2777
🛡️ Cybersecurity enthusiast | 💻 Helping secure the digital world | 🌐 Web App Tester | 🕵️♂️ OSINT Specialist Admin: @laazy_hack3r
#Malware_analysis
1⃣ Malicious use of virtual machine infrastructure
https://www.sophos.com/en-us/blog/malicious-use-of-virtual-machine-infrastructure
2⃣ Black Basta: Defense Evasion Capability Embedded in Ransomware Payload
https://www.security.com/threat-intelligence/black-basta-ransomware-byovd
3⃣ Technical Analysis of Marco Stealer
https://www.zscaler.com/blogs/security-research/technical-analysis-marco-stealer
4⃣ Another piece of XWorm: Interesting way to drop the trojan in another malicious script
https://isc.sans.edu/diary/Malicious+Script+Delivering+More+Maliciousness/32682
#WebApp_Security
#Offensive_security
Top 10 New Web Hacking Techniques of 2025
https://portswigger.net/research/top-10-web-hacking-techniques-of-2025
// The top web hacking techniques of 2025 include parser differentials, HTTP/2 CONNECT exploits, cross-origin leaks, cache poisoning, and novel SSRF methods
#Cloud_Security
#Threat_Research
"Cloud Edge Phishing: Breaking the Future of Auth",
OOTB 2025.
// This talk analyzes modern phishing techniques - including OAuth consent hijacking, browser-based MITM proxies, and token-binding attacks - and demonstrates two revolutionary serverless approaches that serve as the ultimate stealthy platforms for phishing Ops
See also:
]-> Authentication Downgrade Attacks: Deep Dive into MFA Bypass (Feb. 2026)
#hardening
#Whitepaper
#Cloud_Security
"Container Security: Docker & Kubernetes Hardening. Complete Enterprise Security Guide", Dec. 2025.
// This guide takes a practical, end-to-end approach to securing containerized environments, covering Docker, Kubernetes, networking, and the supply chain with an operational mindset. Each chapter examines specific security domains in depth, providing practical guidance, real-world examples, and production-ready configurations for securing containerized environments
#tools
#hardening
#MLSecOps
Detecting and Monitoring OpenClaw (clawdbot, moltbot)
1⃣ OpenClaw Detection Scripts
// Detection scripts for MDM deployment to identify OpenClaw installations on managed devices
2⃣ OpenClaw Telemetry Plugin
// Captures tool calls, LLM usage, agent lifecycle, and message events
3⃣ Advanced Cognitive Inoculation Prompt (ACIP)
// Fortifying LLMs against sophisticated prompt injection attacks
crypto-scanner: Open-source CLI tool to find quantum-vulnerable cryptography in your codebase
https://ift.tt/JxXf0lT
Submitted February 07, 2026 at 07:11AM by MindlessConclusion42
via reddit https://ift.tt/fWoIhw8
Django SQL Injection in RasterField lookup (CVE-2026-1207)
https://ift.tt/X0ANszu
Submitted February 06, 2026 at 12:24AM by c0daman
via reddit https://ift.tt/Nd0Jbcl
⤷ Title: Privilege Escalation: Hijacking an Organization via Billing Notifications
════════════════════════
𐀪 Author: Mohamed Fathy
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 20:16:09 GMT
════════════════════════
⌗ Tags: #cybersecurity #penetration_testing #business_logic #security #idor_vulnerability
⤷ Title: Torbbb_Official/understanding-the-evolution-of-darkweb-markets-over-time-29c93a3e3411?source=rss------infosec-5">Understanding the Evolution of Darkweb Markets Over Time
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:24:30 GMT
════════════════════════
⌗ Tags: #infosec #osint #cybersecurity #darkweb
#tools
#Cloud_Security
1⃣ Weaponizing Whitelists:
An Azure Blob Storage Mythic C2 Profile
https://specterops.io/blog/2026/01/30/weaponizing-whitelists-an-azure-blob-storage-mythic-c2-profile
]-> Azure Blob Storage C2 Profile
// The article explores how enterprise firewalls' broad Azure Blob Storage exceptions can be exploited for covert C2, introducing Mythic's "azureBlob" profile that uses container-scoped SAS tokens and blob operations for stealthy C2
2⃣ Moltworker: a self-hosted personal AI agent, minus the minis
https://blog.cloudflare.com/moltworker-self-hosted-ai-agent
// Moltworker enables deploying scalable, secure AI applications on Cloudflare’s platform using Workers, Sandboxes, R2, and Browser Rendering, demonstrated through Slack integrations and open-sourced for global deployment
#Malware_analysis
1⃣ SonicWall Breach Enabled Ransomware Attack
https://www.ctrlaltnod.com/news/sonicwall-breach-enabled-ransomware-attack-on-74-us-banks
2⃣ RedKitten: AI-accelerated Campaign
https://harfanglab.io/insidethelab/redkitten-ai-accelerated-campaign-targeting-iranian-protests
3⃣ Pulsar RAT: When Malware Talks Back
https://www.pointwild.com/threat-intelligence/when-malware-talks-back
#Tech_book
#Malware_analysis
#Blue_Team_Techniques
"Phishing RunBook/PlayBook", 2025
// Phishing playbook guides SOC teams in detecting, analyzing, and responding to phishing threats.
