fall out of them. The author flags it as their last blog post on the topic.
SpecterOps on what red team actually means once you strip out the vendor-speak. The right question is whether you would detect an attacker already inside.
AI is shifting the economics of probing the defensive stack itself. TrustedSec walks through how the tools defenders depend on are quietly becoming part of the attack surface.
Huntress on dMSA Ouroboros: six commands of self-sustaining credential extraction on patched Server 2025. Survives deletion of the original attacker account.
Trail of Bits cryptanalyzes Google’s zero-knowledge proof of quantum cryptanalysis and finds a way to forge it. Worth reading whether or not you follow PQC arguments.
Trivially exploitable Linux LPE in coreutils, reachable on every major distro from the last nine years. Also: meta site, retr0 explainer, Go port from Bad Sector Labs, Ubuntu Rust coreutils race conditions.
A 21-year-old PHP unserialize use-after-free that survived two decades of audit. The Calif team welcomes Stefan Esser back with a fresh writeup.
More this week (117)
- UAT-8302 and its box full of malware by Jungsoo An.
- CloudZ RAT potentially steals OTP messages using Pheno plugin by Alex Karkins.
- AI-powered honeypots: Turning the tables on malicious AI agents by Martin Lee.
- UAT-4356’s Targeting of Cisco Firepower Devices by Cisco Talos.
- Hacking Polymarket by Bruce Schneier.
- Fast16 Malware by Bruce Schneier.
- Identity APM Has Gone Mainstream. The Hard Work Is Just Starting. by Jared Atkinson.
- C/C++ checklist challenges, solved.
- Extending Ruzzy with LibAFL.
- RT HyperDbg: Major milestone forward for HyperDbg supporting #Linux. We’ve made a major progress on porting HyperDbg to Linux (still a long road ahead… by Björn Ruytenberg.
- RT Francisco Falcon: A rogue DHCP server can inject arbitrary dhclient.conf directives via malicious DHCP options and get RCE as root in systems runni… by Axel Souchet.
- RT freefirex: I don’t know where this idea that you can’t call CRT functions in bof’s started coming from but it’s just another function, you don’t ne… by Bobby Cooke.
- RT HN Security: To kick off his collaboration with @PortSwigger as a Burp Suite Ambassador, our Research Lead @apps3c just published the 10th article … by raptor.
- Neat by AndrewMohawk⁽ⁿᵘˡˡ⁾.
- RT solst/ICE of Astarte: ACAB includes DNSSEC by AndrewMohawk⁽ⁿᵘˡˡ⁾.
- RT Medbdy(): A breakdown of what happened and how @grok got tricked to send debtreliefbot:native tokens 1-Preparation NFT gift unlocks tools The a… by AndrewMohawk⁽ⁿᵘˡˡ⁾.
- RT 1377 High-yield Nukes: A v8 dcheck == $500, I would start searching for how to find XSS & CSRF bugs right now. by AndrewMohawk⁽ⁿᵘˡˡ⁾.
- NEW BHIS | Blog Have you ever wanted an easy match/replace extension for Burp Suite? Check out the new tool, Swapper, available through the @PortS… by Black Hills Information Security.
- “What would happen if we replaced PAM with a malicious version? In theory, because PAM receives clear text credentials during authentication, we could… by Black Hills Information Security.
- RT Panos Gkatziroulis : For Purple Teams, SOC analysts, and detection engineers seeking detection guidance on the SharpHound collector, I’ve publ… by Black Hills Information Security.
- NEW BHIS | Blog Which Active Directory enumeration tools look suspicious, and which are trusted by Microsoft? A Practical Guide to BloodHound Data… by Black Hills Information Security.
- “The databases have since been secured, but the incident highlights a critical issue for businesses that think AI chatbots are a silver bullet or a tu… by Black Hills Information Security.
- RT Ken Gannon (伊藤 剣): YayPart3OfAPromonShieldBypassYay https://djini.ai/a-look-at-a-promon-shield-bypass-part-3/ by Dimitri Os.
