A 24-year-old British national and senior member of the cybercrime group “ Scattered Spider ” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors. Buchanan’s hacker handle “ Tylerb ” once graced a leaderboard in the English-language criminal hacking scene that tracked the most accomplished cyber thieves. Now in U.S. custody and awaiting sentencing, the Dundee, Scotland native is facing the possibility of more than 20 years in prison. Two photos published in a Daily Mail story dated May 3, 2025 show Buchanan as a child (left) and as an adult being detained by airport authorities in Spain. “M&S” in this screenshot refers to Marks & Spencer, a major U.K. retail chain that suffered a ransomware attack last year at the hands of Scattered Spider. Scattered Spider is the name given to a prolific English-speaking cybercrime group known for using social engineering tactics to break into companies and steal data for ransom, often impersonating employees or contractors to deceive IT help desks into granting access. As part of his guilty plea, Buchanan admitted conspiring with other Scattered Spider members to launch tens of thousan
Cybersecurity News and Vulnerability Aggregator
Cybersecurity news aggregator
treemd <(curl -sL https://allsec.sh/md) (as Markdown) Top Cybersecurity Stories Today
CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks. [...]
Overview Terrarium is a sandbox-based code execution platform that enables users to run and execute code in a controlled environment, providing a secure way to test and validate code. However, a vulnerability has been discovered in Terrarium that allows arbitrary code execution with root privileges on the host Node.js process. This vulnerability is caused by a JavaScript prototype chain traversal in the Pyodide WebAssembly environment. Description The root cause of the vulnerability lies in the configuration of jsglobals objects in service.ts . Specifically, the mock document object is created using a standard JavaScript object literal, which inherits properties from Object.prototype . This inheritance chain allows sandbox code to traverse up to the function constructor, create a function that returns globalThis , and from there access Node.js internals, including require() . As a result, an attacker can escape the sandbox and execute arbitrary system commands as root within the container. CVE-2026-5752 Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal. Impact Applications that use Terrarium for sandboxed code execution may be compromised, allowing an attacker to: Execute arbitrary commands as root inside the container Access and modify sensitive files, including /etc/passwd and environment variables Reach other services on the container's network, including databases and internal APIs
CEO suspects silicon sidekick behind 'surprising velocity' breach - cyber crims shop stolen data for $2M Vercel's CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with "surprising velocity" and a deep understanding of the company's infrastructure.…
France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor claimed the attack and stealing citizen data. [...]
Latest
With all the AI-assisted attacks (with Mythos hype) and credential abuse this year, wouldn’t a deterministic verification boundary at the edge be a better approach than identity-first access controls? if you'd like to check it out [https://nuvltech.com](https://nuvltech.com)
France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor claimed the attack and stealing citizen data. [...]
Earlier this month, Anthropic said its Mythos Preview model was so good at finding cybersecurity vulnerabilities that the company was limiting its initial release to "a limited group of critical industry partners." Since then, debate has raged over whether the model presages an era of turbocharged AI-aided hacking or if Anthropic is just building hype for what is a relatively normal step up on the ladder of advancing AI capabilities . Mozilla added some important data to that debate Tuesday, writing in a blog post that early access to Mythos Preview had helped it pre-identify 271 security vulnerabilities in this week's release of Firefox 150 . The results were significant enough to get Firefox CTO Bobby Holley to enthuse that, in the never-ending battle between cyberattackers and cyberdefenders, "defenders finally have a chance to win, decisively." "We've rounded the curve" Holley didn't go into detail on the severity of the hundreds of vulnerabilities that Mythos reportedly detected simply by analyzing the unreleased source code of Firefox's latest version. But by way of comparison, he noted that Anthropic's Opus 4.6 model found only 22 security-sensitive bugs when analyzing Firefox 148 last month .
Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor
NCSC boss says China's whole-of-state cyber machine has become Britain's peer competitor in cyberspace State-sponsored cyberattacks from Chinese intelligence and military agencies display "an eye-watering level of sophistication," UK National Cyber Security Centre CEO Richard Horne is expected to say in a less-than-cheery opening speech to kick off its annual conference.…
Lawmakers decry CISA cuts: 'We are shooting ourselves in the foot' If a cyberattack leads to a death, that's murder. A former FBI cyber division chief urged the US Justice Department to consider felony homicide charges against ransomware actors when attacks on hospitals lead to patient deaths.…
Hi guys, I send out a weekly newsletter with the latest cybersecurity vendor reports and research, and thought you might find it useful, so sharing it here. All the reports and research below were published between April 13th - April 19th. You can get the below into your inbox every week if you want: [https://www.cybersecstats.com/cybersecstatsnewsletter/](https://www.cybersecstats.com/cybersecstatsnewsletter/) # Big Picture Reports **CISO Survey 2026: The State of Incident Response Readiness (Sygnia)** You probably have an incident response plan, but could you execute it? Data says: likely not. **Key stats:** * 73% of senior cybersecurity decision-makers say their organizations would not be fully ready to execute under pressure if a significant cybersecurity attack occurred tomorrow. * 99% of organizations have formal incident response plans. * 90% anticipate coordination breakdowns in the event of a cyber incident. *Read the full report* [*here*](https://www.sygnia.co/guides-and-tools/ciso-survey-2026/)*.* **Resilience by design: Building connected ecosystems for the age of disruption (Telstra International & Economist Impact)** Supplier blind spots, reactive risk management, and uneven leadership accountability are leaving organizations exposed when disruption hits. **Key stats:** * Only 25% of organizations say their responses to digital disruption largely go to plan. * Only 27% say boards regularly review digital resilience plans and strategies. * Only 38% say board discussions on digital resilience lead to follow-up action. *Read the full report* [*here*](https://www.telstrainternational.com/en/news-research/research/digital-resilience)*.* # AI Security **Global CIO Report 2026: Harnessing AI (Logicalis)** A significant number of CIOs rank AI itself as a threat on par with malware and ransomware. Despite this (or maybe because of this), few have visibility into AI tool use within their organizations. **Key stats:** * Over a quarter of CIOs report AI as a significant source of risk, ranking it alongside malware, ransomware, and phishing. * Only 37% of CIOs say they have full visibility of AI tools in use across their organization. * 62% say employees jeopardize data security through AI use. *Read the full report* [*here*](https://www.logicalis.com/cio-report)*.* **AI Security Testing: Agents Leap from Assistants to Autonomous Hackers (Forescout)** In a scary (but perhaps predictable) turn of events, AI models can now generate working exploits. **Key stats:** * All tested AI models now complete vulnerability research tasks, and 50% generate working exploits autonomously. * A year ago, 55% of AI models failed basic vulnerability research, and 93% failed exploit development tasks. * Every model produced at least one false-positive run by hallucinating vulnerable paths in real-world tasks. *Read the full report* [*here*](https://www.forescout.com/blog/ai-security-testing-agents-leap-from-assistants-to-autonomous-hackers/)*.* **The State of the Agent: Understanding Adoption, Risk, and Mitigation (Rubrik Zero Labs)** You’ve heard (or maybe seen) this already - most organizations are adopting autonomous AI agents, without observability, controls, and recovery capabilities needed to manage the new risks emerging across them. **Key stats:** * 86% of IT and security leaders expect AI agents to outpace their organization's security guardrails within the next year. * 88% say they lack the ability to roll back AI agent actions without system disruption. * More than 80% report that AI agents require more manual oversight than they save in efficiency. *Read the full report* [*here*](https://zerolabs.rubrik.com/reports/state-agent-understanding-adoption-risk-and-mitigation)*.* **Cyware Survey Reveals 77% of Security Professionals See the Urgent Need for Controlled, Agentic AI in Intel-Driven Security Workflows (Cyware)** Confirming the above, this report shows that most security teams are rushing to adopt agentic AI without the oversight and governance to match. **Key stats:** * 77% of cybersecurity professionals prefer AI solutions that prioritize analyst oversight and control over fully independent action. * 78% confirm that AI has already improved threat intelligence operations to some degree. * Real-time sharing of threat intelligence across SecOps, incident response, and vulnerability management nearly doubled from 17% in 2025 to 32% in 2026. *Read the full report* [*here*](https://www.cyware.com/news-and-press/cyware-survey-reveals-77-of-security-professionals-see-the-urgent-need-for)*.* **2026 IT Trends Report: The Human Side of Autonomous IT (SolarWinds)** AI is changing how IT professionals work. **Key stats:** * 80% of IT professionals agree that the IT role is shifting from operators to orchestrators. * 71% report needing to double-check AI outputs. * 62% report difficulty trusting AI recommendations. *Read the full report* [*here*](https://www.solarwinds.com/campaign/it-trends)*.