2777
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
#MalDev
#Malware_analysis
#Offensive_security
MacOS Malware Persistence
Part 1 - LaunchAgents. Simple C example
]-> Source code in GitHub
Part 2 - Shell environment hijacking. Simple C example
]-> Source code in GitHub
// Disclaimer
#AIOps
#Tech_book
"Agentic Design Patterns: A Hands-On Guide to Building Intelligent Systems", Oct. 2025.
// A comprehensive guide presenting 21 design patterns for building AI agents, using frameworks like LangChain, Crew AI, and Google ADK to create autonomous intelligent systems
Tool: AST-based security scanner for AI-generated code (MCP server)
https://ift.tt/mc6CoVt
Submitted February 06, 2026 at 09:55PM by NoButterfly9145
via reddit https://ift.tt/rbwKiQ3
⤷ Title: Kh_abdel/mitm-lab-tryhackme-detection-blue-vs-red-41fc73ec9594?source=rss------tryhackme-5">MITM lab + tryhackme Detection — Blue vs Red
════════════════════════
𐀪 Author: Khalil
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:48:58 GMT
════════════════════════
⌗ Tags: #tryhackme #ethical_hacking #man_in_the_middle_attack #ctf #wireshark
⤷ Title: Why Moltbook is Dangerous: Critical Zero-days Found in My Audit (Full Report)
════════════════════════
𐀪 Author: Saad Khalid
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:20:44 GMT
════════════════════════
⌗ Tags: #vulnerability #penetration_testing #cybersecurity #moltbook #ai
⤷ Title: Hacking Networking Services Home Lab
════════════════════════
𐀪 Author: Mainekhacker
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:01:00 GMT
════════════════════════
⌗ Tags: #smb #protocol #cybersecurity #hacking #networking
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.24-31, 2026)
1⃣ Critical eScan Supply Chain Compromise
// Anti-virus vendor eScan was compromised, and its update servers were used to install malware on some customer systems
2⃣ Fake Clawdbot VS Code Extension Installs ScreenConnect RAT
// The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions
3⃣ OpenSSL Updates
// OpenSSL released its monthly updates, fixing a potential RCE
4⃣ DoS Vulnerabilities in React Server Components
// Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition
5⃣ CVE-2026-21509 - MS Office 0-Day
// Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability
6⃣ StackRox 4.8.8 Kubernetes Security Platform + OpenAEV 2.0.14 Adversarial Exposure Validation Platform
// New releases have been released
7⃣ GnuPG 2.5.17
// This version fixes a critical security bug in versions 2.5.13 to 2.5.16
8⃣ Hacking Clawdbot and Eating Lobster Souls
// Part 2
9⃣ Operation Bizarre Bazaar
// First Attributed LLMjacking Campaign with Commercial Marketplace Monetization
1⃣0⃣ Silent Brothers: Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails
]-> Analytical review (Jan.17-24, 2026)
#MLSecOps
"Llama-3.1-FoundationAI-SecurityLLM-Reasoning-8B Technical Report", Jan 2026.
]-> Foundation-Sec-8B-Reasoning, the first open-source native reasoning model for cybersecurity
#Research
#IoD_Security
"A Large-Scale Evaluation Suite of Security, Resilience, and Trust for LLM-based UAV Agents over 6G Networks", 2026.
]-> Repo
// Large-scale benchmark for evaluating security, resilience, and trust of LLM-based UAV agents under realistic adversarial conditions in 6G-enabled networks, featuring layered attack taxonomies and CWE-aligned evaluation
#Analytics
#Research
"Frontier AI Auditing: Toward Rigorous Third-Party Assessment of Safety and Security Practices at Leading AI Companies", Jan 2026.
// We define frontier AI auditing as rigorous third-party verification of frontier AI developers' safety and security claims, and evaluation of their systems and practices against relevant standards, based on deep, secure access to non-public information
#MLSecOps
#Offensive_security
"Reasoning Hijacking: Subverting LLM Classification via Decision-Criteria Injection", 2026.
]-> Criteria Attack Dataset
// Current LLM safety research predominantly focuses on mitigating Goal Hijacking, preventing attackers from redirecting a model's high-level objective. In this paper, we argue that this perspective is incomplete and highlight a critical vulnerability in Reasoning Alignment. We propose a new adversarial paradigm: Reasoning Hijacking and instantiate it with Criteria Attack, which subverts model judgments by injecting spurious decision criteria without altering the high-level task goal
#Analytics
#Threat_Research
"Red Report 2025:
The Top 10 Most Prevalent MITRE ATT&CK Techniques. SneakThief and The Perfect Heist".