- RT DirectoryRanger: M365Pwned. Red Team tooling for Microsoft 365 exploitation via Microsoft Graph API, by @OtterHacker https://github.com/OtterHacker… by DebugPrivilege.
- PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale https://www.sentinelone.com/labs/cloud-worm-evicts-teampcp-and-steals-credentials-… by Nicolas Krassas.
- Fake Claude AI website delivers new ‘Beagle’ Windows malware https://www.bleepingcomputer.com/news/security/fake-claude-ai-website-delivers-new-beagle… by Nicolas Krassas.
- Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion https://www.securityweek.com/claude-ai-guided-hackers-toward-ot-assets-during… by Nicolas Krassas.
- pyghidra-mcp Meets Ghidra GUI: Drive Project-Wide RE with Local AI https://clearbluejar.github.io/posts/pyghidra-mcp-meets-ghidra-gui-drive-project-wi… by Nicolas Krassas.
- RT striga: For a Fistful of Dollars: Less than $100 of Compute Surfaces Pre-auth RCE in Apache httpd Write-up: https://www.striga.ai/research/apache-h… by Nicolas Krassas.
- http://SQLRecon.Microsoft SQL Server toolkit that is designed for offensive reconnaissance and post-exploitation. https://github.com/skahwah/SQLRecon by DirectoryRanger.
- Abusing delegation with Impacket https://hunio.org/posts/security/abusing-delegation-with-impacket/ by DirectoryRanger.
- Get-SPNPrivilegedUsers. PowerShell security auditing tool that identifies AD users with SPNs who are members of high-privilege groups. Optionally perf… by DirectoryRanger.
- Yamato Security’s Windows Event Log Configuration Guide For DFIR And Threat Hunting https://github.com/Yamato-Security/EnableWindowsLogSettings by DirectoryRanger.
- RT Ru Campbell: Updated and improved: Defender for Endpoint feature and capability comparison by OS GET IT: https://campbell.scot/updated-may-2026-mde… by DirectoryRanger.
- RT Panos Gkatziroulis : morphkatz - Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different var… by DirectoryRanger.
- RT Co11ateral: During pentests we often have to deal with tasks that can be automated. Some of the best tools for this are ADScan and ADPulse. ADScan … by DirectoryRanger.
- RT quarkslab: Do you know how Entra ID applications work? What about the security mess they can bring and what they can quietly break? New blog post o… by DirectoryRanger.
- Golang intentionally introduced randomness into map iterations and the keying of maps. This articles discusses why, how, and the consequences of doing… by Maxwell ꓘ Dulin (Strikeout).
- RT Felix Wilhelm: Max (@Dooflin5) is one of the best in the game at breaking cross-chain bridges. Check out his latest post on an interesting Across b… by Maxwell ꓘ Dulin (Strikeout).
- RT Pavel Yosifovich: New video: creating COM objects with the class moniker. Most of you know CoCreateInstance. Here is another way: class moniker. I … by Dave Cossa.
- RT Binary Defense: Trusted processes are doing the work. That’s the problem. Phantom Stealer blends into normal system behavior, abusing Microsoft-si… by Dave Kennedy.
- RT BeyondTrust Phantom Labs™: New research! Security Researcher, Sergio Garcia (@MrCloudSec) uncovers a major risk in AWS Bedrock API keys: the “pha… by Ryan.
- RT s1r1us (mohan): when react2shell hit last year, i think vercel handled it brilliantly. to protect their users, they paid $50,000 for every bypass r… by LiveOverflow.
- RT MagicSword: Komari just landed in LOLRMM and this one’s different. Komari doesn’t need to be abused to function as a C2. The control channel ships … by The Haag™.
- RT Kostas: RMM hunting is one of those areas where defenders get stuck because the answer is rarely “just block it.” On a day-to-day basis, from the… by The Haag™.
