2777
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
Django SQL Injection in RasterField lookup (CVE-2026-1207)
https://ift.tt/X0ANszu
Submitted February 06, 2026 at 12:24AM by c0daman
via reddit https://ift.tt/Nd0Jbcl
⤷ Title: Privilege Escalation: Hijacking an Organization via Billing Notifications
════════════════════════
𐀪 Author: Mohamed Fathy
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 20:16:09 GMT
════════════════════════
⌗ Tags: #cybersecurity #penetration_testing #business_logic #security #idor_vulnerability
⤷ Title: Torbbb_Official/understanding-the-evolution-of-darkweb-markets-over-time-29c93a3e3411?source=rss------infosec-5">Understanding the Evolution of Darkweb Markets Over Time
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:24:30 GMT
════════════════════════
⌗ Tags: #infosec #osint #cybersecurity #darkweb
#tools
#Cloud_Security
1⃣ Weaponizing Whitelists:
An Azure Blob Storage Mythic C2 Profile
https://specterops.io/blog/2026/01/30/weaponizing-whitelists-an-azure-blob-storage-mythic-c2-profile
]-> Azure Blob Storage C2 Profile
// The article explores how enterprise firewalls' broad Azure Blob Storage exceptions can be exploited for covert C2, introducing Mythic's "azureBlob" profile that uses container-scoped SAS tokens and blob operations for stealthy C2
2⃣ Moltworker: a self-hosted personal AI agent, minus the minis
https://blog.cloudflare.com/moltworker-self-hosted-ai-agent
// Moltworker enables deploying scalable, secure AI applications on Cloudflare’s platform using Workers, Sandboxes, R2, and Browser Rendering, demonstrated through Slack integrations and open-sourced for global deployment
#Malware_analysis
1⃣ SonicWall Breach Enabled Ransomware Attack
https://www.ctrlaltnod.com/news/sonicwall-breach-enabled-ransomware-attack-on-74-us-banks
2⃣ RedKitten: AI-accelerated Campaign
https://harfanglab.io/insidethelab/redkitten-ai-accelerated-campaign-targeting-iranian-protests
3⃣ Pulsar RAT: When Malware Talks Back
https://www.pointwild.com/threat-intelligence/when-malware-talks-back
#Tech_book
#Malware_analysis
#Blue_Team_Techniques
"Phishing RunBook/PlayBook", 2025
// Phishing playbook guides SOC teams in detecting, analyzing, and responding to phishing threats.
- SOC phishing detection and response guide
- Defines roles, triage, and investigation steps
- Focuses on email, credential, and social engineering threats
- Ensures quick containment and awareness
- Promotes continuous improvement and prevention
#Malware_analysis
#Threat_Research
1⃣ GOGITTER, GITSHELLPAD, and GOSHELL Analysis
https://www.zscaler.com/blogs/security-research/apt-attacks-target-indian-government-using-gogitter-gitshellpad-and-goshell
2⃣ Blackmoon malware + SyncFuture TSM tool
https://www.esentire.com/blog/weaponized-in-china-deployed-in-india-the-syncfuture-espionage-targeted-campaign
3⃣ Inside a Multi-Stage Windows Malware Campaign
https://www.fortinet.com/blog/threat-research/inside-a-multi-stage-windows-malware-campaign
4⃣ MacSync Stealer Returns:
SEO Poisoning and Fake GitHub Repositories
https://daylight.ai/blog/macsync-stealer-returns-seo-poisoning
5⃣ PURELOGS Infostealer Analysis
https://www.swisspost-cybersecurity.ch/news/purelogs-infostealer-analysis-dont-judge-a-png-by-its-header
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.17-24, 2026)
1⃣ CVE-2026-24061: Telnetd RCE as Root
// This script exploits the CVE-2026-24061 vulnerability in Telnet servers using a malformed USER environment variable
2⃣ Top Agentic AI Security Threats in 2026
// The agentic AI era has arrived. The question is not whether your organization will face agentic threats in 2026. The question is whether you will be ready
3⃣ ISC BIND DoS vulnerability in Drone ID Records
// CVE-2025-13878
4⃣ Pwn2Own Automotive 2026
// Day One Two Three Results
5⃣ Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts
// The vulnerabilities allow for unauth bypass of SSO login authentication via crafted SAML messages when the FortiCloud SSO feature is enabled on affected Devices
6⃣ SmarterTools SmarterMail WT-2026-0001 Auth Bypass
// This issue was patched in ver.9511, released on Jan 15, 2026. If you have not already upgraded, do so immediately. This vulnerability is already being actively exploited!
7⃣ Wireshark 4.6.3 and 4.4.13 Released
// Release notes + download page
8⃣ Bandit v.1.9.3
// Tool to find common security issues in Python code
]-> Analytical review (Jan.10-17, 2026)
#AIOps
#MLSecOps
#Threat_Research
"Agent Skills in the Wild: An Empirical Study of Security Vulnerabilities at Scale", 2026.
