2777
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Prototype Pollution Guide: Vulnerabilities, Attack Vectors, and RCE: jpablo13/prototype-pollution-guide-vulnerabilities-attack-vectors-and-rce-82100c1baf40?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@jpablo13/prototype-pollution-guide-vulnerabilities-attack-vectors-and-rce-82100c1baf40?source=rss------bug_bounty-5
Читать полностью…
Bypassing 4-Digit MFA — A HackSmarter Lab Writeup: cyberologist-bd/bypassing-4-digit-mfa-a-hacksmarter-lab-writeup-873052edf5de?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@cyberologist-bd/bypassing-4-digit-mfa-a-hacksmarter-lab-writeup-873052edf5de?source=rss------bug_bounty-5
Читать полностью…
COMMON HTTP ERROR CODES & Bypass Techniques: cybersecplayground/common-http-error-codes-bypass-techniques-d2d7a09ec062?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@cybersecplayground/common-http-error-codes-bypass-techniques-d2d7a09ec062?source=rss------bug_bounty-5
Читать полностью…
#NetSec
"One Char to Rule Them All:
Systematically Exploring and Exploiting DNS Silent Vulnerabilities in Domain Name Resolution", BlackHat Asia 2026.
// we conducted the first systematic study of special character handling logic in DNS, reviewing DNS RFCs and analyzing 31 widely-used DNS software implementations through source code review and gray-box testing. Our systematic analysis reveals two new DNS logic vulnerabilities arising from inconsistencies and silent handling behaviors, leading to two classes of attacks that affect all DNS roles, including stub resolvers, forwarders, recursive resolvers, and authoritative nameservers
See also:
]-> RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox (.pdf)
#Hardware_Security
"Qualcomm BootROM:
A journey through Sahara", BlackHat Asia 2026.
// This Briefing will present a comprehensive analysis of new vulnerabilities found by our team at the BootROM level: vulnerabilities in Emergency Download Mode and its Sahara protocol, which allow bypassing cryptographic verification of Secondary Boot Loader images and subsequent boot stages
See also:
]-> BlackHat Asia 2026 - ALL Briefings
#MLSecOps
#Threat_Research
"The Mother of All AI Supply Chains:
Critical, Systemic Vulnerability at the Core of Anthropic’s MCP", Apr. 2026.
// Enables unauthorized access to sensitive user data, internal databases, and API keys. Affects 150M+ downloads across Python, TypeScript, Java, and Rust MCP SDKs. Verified Zero-Click Prompt Injection in Cursor and Windsurf, plus "poisoned" MCP registries. Impacting industry staples like LangChain, LiteLLM, and IBM’s LangFlow
How I track the latest CVEs — top 20, fast 🔥
curl -s 'https:/ /cvedb.shodan.io/cves' \
| jq -r '.cves[:20][]?.cve_id'
==> Want id+summary?
curl -s 'https:/ /cvedb.shodan.io/cves' \
| jq '[.cves
| sort_by(.published? // .Published? // .modified? // "1970-01-01")
| reverse
| .[:20][]? | {cve_id, summary}]'
Note : Make sure you remove the space between https:/ and /cvedb before using the command must be https://
Tool: cvedb.shodan.io
#AIOps
"The Blind Spot of Agent Safety: How Benign User Instructions Expose Critical Vulnerabilities in Computer-Use Agents", Apr. 2026.
]-> Code
]-> Dataset
// a benchmark that evaluates CUAs under unintended attack conditions, comprising 300 human-crafted tasks across 12 categories, 8 apps, and 2 threat clusters: environment-embedded threats and agent-initiated harms
#MLSecOps
"Unreal Thinking: Chain-of-Thought Hijacking via Two-stage Backdoor", Apr 2026.
]-> Repo
// Attackers can compromise LLMs by hijacking the Chain-of-Thought process to hide malicious behaviors within seemingly logical reasoning. To address data scarcity and instability in such attacks, the researchers introduced tools and mitigations for generating synthetic malicious CoTs
#Kernel_Security
#Sec_code_review
Security Checklist for C/C++ Programs
]-> Bug classes
]-> Linux usermode
]-> Linux Kernel
]-> Windows usermode
]-> Windows kernel
]-> Seccomp/BPF
// This security checklist, written for security auditors and secure development practitioners, provides a wide range of security issues to look for when reviewing C/C++ code. It covers both language-specific bug classes and environment-specific security issues spanning the Linux and Windows operating systems, including usermode applications and kernelmode drivers
#MLSecOps
#Whitepaper
"System Card: Claude Mythos Preview", April 8 2026.