- RT Red Canary, a Zscaler company: Stop wrestling with complex tool syntax. By leveraging MCP for Atomic Red Team, Hare shows off a “fuzzy API” … by The Haag™.
- RT MagicSword: Another LOLRMM in the bucket - this time, renamed, delivered via phishing, and signed with a legitimate cert. Lunixar RMM. Disguised as… by The Haag™.
- RT Adnan Khan: The activity log by on https://github.com/intercom/intercom-node/activity is brutal. 1. Backdoor shipped to NPM via OIDC (done automati… by Giuseppe
N3mes1s. - RT Zellic: The core utilities that run every Linux system have been rewritten in Rust. We audited them. Before shipping uutils coreutils with Ubuntu 2… by Giuseppe
N3mes1s. - RT Shielder: Can a hostile container sneak past your eBPF tracing? Sometimes, yes. With @OSTIFofficial & @CloudNativeFdn we audited Inspektor Gadget -… by Giuseppe
N3mes1s. - RT JulietSecurity: we tested CVE-2026-31431 (“Copy Fail”) on real Kubernetes clusters. PSS Restricted didn’t block it. RuntimeDefault didn’t block it…. by Giuseppe
N3mes1s. - RT grsecurity: Creating a separate post so more people see this: the mitigation recommended by http://Theori.io for http://copy.fail WILL NOT WORK f… by Giuseppe
N3mes1s. - RT DbgMan ^_^: DrvEye automates kernel driver analysis to uncover IOCTL paths , symbolic, dangerous primitives, and exploitable code paths, then gener… by Giuseppe
N3mes1s. - This is some really nice work. A deep dive into what legitimate Windows network traffic looks like and how Impacket differs. Lots of goodness for both… by Octoberfest7.
- PrestaShop version fingerprinting checking core modules versions. https://labs.itresit.es/2026/04/29/prestashop-the-art-of-core-module-fingerprinting/ by Peter Gabaldon.
- RT James Kettle: We’ve launched a new @WebSecAcademy topic on exploiting AI-powered security scanners! Learn how to use indirect prompt injection to s… by PortSwigger Research.
- RT DirectoryRanger: Securing Entra ID Administration: Tier 0, by @PyroTek3 https://trustedsec.com/blog/securing-entra-id-administration-tier-0 by Sean Metcalf.
- RT 0x12 Dark Development: Overwriting Process Creation Kernel Callbacks New Medium post: after identifying security drivers (EDRs/AV) monitoring the s… by Silky.
- good to see EXISTING Elastic generic privesc behavior detection/protection triggering on the RedSun LPE exploit with no prior knowledge of the vuln-de… by Samir.
- RT Ruben Groenewoud: Looking for Linux detection for Copy Fail (CVE-2026-31431) + similar SUID privesc flows? This rule focuses on the underlying abus… by Samir.
- ++ Existing Elastic SIEM rules that looks exactly for RMM behavior drift vs just RMM existence (I may blog some other tricks to spot susp RMM use … by Samir.
- https://www.npmjs.com/package/@cap-js/postgres/v/2.2.2?activeTab=code (hit and run) https://github.com/elastic/detection-rules/blob/bf40d2108b41902b33… by Samir.
- RT Mika Ayenson: One YAML change can exfiltrate every secret in your CI run. Here’s an pen-sourced CI/CD Abuse Detector prototype - flags m… by Samir.
- RT MSec Operations: Our first Blog post is live, Introduction to RustPack https://www.msecops.de/blog/posts/rustpack-intro/ More to follow in the… by S3cur3Th1sSh1t.
- RT incendiumrocks: It’s been a while since I wrote a blog post. My new post writes about some cool updates to the MS-RPC-Fuzzer for recursively fuzzin… by Steven Lowson.
- RT DirectoryRanger: RelayKing.comprehensive relay detection and enumeration tool designed to identify relay attack opportunities in Active Directory e… by Steven Lowson.
- RT Haidar: So here is new local privilege escalation zero-day I discovered, not patched yet too :). In simple terms, if you have a service like RDP th… by Steven Lowson.