// The rise of AI agent frameworks has introduced agent skills, modular packages containing instructions and executable code that dynamically extend agent capabilities. While this architecture enables powerful customization, skills execute with implicit trust and minimal vetting, creating a significant yet uncharacterized attack surface
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.10-17, 2026)
1⃣ VideoLAN fixed vulns in its VLC software
// CVE-2025-51602
2⃣ Hijacking Bluetooth Accessories Using Google Fast Pair
// Many Bluetooth accessories do not implement Google Fast Pair correctly, enabling an attacker to forcefully pair with a vulnerable accessory
3⃣ CVE-2025-64155: Fortinet FortiSIEM Argument Injection to RCE
// PoC exploit for Fortinet FortiSIEM which abuses an argument injection to write a file to gain code execution as root
4⃣ Critical Privilege Escalation Vulnerability in Modular DS plugin affecting 40k+ Sites exploited in the wild
// CVE-2026-23800
5⃣ Sicarii Ransomware: Truth vs Myth
// Sicarii is a newly observed RaaS operation that surfaced in late 2025
6⃣ Security Detections MCP
// An MCP server that lets LLMs query a unified database of Sigma, Splunk ESCU, Elastic, and KQL security detection rules
]-> Analytical review (Jan.03-10, 2026)
Resources for securing AI systems
https://github.com/TalEliyahu/Awesome-AI-Security
Awesome AI Security
- Learning resources
- Frameworks and standards
- AI for offensive cyber
- AI for defensive cyber
- Safety and sandboxing for AI tools
- Detection & scanners
https://github.com/ottosulin/awesome-ai-security
Contributor Otto Sulin
#ai #cybersecuriyty
#AIOps
#exploit
#AppSec
BodySnatcher (CVE-2025-12420):
A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow
https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow
// The discovery of BodySnatcher represents the most severe AI-driven security vulnerability uncovered to date and a defining example of agentic AI security vulnerabilities in modern SaaS platforms
#AIOps
#AppSec
#Threat_Research
ZombieAgent: New ChatGPT Vulnerabilities
https://www.radware.com/blog/threat-intelligence/zombieagent
// several new vulnerabilities + method to achieve persostence + new propagation technique
#AppSec
#Threat_Research
1⃣ GnuPG Vulnerabilities
2⃣ zlib v1.3.1.2 Global BOF in TGZfname() of zlib untgz Utility
// The untgz utility that is part of zlib suffers from a straightforward buffer overflow in the filename parameter
3⃣ SmarterMail Pre-Auth RCE
// pre-auth RCE (CVE-2025-52691) in SmarterMail allowed unauthenticated file uploads via /api/upload, enabling RCE through path traversal, highlighting risks of silent patches and the need for proactive security
⤷ Title: Kh_abdel/mitm-lab-tryhackme-detection-blue-vs-red-41fc73ec9594?source=rss------tryhackme-5">MITM lab + tryhackme Detection — Blue vs Red
════════════════════════
𐀪 Author: Khalil
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:48:58 GMT
════════════════════════
⌗ Tags: #tryhackme #ethical_hacking #man_in_the_middle_attack #ctf #wireshark
⤷ Title: Why Moltbook is Dangerous: Critical Zero-days Found in My Audit (Full Report)
════════════════════════
𐀪 Author: Saad Khalid
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:20:44 GMT
════════════════════════
⌗ Tags: #vulnerability #penetration_testing #cybersecurity #moltbook #ai
⤷ Title: Hacking Networking Services Home Lab
════════════════════════
𐀪 Author: Mainekhacker
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:01:00 GMT
════════════════════════
⌗ Tags: #smb #protocol #cybersecurity #hacking #networking
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.24-31, 2026)
1⃣ Critical eScan Supply Chain Compromise
// Anti-virus vendor eScan was compromised, and its update servers were used to install malware on some customer systems
2⃣ Fake Clawdbot VS Code Extension Installs ScreenConnect RAT
// The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions
3⃣ OpenSSL Updates
// OpenSSL released its monthly updates, fixing a potential RCE
4⃣ DoS Vulnerabilities in React Server Components
// Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition
5⃣ CVE-2026-21509 - MS Office 0-Day
// Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability
6⃣ StackRox 4.8.8 Kubernetes Security Platform + OpenAEV 2.0.14 Adversarial Exposure Validation Platform
// New releases have been released
7⃣ GnuPG 2.5.17
// This version fixes a critical security bug in versions 2.5.13 to 2.5.16
8⃣ Hacking Clawdbot and Eating Lobster Souls
// Part 2
9⃣ Operation Bizarre Bazaar
// First Attributed LLMjacking Campaign with Commercial Marketplace Monetization
1⃣0⃣ Silent Brothers: Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails
]-> Analytical review (Jan.17-24, 2026)
#MLSecOps
"Llama-3.1-FoundationAI-SecurityLLM-Reasoning-8B Technical Report", Jan 2026.