* # Ransomware **GRIT Q1 2026 Ransomware & Cyber Threat Insights Report (GuidePoint Security)** Ransomware hasn’t gone away. One group in particular has been relentless last quarter. **Key stats:** * The Gentlemen ransomware group increased from 35 victims in Q4 2025 to 182 victims in Q1 2026. * The construction industry experienced 131 ransomware victims in Q1 2026, a 44% year-over-year increase. * 51% of observed ransomware victims in Q1 2026 were based in the United States. *Read the full report* [*here*](https://www.guidepointsecurity.com/resources/GRIT-Q1-2026-Ransomware-Cyber-Threat-Insights-Report/)*.* **Data Trust and Resilience Report 2026 (Veeam)** Organizations claim they can recover within recovery time objectives, but only a fraction can actually recover all affected data after ransomware. **Key stats:** * 90% of organizations say they can recover from a cyber incident within their recovery time objectives (RTOs). * Among organizations hit by ransomware that affected operations or data, only 28% fully recovered all affected data. * On average, organizations recover 72% of affected data following a ransomware attack. *Read the full report* [*here*](https://go.veeam.com/data-trust-resilience-report)*.* # Bot Traffic **Fastly Threat Insights Report (Fastly)** Bot traffic has reached near-parity with human traffic. **Key stats:** * In January 2026, bots accounted for 49% of all requests, nearly matching human traffic at 51%. * 99% of bot traffic is unwanted or unverifiable. * 60% of all origin traffic is from bots. *Read the full report* [*here*](https://learn.fastly.com/Security-Threat-Insights-Report?_gl=1*103mzdp*_gcl_au*NDk2MzQxNzkxLjE3NzY1MTYxNjY.)*.* # Enterprise Perspective **Enterprise AI Security Starts with AI Agents (Cloud Security Alliance & Zenity)** AI agents are everywhere in the enterprise, and nearly half of organizations have had a security incident because no one's really watching them. **Key stats:** * 53% of organizations have had AI agents exceed their intended permissions, leaving them vulnerable to increased risk. * 47% experienced a security incident involving an AI agent in the past year. * Only 15% report that 76 to 100% of AI agents have defined ownership. *Read the full report* [*here*](https://cloudsecurityalliance.org/artifacts/enterprise-ai-security-starts-with-ai-agents)*.* # MSPs **BYOD Requests Reach 65% of MSPs — 55% See Client Incidents (Omdia & Aura Business)** Good insights into the risks personal devices bring to the workplace. **Key stats:** * 65% of US-based managed service providers report that at least one client asked for help addressing the security or data-exposure risks of employee-owned devices in the past 12 months. * There is a 55 percentage point gap between corporate laptop monitoring (79%) and employee-owned device monitoring (24%). * 55% of MSPs report at least one BYOD-related security incident in the past 24 months. *Read the full report* [*here*](https://www.aura.com/reports/the-byod-opportunity-for-msps)*.* # Industry-Specific **Healthcare Sector Cyber Threat Intelligence Report Q1 2026 (Securin)** Healthcare organizations continue to be easy targets. **Key stats:** * Healthcare organizations are being hit by cyberattacks about every 10 hours. * The ransom payment rate in healthcare is 68 to 72% compared with about 40% in other sectors. * 59% of cyberattacks on healthcare organizations involve ransomware. *Read the full report* [*here*](https://www.securin.io/healthcare-sector-cyber-threat-intelligence-report-q1-2026)*.*
Adding to the DFIR + AI theme, in case you didn't see it on LinkedIn, we released an MCP server for Autopsy last week (and Cyber Triage). This allows you to connect Claude Desktop (or similar) to Autopsy and ask questions about the results. It's a read-only interface, so your original data won't get modified by the AI. We've also been doing an Intro DFIR+AI series if you are just starting to really pay attention to how to integrate these things: Autopsy Release: [https://www.autopsy.com/autopsy-4-23-0-release-claude-ai-assistant-mcp-cyber-triage-integration/](https://www.autopsy.com/autopsy-4-23-0-release-claude-ai-assistant-mcp-cyber-triage-integration/) AI Blogs: * [How to Let AI Access Your DFIR and SOC Investigation Data](https://www.cybertriage.com/ai/how-to-let-ai-access-your-dfir-and-soc-investigation-data/) * [MCP Servers for DFIR and SOC Investigations using AI](https://www.cybertriage.com/ai/intro-to-mcp-servers-for-dfir-and-soc-investigations-using-ai/) * [How To Share Your “SKILLS” With the LLM](https://www.cybertriage.com/blog/ai-dfir-how-to-share-your-skills-with-the-llm/)
I'm curious to get everyone's take on this. The U.S. Bureau of Labor Statistics has a projection of 29% growth for Information Security Analysts in the next decade. From my research, it seems that the BLS statistics tend to be fairly accurate. They have a low margin of error, but they tend to be fairly on point, and this projection is one of their highest, which I feel shows a level of confidence in its accuracy. [https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-1](https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm#tab-1) However, everything I've seen in the field and from talking to others indicates the opposite. It seems that AI has already culled a large number of SOC positions and will likely continue to do so. Are these jobs indicative of a shift towards AI compliance? How do you see the market shifting? Personally, I see it leaning more towards what cybersecurity used to be as a mid-late career transition for existing IT professionals. Although now it's hard to say what mid-late IT looks like for people in the future, since I feel most traditional sys admin roles will shrink.