- RT ESET Research: #ESETresearch uncovered a multiplatform supply-chain attack by the 🇰🇵 #ScarCruft APT group targeting the Yanbian region via ba… by SwitHak ().
- RT Cursor: Our agent harness makes models inside Cursor faster, smarter, and more token-efficient. Here’s how we test improvements to the harness, mon… by K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵.
- RT Matt Johansen: Re He began by replicating Mythos findings with his specialized harness. Then went on to find more critical novel zero days in open … by K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵.
- RT Kaptor Security: We dive deeper into the new 𝗕𝗹𝗶𝗻𝗱 𝗣𝗿𝗼𝗺𝗽𝘁 𝗜𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 technique. Unified … by X-C3LL.
- Some powerful built-in Windows 11 programs are allowed to write files to Defender’s working directory: \System32\msiexec.exe \Register-CimProvider.ex… by Two Seven One Three.
- Challenge: Drop #mimikatz onto a drive with the latest Windows 11. 1. Found a way to write a file into Windows Defender’s working directory: Success … by Two Seven One Three.
- RT BlackSnufkin: new repo: Cheshire Adaptix C2 service plugin that lets you test payloads against LitterBox without leaving the Adaptix client. p… by Rasta Mouse.
- Atomic BOFs https://rastamouse.me/atomic-bofs/ by Rasta Mouse.
- RT x64dbg: Re There is also a pre-alpha Linux version brewing by Rasta Mouse.
- RT PT SWARM: Our researcher Mikhail Sukhov shares his knowledge and experience in analyzing FreeIPA environments. He also introduces his ne… by Arseniy Sharoglazov.
- BloodHound in CLI can be useful when I want to run a batch of tests. Reminds me a bit of bloodhound-quickwin by @kaluche_ Added in Exegol images … by Charlie Bromberg « Shutdown ».
- Large-scale security audit of 1,764 “vibe-coded” apps: 7% have wide-open Supabase DBs, 15% of Bolt apps ship hardcoded API keys, plus IDOR and zero-au… by /r/netsec.
- STIX Visualizer - Threat Intelligence Graph Explorer https://cyber.netsecops.io/stix-viz/ by /r/netsec.
- Detect Shulfar Malware Encrypted TCP C&C Traffic Using PacketSmith Yara-X Detection Module https://blog.netomize.ca/detect-shulfar-malware-encrypted-t… by /r/netsec.
- Media player pivot: How I got back into my own server https://addadi.github.io/2026/04/17/how-i-hacked-back-into-my-server-through-a-media-player/ by /r/netsec.
- ShinyHunters Claims Sale of Anthropic Claude Mythos AI Model Data and Internal Documents https://breachnews.com/breaches/shinyhunters-claims-sale-of-a… by /r/netsec.
- What Really Happened In There? A Tamper-Evident Audit Trail for AI Agents https://nono.sh/blog/secure-agent-audit by /r/netsec.
- UK Biobank Health Data of 500K Listed for Sale in China https://www.verity.news/story/2026/uk-biobank-health-data-of-k-listed-for-sale-in-china?p=re45… by /r/netsec.
- RT Alexandre Becholey: Chapter 2 of the ARM hypervisor series is out. We go over taking ownership of the page tables, memory configuration, copying th… by winterknife.
- RT profdeibert: New @citizenlab report uncovers two separate China-based cyber espionage campaigns targeting journalists, human rights defenders, exil… by winterknife.
- RT Vector 35: The debugger got some real love in our latest update. Hardware breakpoints and conditional breakpoints have both landed, and the new deb… by winterknife.
- RT ENKI WhiteHat: [1/2] CVE-2026-32223: heap overflow in usbprint.sys (IOCTL 0x220064). Malformed USB descriptor, Named Pipe spray + Ghost Chunk for k… by winterknife.