// Claude Mythos Preview - new LLM from Anthropic. In particular, it has demonstrated powerful cybersecurity skills, which can be used for both defensive purposes (finding and fixing vulnerabilities in software code) and offensive purposes (designing sophisticated ways to exploit those vulnerabilities)
#Whitepaper
#Cloud_Security
"Zero Trust Security Architecture for Cloud-Native Applications: Complete Enterprise Implementation Guide", Jan. 2026.
// Code examples target Kubernetes 1.28+ with AWS EKS as the reference platform, though principles apply across cloud providers. The service mesh examples focus on Istio as the most widely deployed option, with additional coverage of Cilium for eBPF-based approaches. By the end of this guide, you will have a comprehensive understanding of how to design, implement, and operate Zero Trust security architectures for cloud-native applications, along with concrete implementation patterns that can be applied to your own environments
#WLAN_Security
#Mobile_Security
"LightGuard: Transparent WiFi Security via Physical-Layer LiFi Key Bootstrapping", Apr. 2026.
]-> https://github.com/Dorian47/Lightguard
// cryptographic key establishment can be offloaded from WiFi to a physically confined LiFi channel to mitigate the risk of key exposure over RF
#Analytics
#Threat_Research
2026 Radware Global Threat Analysis Report
Most beginners don’t fail at bug bounty because it’s “too hard.”
They fail because they jump between tools, watch random tutorials, and call that learning.
No structure = no results.
You don’t need more tools. You need a path.
Something that shows: what to learn → what to practice → how to actually find bugs.
That’s where these come in:
* https://resources.codelivly.com/product/bug-bounty-beginner-editions/
* https://resources.codelivly.com/product/the-ultimate-bug-bounty-starter-pack/
They’re not theory dumps. It’s the stuff you actually use—recon, XSS, SQLi, reporting—step by step.
If you’re tired of “learning” but not earning, this might fix that.
Check it out if it clicks.
Escaping the Sandbox: Client-Side Template Injection (CSTI) via Outdated AngularJS: 0xTifo/escaping-the-sandbox-client-side-template-injection-csti-via-outdated-angularjs-887cc278f54a?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@0xTifo/escaping-the-sandbox-client-side-template-injection-csti-via-outdated-angularjs-887cc278f54a?source=rss------bug_bounty-5
Читать полностью…
Prototype Pollution: marduk.i.am/prototype-pollution-15f47d9e5c6a?source=rss------bug_bounty-5" rel="nofollow">https://medium.com/@marduk.i.am/prototype-pollution-15f47d9e5c6a?source=rss------bug_bounty-5
Читать полностью…
#Hardware_Security
"GPUBreach: Privilege Escalation Attacks on GPUs using Rowhammer", Apr. 2026.
]-> https://gpubreach.ca
]-> Repo
// GPUBreach shows that GPU Rowhammer attacks can move beyond data corruption to real privilege escalation. By corrupting GPU page tables, an unprivileged CUDA kernel can gain arbitrary GPU memory read/write, and then chain that capability into CPU-side escalation by exploiting newly discovered memory-safety bugs in the NVIDIA driver. The result is system-wide compromise up to a root shell, without disabling IOMMU, unlike contemporary works, making GPUBreach a more potent threat
#IoT_Security
#Automotive_Security
"When Flash Reveals Its Secrets:
Advanced Glitching Leveraging Hidden CPU-eMMC Behavior", BlackHat Asia 2026.