// This year's findings highlight a new era of adversarial sophistication in infostealer attacks, epitomized by malware like "SneakThief," which executed in a kill chain what has come to be known as "The Perfect Heist." Although the SneakThief malware is a fictitious name in this scenario, its attack patterns reflect real-world incidents. This advanced threat leverages stealth, persistence, and automation to infiltrate networks, bypass defenses, and exfiltrate critical data
#tools
#OSINT
1⃣ SwaggerSpy - Automated OSINT on SwaggerHub
2⃣ RedTiger-Tools - Open-Source Security Multi-Tool
3⃣ ASN - ASN Lookup Tool and Traceroute Server
4⃣ SatIntel - OSINT tool for Satellites. Extract satellite telemetry, receive orbital predictions, and parse TLEs
leash - take your AI agents for a walk - github.com/strongdm/leash
Authorize and monitor your AI agents with policy enforcement, sandboxed execution, and real-time observability—ensuring they operate safely within your defined boundaries.
Leash wraps AI coding agents in containers and monitors their activity. You define policies in Cedar; Leash enforces them instantly.
#exploit
#AppSec
1⃣ Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your Personal Data
// The attack exploits the q URL parameter, double-request techniques, and chain-request methods to inject malicious prompts, perform repeated actions, and establish ongoing data exfiltration chains
2⃣ Lack of isolation in agentic browsers resurfaces old vulnerabilities
// Agentic browsers' lack of proper isolation enables vulnerabilities like XSS and CSRF, leading to data leaks, prompt injections, and session hijacking, necessitating system-level security measures and extended origin policies
3⃣ Clang Hardening Cheat Sheet
// The article reviews a decade of Clang hardening techniques, highlighting new compiler flags and hardware-assisted protections against modern exploits like ROP, JOP, and speculative attacks
#tools
#hardening
#MLSecOps
Detecting and Monitoring OpenClaw (clawdbot, moltbot)
1⃣ OpenClaw Detection Scripts
// Detection scripts for MDM deployment to identify OpenClaw installations on managed devices
2⃣ OpenClaw Telemetry Plugin
// Captures tool calls, LLM usage, agent lifecycle, and message events
3⃣ Advanced Cognitive Inoculation Prompt (ACIP)
// Fortifying LLMs against sophisticated prompt injection attacks
crypto-scanner: Open-source CLI tool to find quantum-vulnerable cryptography in your codebase
https://ift.tt/JxXf0lT
Submitted February 07, 2026 at 07:11AM by MindlessConclusion42
via reddit https://ift.tt/fWoIhw8
Django SQL Injection in RasterField lookup (CVE-2026-1207)
https://ift.tt/X0ANszu
Submitted February 06, 2026 at 12:24AM by c0daman
via reddit https://ift.tt/Nd0Jbcl
⤷ Title: Privilege Escalation: Hijacking an Organization via Billing Notifications
════════════════════════
𐀪 Author: Mohamed Fathy
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 20:16:09 GMT
════════════════════════
⌗ Tags: #cybersecurity #penetration_testing #business_logic #security #idor_vulnerability
⤷ Title: Torbbb_Official/understanding-the-evolution-of-darkweb-markets-over-time-29c93a3e3411?source=rss------infosec-5">Understanding the Evolution of Darkweb Markets Over Time
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:24:30 GMT
════════════════════════
⌗ Tags: #infosec #osint #cybersecurity #darkweb
#tools
#Cloud_Security
1⃣ Weaponizing Whitelists:
An Azure Blob Storage Mythic C2 Profile
https://specterops.io/blog/2026/01/30/weaponizing-whitelists-an-azure-blob-storage-mythic-c2-profile
]-> Azure Blob Storage C2 Profile
// The article explores how enterprise firewalls' broad Azure Blob Storage exceptions can be exploited for covert C2, introducing Mythic's "azureBlob" profile that uses container-scoped SAS tokens and blob operations for stealthy C2
2⃣ Moltworker: a self-hosted personal AI agent, minus the minis
https://blog.cloudflare.com/moltworker-self-hosted-ai-agent
// Moltworker enables deploying scalable, secure AI applications on Cloudflare’s platform using Workers, Sandboxes, R2, and Browser Rendering, demonstrated through Slack integrations and open-sourced for global deployment
#Malware_analysis
1⃣ SonicWall Breach Enabled Ransomware Attack
https://www.ctrlaltnod.com/news/sonicwall-breach-enabled-ransomware-attack-on-74-us-banks
2⃣ RedKitten: AI-accelerated Campaign
https://harfanglab.io/insidethelab/redkitten-ai-accelerated-campaign-targeting-iranian-protests
3⃣ Pulsar RAT: When Malware Talks Back
https://www.pointwild.com/threat-intelligence/when-malware-talks-back
#Tech_book
#Malware_analysis
#Blue_Team_Techniques
"Phishing RunBook/PlayBook", 2025
// Phishing playbook guides SOC teams in detecting, analyzing, and responding to phishing threats.