- RT littlelailo: Had a lot of fun reversing Coruna over the last couple weeks and decided it would be worth to write it all up before I forget - so enj… by Alex Plaskett.
- RT lukas seidel: a new paper on efficient firmware fuzzing has arrived! Khost uses near-native execution and rehosts ARM firmware inside KVM on an ARM… by Alex Plaskett.
- RT Ckrielle: Another i0rs post, this time from @0x3dward who takes it upon himself to write a POC for a recently discovered heap buffer overflow in Po… by Alex Plaskett.
- Reminder for Mac users: please update your OpenAI macOS apps by Friday, May 8. As we shared last month, we’re rotating macOS signing certificates afte… by DANΞ.
- Ransomware operator’s day job was as a ransomware negotiator (where he siphoned victim info). It’s rare to catch me speechless, but that… wow… tha… by Jason Lang.
- RT Nextron Research : Another day another suspicious WHQL-signed driver… We identified a signed sample of RedDriver, a malicious kernel driver t… by Florian Roth.
- Good write-up by Unfold on detecting CVE-2026-41940, the #cPanel & WHM auth bypass analyzed by watchTowr What I like about it: they don’t stop at det… by Florian Roth.
- Checking a Linux system for CopyFail exploitation traces with THOR Cloud Lite The video is 1 min long It shows: - creating a THOR Cloud Lite campaign … by Florian Roth.
- Built a fun little project this weekend: surface-watch It’s a lightweight external attack surface monitoring framework that builds scope from known F… by Florian Roth.
- RT International Cyber Digest: Frontier AI models are forcing Oracle to move from quarterly to monthly critical security patches. Starting May 20… by Dave Aitel.
- RT Tim Becker: Full technical writeup + exploit technique for this 20-year-old bug in PostgreSQL https://www.zeroday.cloud/blog/postgres-xint by Dave Aitel.
- Some huge progress with Pickle C2, it can now load “modules” after compilation, they can be added at compiled-time or after execution!. The demo here … by David.
- RT Brad Spengler: Re Associated blog: https://www.linkedin.com/pulse/afalg-page-cache-cross-container-pivot-part-i-massimiliano-oldani-jgfyf/ by Dominic Chell.
- RT Brad Spengler: A gift from sgrakkyu: https://github.com/sgkdev/page_inject/ by Dominic Chell.
- RT Ollie Whitehouse: At @NCSC we have released ‘Understanding adversarial attacks against Machine Learning and AI’ which introduces a common language … by Dominic Chell.
- RT genoff : my bike rides stopped syncing, so i decompiled the firmware. found a hidden dev mode. sent 3 bytes over BLE. my cycling computer now s… by Simone Margaritelli.
- Web based prompt injection is when a threat actor tries to exploit your LLM through hidden prompts inside a web page. They embed malicious instru… by Thomas Roccia.
- RT SEKTOR7 Institute: Compile-time C obfuscator. Macro-header for obfuscating C code at time of compilation, targeting TCC on Windows x86/x64, a tool … by hasherezade.
- RT Virus Bulletin: Malwarebytes’ Gabriele Orini details how NWHStealer operators are abusing Bun to spread a Rust-based infostealer. Because Bun is st… by hasherezade.
- RT Omri Segev Moyal: Our team just published research on a malware campaign that hit 25+ organizations, several in Israel. The attacker built it so ba… by hasherezade.
- RT Nextron Research : Anti-Tampering Kernel Driver Deep Dive We have found an interesting WHQL-signed vulnerable kernel driver that protects proce… by hasherezade.
- RT Virus Bulletin: Trend Micro reports QLNX, a Linux RAT that combines credential harvesting with deeper system tampering. The malware dynamically com… by hasherezade.
- RT Guillermo Suarez-Tangil: Perplexity, Claude, Grok, and ChatGPT have been leaking your conversations alongside cookies to third-party ad and trackin… by hasherezade.
- RT 0xor0ne: Benchmarking Claude Opus 4.6 against Tigress obfuscation (@elasticseclabs) https://www.elastic.co/security-labs/llm-reversing-vs-llm-obfus… by hasherezade.