- SOC phishing detection and response guide
- Defines roles, triage, and investigation steps
- Focuses on email, credential, and social engineering threats
- Ensures quick containment and awareness
- Promotes continuous improvement and prevention
#Malware_analysis
#Threat_Research
1⃣ GOGITTER, GITSHELLPAD, and GOSHELL Analysis
https://www.zscaler.com/blogs/security-research/apt-attacks-target-indian-government-using-gogitter-gitshellpad-and-goshell
2⃣ Blackmoon malware + SyncFuture TSM tool
https://www.esentire.com/blog/weaponized-in-china-deployed-in-india-the-syncfuture-espionage-targeted-campaign
3⃣ Inside a Multi-Stage Windows Malware Campaign
https://www.fortinet.com/blog/threat-research/inside-a-multi-stage-windows-malware-campaign
4⃣ MacSync Stealer Returns:
SEO Poisoning and Fake GitHub Repositories
https://daylight.ai/blog/macsync-stealer-returns-seo-poisoning
5⃣ PURELOGS Infostealer Analysis
https://www.swisspost-cybersecurity.ch/news/purelogs-infostealer-analysis-dont-judge-a-png-by-its-header
https://terrific-dart-70e.notion.site/Application-A-Example-294f4ca0f424810eaf56eb26f6a4ea4e
#notion #bugbounty #checklist
𝗥𝗲𝘀𝗲𝗮𝗿𝗰𝗵 𝗪𝗼𝗿𝘁𝗵 𝗥𝗲𝗮𝗱𝗶𝗻𝗴 - 𝗪𝗲𝗲𝗸 𝟲, 𝟮𝟬𝟮𝟲
Busy week! AI, AI, AI and the death of Flash!
🤖 𝗦𝗲𝗺𝗴𝗿𝗲𝗽'𝘀 𝗔𝗴𝗲𝗻𝘁 𝗦𝗸𝗶𝗹𝗹𝘀
Semgrep released a set of agent skills worth looking into: github.com/semgrep/skills.
🤿 𝗦𝗵𝗮𝗸𝗶𝗻𝗴 𝘁𝗵𝗲 𝗠𝗖𝗣 𝗧𝗿𝗲𝗲: 𝗔 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗗𝗲𝗲𝗽 𝗗𝗶𝘃𝗲
You may think "just another MCP bug" but this post is actually worth reading: blog.voorivex.team/shaking-the-mc….
🤖 𝗘𝘃𝗮𝗹𝘂𝗮𝘁𝗶𝗻𝗴 𝗮𝗻𝗱 𝗺𝗶𝘁𝗶𝗴𝗮𝘁𝗶𝗻𝗴 𝘁𝗵𝗲 𝗴𝗿𝗼𝘄𝗶𝗻𝗴 𝗿𝗶𝘀𝗸 𝗼𝗳 𝗟𝗟𝗠-𝗱𝗶𝘀𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝟬-𝗱𝗮𝘆𝘀
This section resumes it: "Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models": red.anthropic.com/2026/zero-days/.