]-> Foundation-Sec-8B-Reasoning, the first open-source native reasoning model for cybersecurity
#Research
#IoD_Security
"A Large-Scale Evaluation Suite of Security, Resilience, and Trust for LLM-based UAV Agents over 6G Networks", 2026.
]-> Repo
// Large-scale benchmark for evaluating security, resilience, and trust of LLM-based UAV agents under realistic adversarial conditions in 6G-enabled networks, featuring layered attack taxonomies and CWE-aligned evaluation
#Analytics
#Research
"Frontier AI Auditing: Toward Rigorous Third-Party Assessment of Safety and Security Practices at Leading AI Companies", Jan 2026.
// We define frontier AI auditing as rigorous third-party verification of frontier AI developers' safety and security claims, and evaluation of their systems and practices against relevant standards, based on deep, secure access to non-public information
#MLSecOps
#Offensive_security
"Reasoning Hijacking: Subverting LLM Classification via Decision-Criteria Injection", 2026.
]-> Criteria Attack Dataset
// Current LLM safety research predominantly focuses on mitigating Goal Hijacking, preventing attackers from redirecting a model's high-level objective. In this paper, we argue that this perspective is incomplete and highlight a critical vulnerability in Reasoning Alignment. We propose a new adversarial paradigm: Reasoning Hijacking and instantiate it with Criteria Attack, which subverts model judgments by injecting spurious decision criteria without altering the high-level task goal
#Analytics
#Threat_Research
"Red Report 2025:
The Top 10 Most Prevalent MITRE ATT&CK Techniques. SneakThief and The Perfect Heist".
// This year's findings highlight a new era of adversarial sophistication in infostealer attacks, epitomized by malware like "SneakThief," which executed in a kill chain what has come to be known as "The Perfect Heist." Although the SneakThief malware is a fictitious name in this scenario, its attack patterns reflect real-world incidents. This advanced threat leverages stealth, persistence, and automation to infiltrate networks, bypass defenses, and exfiltrate critical data
#tools
#OSINT
1⃣ SwaggerSpy - Automated OSINT on SwaggerHub
2⃣ RedTiger-Tools - Open-Source Security Multi-Tool
3⃣ ASN - ASN Lookup Tool and Traceroute Server
4⃣ SatIntel - OSINT tool for Satellites. Extract satellite telemetry, receive orbital predictions, and parse TLEs
leash - take your AI agents for a walk - github.com/strongdm/leash
Authorize and monitor your AI agents with policy enforcement, sandboxed execution, and real-time observability—ensuring they operate safely within your defined boundaries.
Leash wraps AI coding agents in containers and monitors their activity. You define policies in Cedar; Leash enforces them instantly.
#exploit
#AppSec
1⃣ Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your Personal Data
// The attack exploits the q URL parameter, double-request techniques, and chain-request methods to inject malicious prompts, perform repeated actions, and establish ongoing data exfiltration chains
2⃣ Lack of isolation in agentic browsers resurfaces old vulnerabilities
// Agentic browsers' lack of proper isolation enables vulnerabilities like XSS and CSRF, leading to data leaks, prompt injections, and session hijacking, necessitating system-level security measures and extended origin policies
3⃣ Clang Hardening Cheat Sheet
// The article reviews a decade of Clang hardening techniques, highlighting new compiler flags and hardware-assisted protections against modern exploits like ROP, JOP, and speculative attacks
#AIOps
#Research
#Threat_Research
"VulnLLM-R: Specialized Reasoning LLM for Vulnerability Detection", Dec. 2025.
]-> Code & Data
]-> Demo
]-> Model
// We propose VulnLLM-R, the~\emph{first specialized reasoning LLM} for vulnerability detection. Our key insight is that LLMs can reason about program states and analyze the potential vulnerabilities, rather than simple pattern matching
#DFIR
#Tech_book
"Cyber Security Kill Chain - Tactics and Strategies: Breaking down the cyberattack process and responding to threats", 1st Edition, 2025.
// The book is a timely response to the increasing complexity of cyber threats. With the rapid growth of technologies such as AI, the Internet of Things, and quantum computing, the battlefield of cyber warfare is evolving faster than ever..
#DevOps
#Tech_book
#Threat_Modelling
"Threat Modeling Best Practices:
Proven frameworks and practical techniques to secure modern systems", Oct. 2025.
// This book takes you through the spectrum of threat modeling processes and practices. From foundational methodologies such as STRIDE to cutting-edge implementations that keep pace with the speed of system development, we begin by establishing a solid understanding of threat modeling principles, methodologies, and best practices that form the foundation of threat identification