- RT Cybersecurity by Cyberkid: Nice introduction to Windows kernel exploitation for beginners Part 1: https://mdanilor.github.io/posts/hevd-0… by hasherezade.
- RT Roger: It’s been a while since I wanted to fully understand how the original kamakiri (not the linecode one) exploit worked, so I put up a little w… by hasherezade.
- RT Smukx.E: Exploiting Reversing (ER) series. An step by step Exploitation Technique of Windows Cloud Files Mini Filter Driver Elevation of Privilege … by hasherezade.
- RT Hacktron AI: Mythos showed that frontier models can find complex vulnerabilities with a skilled operator in the loop. But for applications that don… by shubs.
Tools and Exploits
Trail of Bits open-sources Trailmark, a library that parses source code into a queryable call graph (functions, classes, call relationships, semantic metadata) exposed through a Python API that Claude skills can call directly.
BlackArrow opens up the materials from every talk they have given. Slides, PoCs, and code in one repo.
GreyNoise launches Project Swarm. Sensors deployed across the internet to catch in-the-wild exploitation of edge-facing apps, with telemetry available for $1. Andrew Morris frames it as the AI-era response to faster vulnerability discovery.
Sean Metcalf updates Invoke-ADLabBuildOut to spin up AD sites, subnets, and site links on top of the lab build, with common security misconfigurations baked in.
MSSQLHound rewritten in Go: 17 minutes down to 17 seconds in lab, plus SOCKS proxying, Kerberos and NT hash auth, and pathfinding into BloodHound.
SOAPy now does kerberos auth over ADWS in Python, an integration nobody had bothered to ship in two years. Bigger release coming.
net_use BOF: a modernized port of TrustedSec’s SA repo entry for adding, listing, and removing mapped drives via the Windows MPR API. Avoids the telemetry from spawning net.exe or PowerShell.
mona v3 ships: Python 2 and 3, 32 and 64-bit targets, WinDBG and WinDBGX, faster and leaner. The exploit-dev sidekick gets a long-overdue refresh.
claude-red is a curated library of offensive-security skills for the Claude skills system, each one a structured SKILL.md priming Claude with methodology for a specific attack surface.
Puzzle deploys malware in monitored environments by abusing Windows minifilter functionality. Includes utilities and PoCs to interact with minifilters and explore static and runtime analysis evasion.
Microsoft quietly publishes EventLogExpert, an improved Event Viewer for IT and helpdesk teams. Open source, modern UI.
More this week (8)
- Securing the git push pipeline: Responding to a critical remote code execution vulnerability by Alexis Wales.
- RT asymmetric research: Today we’re launching Crucible, a coverage-guided fuzzing framework for Solana programs. Built for Anchor, with v2 support fro… by Maxwell ꓘ Dulin (Strikeout).
- RT Chris Laub: A Rust dev just killed Headless Chrome. It’s called Obscura. The open-source headless browser purpose-built for AI agents and scrapers … by Steven Lowson.
- RT Cursor: Cursor Security Review is now available for Teams and Enterprise plans. Run two types of always-on agents: 1. Security Reviewer checks ever… by K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵.
- RT Andy Nguyen: ps5-linux has been released! You can now turn your PS5 Phat console on 3.xx and 4.xx FWs into a fully functional Linux PC gaming devic… by Alex Plaskett.
- RT Pwnie Awards: Nominations for the 2026 Pwnie Awards are now open! Best bug? Worst Bug? Incredible research? Cataclysmic fuckups that knocked ov… by Alex Plaskett.
- RT Doug Burks: Just two weeks after the initial release of OhMyPCAP, version 2.0 is here! This new version has TONS of new features including some req… by Chris Sanders.
- RT Bishop Fox: Attackers already see your AI infrastructure. Now you can too. Introducing AIMap, an open-source tool to discover, analyze, and test ex… by Arun.