]-> https://github.com/xcatx9527/wfm_cmp
// Complete process of successfully bypassing Secure Boot on real embedded devices using this method and reveal the physical leakage paths that exist between the CPU and peripheral storage during runtime
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Apr.18-25, 2026)
1⃣ Hacking Safari with GPT 5.4
// A Safari WebAssembly memory bug combined with fetch cloning flaws enabled cross-origin data leaks
2⃣ PhantomRPC: A new privilege escalation technique in Windows RPC
// PoC + Toolset
3⃣ Pentest Copilot
// An open-source, AI-driven penetration testing agent
4⃣ Uncovering Global Telecom Exploitation by Covert Surveillance Actors
// Weak screening of interconnect traffic allowed attackers to route surveillance messages through trusted operator pathways, enabling access to targeted networks
5⃣ Pack2TheRoot: Cross-Distro LPE Vulnerability
// CVE-2026-41651
6⃣ P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet
// Investigation Reveals Critical Security Gaps On Thousands of Servers Affecting Organisations Across Games, Healthcare, Finance, Government & More
7⃣ Kyber Ransomware Double Trouble
// Kyber is a cross-platform ransomware family targeting Linux/ESXi and Windows environments
8⃣ Claude-Red-Skills
// 38 offensive security skills for Claude
9⃣ WireGuard 1.0 for Windows
]-> Analytical review (Apr.11-18, 2026)
Cybersecurity Roadmap for 2026
https://hacklido.com/blog/1408-ultimate-cybersecurity-roadmap-for-2026
#tools
#DFIR
#Malware_analysis
1⃣ Official IOCX Project
// An extensible IOC extraction engine for PE binaries and text, built for SOC automation and modern threat‑analysis pipelines
2⃣ Crow Eye - Windows Forensics Engine
// Comprehensive Windows forensics tool
3⃣ Microsoft Sentinel SIEM Log Source Analyzer
// PowerShell module that connects to your MS Sentinel workspace (and Defender XDR), pulls every log table you’re ingesting
#exploit
#Kernel_Security
1⃣ Multiple vulnerabilities in AppArmor
https://cdn2.qualys.com/advisory/2026/03/10/crack-armor.txt
// AppArmor + Sudo + Postfix = root
2⃣ CVE-2026-29923:
LPE Attack via pstrip64.sys
https://github.com/athenasec16/CVE-2026-29923
// pstrip64.sys - legacy kernel-mode component. While its legitimate purpose is to enable advanced graphics card display tweaking, its deep system privileges make it a highly attractive target for attackers..
// Disclaimer
#Malware_analysis
1⃣ VIPERTUNNEL Python Backdoor
https://labs.infoguard.ch/posts/slithering_through_the_noise
2⃣ We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger
https://intel.breakglass.tech/post/kimsuky-chm-nidlog-c2-dump-full-payload-recovery
3⃣ Inside an AI‑enabled device code phishing campaign
https://www.microsoft.com/en-us/security/blog/2026/04/06/ai-enabled-device-code-phishing-campaign-april-2026
#NetSec
#Tech_book
"Wireshark Essentials: Simplifying Network Security and Troubleshooting", 2026.
// Throughout this book, we delve into the practical applications of Wireshark, with a special focus on crafting effective filters that serve both security and troubleshooting purposes. Each chapter is structured to build your skills progressively, starting from basic concepts and moving toward complex scenarios
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Apr.4-11, 2026)
1⃣ OpenSSL maintenance releases
// OpenSSL 3.6.2, 3.5.6, 3.4.5, 3.3.7, which fix 7 vulnerabilities, incl. CVE-2026-31790
2⃣ GlassWorm goes native:
New Zig dropper infects every IDE on your machine
// Extension impersonates WakaTime, popular developer time-tracking tool, and ships a Zig-compiled native binary alongside its JavaScript code
3⃣ Claude Mythos - new LLM from Anthropic
// Assessing Claude Mythos cybersecurity capabilities
4⃣ Node.js Trust Falls:
Dangerous Module Resolution on Windows
// Node.js on Windows defaults to insecure module resolution in C:\node_modules, enabling privilege escalation, with major vendors dismissing the security risk despite longstanding awareness since 2013...
5⃣ High-tech vulnerability in PDF files
// Such a mechanism allows the threat actor to collect user information, steal local data, perform advanced fingerprinting, and launch future attacks: if the target meets the attacker's conditions, the attacker may deliver additional exploit to achieve RCE/SBX
6⃣ Apache Solr Path Traversal RCE Attack
// CVE-2024-52012 is a Zip Slip vulnerability in Apache Solr’s ConfigSet Upload API allowing unauthenticated RCE via crafted ZIP files with path traversal sequences
7⃣ Microsoft Speech
// SpeechRuntime.exe can be exploited for lateral movement through COM hijacking and session enumeration
]-> Analytical review (Mar.28-Apr.4, 2026)
#AIOps
"SkillTrojan: Backdoor Attacks on Skill-Based Agent Systems", Apr.2026.
// SkillTrojan - backdoor attack that targets skill implementations rather than model parameters or training data
#tools
#AIOps
#MLSecOps
#Offensive_security
Recursive Autonomous Penetration Testing and Observation Robot
https://github.com/gadievron/raptor
// Autonomous Offensive/Defensive Security Research Framework, based on Claude Code
#Tech_book
#Blue_Team_Techniques
"Blue Team Handbook: Incident Response", 2026.
]-> Code from book chapters, commands, and manuals
// This trusted and widely used f ield guide for cybersecurity incident responders, SOC analysts, and defensive security professionals distills incident response essentials into a concise, field-ready format
#tools
#AIOps
"Evaluating Privilege Usage of Agents on Real-World Tools", Mar. 2026.
// GrantBox - security evaluation framework designed to systematically assess how autonomous agents handle privilege usage when interacting with real-world tools and services