♦️ 𝗖𝗼 -𝗥𝗲𝗱𝗧𝗲𝗮𝗺: 𝗢𝗿𝗰𝗵𝗲𝘀𝘁𝗿𝗮𝘁𝗲𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿𝘆 𝗮𝗻𝗱 𝗘𝘅𝗽𝗹𝗼𝗶𝘁𝗮𝘁𝗶𝗼𝗻 𝘄𝗶𝘁𝗵 𝗟𝗟𝗠 𝗔𝗴𝗲𝗻𝘁𝘀
If you are working on a "LLM based hacker", you are going to want to read this: arxiv.org/pdf/2602.02164.
🚨 𝗔𝗻 𝗶𝗻𝘁𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻 𝘁𝗼 𝗮𝘂𝘁𝗼𝗺𝗮𝘁𝗲𝗱 𝗟𝗟𝗠 𝗿𝗲𝗱 𝘁𝗲𝗮𝗺𝗶𝗻𝗴
Promptfoo is a neat tool to add to your red teaming arsenal: blog.nviso.eu/2026/02/05/an-….
🛠️ 𝗦𝗰𝗮𝗹𝗮𝗯𝗹𝗲 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵 𝘁𝗼𝗼𝗹𝗶𝗻𝗴 𝗳𝗼𝗿 𝗮𝗴𝗲𝗻𝘁 𝘀𝘆𝘀𝘁𝗲𝗺𝘀
A great post on how to scale tooling for agent: knifecoat.com/Posts/Scalable….
🦝 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿𝗶𝗻𝗴 𝗡𝗲𝗴𝗮𝘁𝗶𝘃𝗲-𝗗𝗮𝘆𝘀 𝘄𝗶𝘁𝗵 𝗟𝗟𝗠 𝗪𝗼𝗿𝗸𝗳𝗹𝗼𝘄𝘀
That's something I toyed with in 2012 (Monitoring repositories for Fun and Profit - Ruxcon 2012), I used basic rules at the time. Obviously, having LLMs is a game changer for this kind of workload: spaceraccoon.dev/discovering-ne….
⚡️ 𝗪𝗵𝗮𝘁 𝗥𝗲𝗮𝗹𝗹𝘆 𝗞𝗶𝗹𝗹𝗲𝗱 𝗙𝗹𝗮𝘀𝗵 𝗣𝗹𝗮𝘆𝗲𝗿: 𝗔 𝗦𝗶𝘅-𝗬𝗲𝗮𝗿 𝗖𝗮𝗺𝗽𝗮𝗶𝗴𝗻 𝗼𝗳 𝗗𝗲𝗹𝗶𝗯𝗲𝗿𝗮𝘁𝗲 𝗣𝗹𝗮𝘁𝗳𝗼𝗿𝗺 𝗪𝗼𝗿𝗸
The story of the death of Adobe Flash, a must-read for AppSec practitioners. medium.com/@aglaforge/wha….
#MLSecOps
#Infosec_Standards
NIST AI 800-2 (IPD):
"Practices for Automated Benchmark Evaluations of Language Models", Jan. 2026.
// This document identifies practices for conducting automated benchmark evaluations of language models and similar general-purpose AI models that output text. Evaluations of these models, often embedded into systems capable of functioning as chatbots and AI agents, are increasingly common. However, consistent practices to support the validity and reproducibility of such evaluations are only beginning to emerge. The practices presented in this document are intended to reflect best practices; where relevant, practices that are relatively less mature in ecosystem use are labeled as emerging practice
#AppSec
Application Audit Checklist, 2025.
// Checklist to support application audits across governance, access controls, configuration, data integrity, logging, change management, integrations, and recovery
#exploit
#AppSec
1⃣ CVE-2025-67813:
RCE via Quest Desktop Authority Named Pipe
// A vulnerability in Quest Desktop Authority allows authenticated users to remotely execute code and perform malicious operations via a named pipe, which can be mitigated by patches, firewalls, or disabling the service
2⃣ CVE-2026-24002:
RCE sandbox escape in Grist‑Core
// One malicious formula can turn a spreadsheet into a RCE beachhead...