- SOC phishing detection and response guide
- Defines roles, triage, and investigation steps
- Focuses on email, credential, and social engineering threats
- Ensures quick containment and awareness
- Promotes continuous improvement and prevention
#Malware_analysis
#Threat_Research
1⃣ GOGITTER, GITSHELLPAD, and GOSHELL Analysis
https://www.zscaler.com/blogs/security-research/apt-attacks-target-indian-government-using-gogitter-gitshellpad-and-goshell
2⃣ Blackmoon malware + SyncFuture TSM tool
https://www.esentire.com/blog/weaponized-in-china-deployed-in-india-the-syncfuture-espionage-targeted-campaign
3⃣ Inside a Multi-Stage Windows Malware Campaign
https://www.fortinet.com/blog/threat-research/inside-a-multi-stage-windows-malware-campaign
4⃣ MacSync Stealer Returns:
SEO Poisoning and Fake GitHub Repositories
https://daylight.ai/blog/macsync-stealer-returns-seo-poisoning
5⃣ PURELOGS Infostealer Analysis
https://www.swisspost-cybersecurity.ch/news/purelogs-infostealer-analysis-dont-judge-a-png-by-its-header
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.17-24, 2026)
1⃣ CVE-2026-24061: Telnetd RCE as Root
// This script exploits the CVE-2026-24061 vulnerability in Telnet servers using a malformed USER environment variable
2⃣ Top Agentic AI Security Threats in 2026
// The agentic AI era has arrived. The question is not whether your organization will face agentic threats in 2026. The question is whether you will be ready
3⃣ ISC BIND DoS vulnerability in Drone ID Records
// CVE-2025-13878
4⃣ Pwn2Own Automotive 2026
// Day One Two Three Results
5⃣ Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts
// The vulnerabilities allow for unauth bypass of SSO login authentication via crafted SAML messages when the FortiCloud SSO feature is enabled on affected Devices
6⃣ SmarterTools SmarterMail WT-2026-0001 Auth Bypass
// This issue was patched in ver.9511, released on Jan 15, 2026. If you have not already upgraded, do so immediately. This vulnerability is already being actively exploited!
7⃣ Wireshark 4.6.3 and 4.4.13 Released
// Release notes + download page
8⃣ Bandit v.1.9.3
// Tool to find common security issues in Python code
]-> Analytical review (Jan.10-17, 2026)
#AIOps
#MLSecOps
#Threat_Research
"Agent Skills in the Wild: An Empirical Study of Security Vulnerabilities at Scale", 2026.
// The rise of AI agent frameworks has introduced agent skills, modular packages containing instructions and executable code that dynamically extend agent capabilities. While this architecture enables powerful customization, skills execute with implicit trust and minimal vetting, creating a significant yet uncharacterized attack surface
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.10-17, 2026)
1⃣ VideoLAN fixed vulns in its VLC software
// CVE-2025-51602
2⃣ Hijacking Bluetooth Accessories Using Google Fast Pair
// Many Bluetooth accessories do not implement Google Fast Pair correctly, enabling an attacker to forcefully pair with a vulnerable accessory
3⃣ CVE-2025-64155: Fortinet FortiSIEM Argument Injection to RCE
// PoC exploit for Fortinet FortiSIEM which abuses an argument injection to write a file to gain code execution as root
4⃣ Critical Privilege Escalation Vulnerability in Modular DS plugin affecting 40k+ Sites exploited in the wild
// CVE-2026-23800
5⃣ Sicarii Ransomware: Truth vs Myth
// Sicarii is a newly observed RaaS operation that surfaced in late 2025
6⃣ Security Detections MCP
// An MCP server that lets LLMs query a unified database of Sigma, Splunk ESCU, Elastic, and KQL security detection rules
]-> Analytical review (Jan.03-10, 2026)
Resources for securing AI systems
https://github.com/TalEliyahu/Awesome-AI-Security
Awesome AI Security
- Learning resources
- Frameworks and standards
- AI for offensive cyber
- AI for defensive cyber
- Safety and sandboxing for AI tools
- Detection & scanners
https://github.com/ottosulin/awesome-ai-security
Contributor Otto Sulin
#ai #cybersecuriyty
#AIOps
#exploit
#AppSec
BodySnatcher (CVE-2025-12420):
A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow
// The discovery of BodySnatcher represents the most severe AI-driven security vulnerability uncovered to date and a defining example of agentic AI security vulnerabilities in modern SaaS platforms