3⃣ CVE-2025-49825:
Teleport remote authentication bypass
// CVE-2025-49825 is a critical Teleport vulnerability allowing attackers to bypass authentication and potentially gain root access via nested SSH certificates if unpatched
#MalDev
#Malware_analysis
#Offensive_security
MacOS Malware Persistence
Part 1 - LaunchAgents. Simple C example
]-> Source code in GitHub
Part 2 - Shell environment hijacking. Simple C example
]-> Source code in GitHub
// Disclaimer
#AIOps
#Tech_book
"Agentic Design Patterns: A Hands-On Guide to Building Intelligent Systems", Oct. 2025.
// A comprehensive guide presenting 21 design patterns for building AI agents, using frameworks like LangChain, Crew AI, and Google ADK to create autonomous intelligent systems
Tool: AST-based security scanner for AI-generated code (MCP server)
https://ift.tt/mc6CoVt
Submitted February 06, 2026 at 09:55PM by NoButterfly9145
via reddit https://ift.tt/rbwKiQ3
⤷ Title: Kh_abdel/mitm-lab-tryhackme-detection-blue-vs-red-41fc73ec9594?source=rss------tryhackme-5">MITM lab + tryhackme Detection — Blue vs Red
════════════════════════
𐀪 Author: Khalil
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:48:58 GMT
════════════════════════
⌗ Tags: #tryhackme #ethical_hacking #man_in_the_middle_attack #ctf #wireshark
⤷ Title: Why Moltbook is Dangerous: Critical Zero-days Found in My Audit (Full Report)
════════════════════════
𐀪 Author: Saad Khalid
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:20:44 GMT
════════════════════════
⌗ Tags: #vulnerability #penetration_testing #cybersecurity #moltbook #ai
⤷ Title: Hacking Networking Services Home Lab
════════════════════════
𐀪 Author: Mainekhacker
════════════════════════
ⴵ Time: Fri, 06 Feb 2026 21:01:00 GMT
════════════════════════
⌗ Tags: #smb #protocol #cybersecurity #hacking #networking
#Analytics
#Threat_Research
An analytical review of the main cybersecurity events for the week (Jan.24-31, 2026)
1⃣ Critical eScan Supply Chain Compromise
// Anti-virus vendor eScan was compromised, and its update servers were used to install malware on some customer systems
2⃣ Fake Clawdbot VS Code Extension Installs ScreenConnect RAT
// The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions
3⃣ OpenSSL Updates
// OpenSSL released its monthly updates, fixing a potential RCE
4⃣ DoS Vulnerabilities in React Server Components
// Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition
5⃣ CVE-2026-21509 - MS Office 0-Day
// Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability
6⃣ StackRox 4.8.8 Kubernetes Security Platform + OpenAEV 2.0.14 Adversarial Exposure Validation Platform
// New releases have been released
7⃣ GnuPG 2.5.17
// This version fixes a critical security bug in versions 2.5.13 to 2.5.16
8⃣ Hacking Clawdbot and Eating Lobster Souls
// Part 2
9⃣ Operation Bizarre Bazaar
// First Attributed LLMjacking Campaign with Commercial Marketplace Monetization
1⃣0⃣ Silent Brothers: Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails
]-> Analytical review (Jan.17-24, 2026)
#MLSecOps
"Llama-3.1-FoundationAI-SecurityLLM-Reasoning-8B Technical Report", Jan 2026.
]-> Foundation-Sec-8B-Reasoning, the first open-source native reasoning model for cybersecurity
#Research
#IoD_Security
"A Large-Scale Evaluation Suite of Security, Resilience, and Trust for LLM-based UAV Agents over 6G Networks", 2026.
]-> Repo
// Large-scale benchmark for evaluating security, resilience, and trust of LLM-based UAV agents under realistic adversarial conditions in 6G-enabled networks, featuring layered attack taxonomies and CWE-aligned evaluation
#Analytics
#Research
"Frontier AI Auditing: Toward Rigorous Third-Party Assessment of Safety and Security Practices at Leading AI Companies", Jan 2026.
// We define frontier AI auditing as rigorous third-party verification of frontier AI developers' safety and security claims, and evaluation of their systems and practices against relevant standards, based on deep, secure access to non-public information