A previously undocumented data-wiping malware dubbed Lotus was used last year in targeted attacks against energy and utilities organizations in Venezuela. [...]
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led to the discovery of a botnet of more than 1,570 victims. "SystemBC establishes SOCKS5 network tunnels within
CVE-2026-32604 and CVE-2026-32613 are both 10.0 severity vulnerabilities in Spinnaker, which allow attackers to execute arbitrary code and access production cloud environments and source control. They provide an easy path from a compromised workstation to more sensitive areas. Our blog post contains a comprehensive technical breakdown and working POCs.
CISA gives federal agencies 4 days to patch America's lead cyber-defense agency has warned that three Cisco Catalyst SD-WAN Manager bugs are under attack, and given federal agencies just four days to patch the security holes.…
When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint detection and response platforms, vulnerability scanners, cloud security posture tools, container image scanners. A large organization can easily accumulate hundreds of thousands of individual findings. The standard response is to sort by CVSS score, filter for criticals, and start patching. But vulnerability management needs to shift from CVSS-based severity ranking to contextual exploit chain analysis — evaluating how individual vulnerabilities combine into realistic attack paths. The problem is that CVSS scores evaluate vulnerabilities in isolation. A renderer vulnerability in a web browser is serious, but the browser sandbox contains it. A sandbox escape is dangerous, but it requires an initial foothold to exploit. Neither finding alone tells you the full story. But if the same endpoint is vulnerable to both, an attacker can chain them together into a zero click, full host compromise with no user interaction beyond visiting a webpage. That combined risk is qualitatively different from anything either CVE represents on its own. Recently, we used Praetorian Guard to analyze a customer environment containing roughly 500,000 vulnerability findings ingested from the customer’s CrowdStrike deployment. Guard integrates with over
A lawsuit from the Consumer Federation of America accuses Meta of misleading consumers about its efforts to combat scams advertisements on its platforms.
Data from browsers, cryptocurrency wallets, 200+ extensions hoovered up A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live session cookies from 14 browsers, 16 cryptocurrency wallets, and more than 200 extensions.…
Spent some time analyzing DinDoor samples and thought the findings might be useful for other blue teamers. This backdoor downloads the legitimate Deno runtime and uses it to execute obfuscated JavaScript for C2 communication. The post notes this could be a detection gap in tools tuned for PowerShell, Python, or Node.js. Two samples, different execution patterns. One writes JS to disk, the other passes it directly to Deno as a base64 data URI and runs in memory. Found a JWT embedded in one sample's C2 path that leaked campaign metadata when decoded, including ties to serialmenot\[.\]com (multi-tenant platform used by multiple operators). The interesting part was the infrastructure pivot. DinDoor servers return a specific set of HTTP headers on port 80, including a doubled Caddy proxy signature (Via: 1.1 Caddy, 1.1 Caddy). Built a query around that response profile, and it returned 20 active C2 servers spread across 15 ASNs Full writeup with the HuntSQL query, all IOCs, and the complete IP list: [https://hunt.io/blog/dindoor-deno-runtime-backdoor-msi-analysis](https://hunt.io/blog/dindoor-deno-runtime-backdoor-msi-analysis) Anyone else seeing runtime abuse in their environments? Curious what patterns others are tracking.
Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed
VU#890999: Radware Alteon has a reflected XSS vulnerability that can execute JavaScript in the host browser
Overview Radware Alteon has a reflected Cross-Site Scripting (XSS) vulnerability in the parameter ReturnTo of the route /protected/login. This vulnerability allows an attacker to execute JavaScript in the host browser. Description CVE-2026-5754: Reflected Cross-Site Scripting (XSS) vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities. A reflected Cross-Site Scripting (XSS) vulnerability exists in the ReturnTo parameter of the /protected/login route in Radware Alteon version 34.5.4.0. The vulnerability arises from the lack of user input sanitization, allowing an attacker to inject malicious scripts. Specifically, when a user requests a resource that redirects to a Microsoft SAML login page, the load-balancer redirects the user to the login page with a ReturnTo parameter that fails to sanitize user input. An attacker can exploit this by injecting a malicious payload in the ReturnTo parameter, which will be executed in the victim's browser. An example attack flow is below: Attacker creates link with XSS payload in ReturnTo parameter. Victim clicks malicious link, redirecting to login page. Load-balancer reflects malicious ReturnTo parameter, executing XSS payload. Attacker performs JavaScript code execution in the victim's browser. Impact The impact of this vulnerability is significant, as it allows an attacker to execute arbitrary JavaScript
A 24-year-old British national and senior member of the cybercrime group “ Scattered Spider ” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology companies and steal tens of millions of dollars worth of cryptocurrency from investors. Buchanan’s hacker handle “ Tylerb ” once graced a leaderboard in the English-language criminal hacking scene that tracked the most accomplished cyber thieves. Now in U.S. custody and awaiting sentencing, the Dundee, Scotland native is facing the possibility of more than 20 years in prison. Two photos published in a Daily Mail story dated May 3, 2025 show Buchanan as a child (left) and as an adult being detained by airport authorities in Spain. “M&S” in this screenshot refers to Marks & Spencer, a major U.K. retail chain that suffered a ransomware attack last year at the hands of Scattered Spider. Scattered Spider is the name given to a prolific English-speaking cybercrime group known for using social engineering tactics to break into companies and steal data for ransom, often impersonating employees or contractors to deceive IT help desks into granting access. As part of his guilty plea, Buchanan admitted conspiring with other Scattered Spider members to launch tens of thousan
Perforce is source control software used in games, entertainment, and a few engineering sectors. It's particularly useful when large binary assets need to be stored alongside source code. It handles binary assets much better than Git, IMO. However, its one weakness is its terrible security defaults. You will die a bit inside when you see the out-of-the-box behaviour: "Don't have an account? Let me make one for you!" and "Oh, you didn't know by default there is a hidden, read-only 'remote' user that allows read access to everything? Oops!" I scanned 6,122 public Perforce servers last year. 72% were exposing source code, 21% had passwordless accounts, and 4% had unprotected superusers (which allow RCE). The vendor patched the largest issue, but a significant portion are still vulnerable. Full write-up and methodology: [https://morganrobertson.net/p4wned/](https://morganrobertson.net/p4wned/) Tools repo, including Nuclei templates to scan your infra: [https://github.com/flyingllama87/p4wned](https://github.com/flyingllama87/p4wned) **Hardening is a pain, but here it is summed up:** ``` p4 configure set security=4 # disables the built-in 'remote' user + strong auth p4 configure set dm.user.noautocreate=2 # kills auto-signup p4 configure set dm.user.setinitialpasswd=0 # users cannot self-set first password p4 configure set dm.user.resetpassword=1 # force password reset flow p4 configure set dm.info.hide=1 # hide server license, internal IP, root path p4 configure set run.users.authorize=1 # user listing requires auth p4 configure set dm.user.hideinvalid=1 # no hints on bad login p4 configure set dm.keys.hide=2 # hide stored key/value pairs from non-admins p4 configure set server.rolechecks=1 # prevent P4AUTH misuse ``` Happy to answer any questions on the research!
Hi, I have been in the field for a while, and when I started my journey I saw and used paul Jerimy cert which really help me view all my options and plan ahead. After couple of years I also started teaching cybersecurity on the side. Now I always use Paul Jerimy roadmap to show my students the size of the industry and help them plan but the last update was in 2024 and I did not find any alternative which felt quite right. So I decided to build my own and also make it publicly in the end in case it helps others the same way Paul's map helped me and also get some feedback. Now about the current features - 385 certs across 15 domains, each with actual data (each has a profile) and difficulty, practical weight(debatable), cost, DoD 8140 status and what roles it opens(there are also role possible paths). features sum: * Cert view with filters by domain, level, cost, DoD 8140, and practical % * Skills view: find certs by their need/giving skills * Role paths for 40+ careers with estimated times Would love feedback and opinions from the community and I will note that its still in early days and there is more planned. Here it is - [ebcertmap.com](http://ebcertmap.com)
Plus: Court papers reveal nonprofit paid a ransom worth nearly $26.8 million The third of three former ransomware negotiators accused of assisting the ALPHV/BlackCat ransomware gang in extorting US businesses has pleaded guilty, months after his two co-workers did the same.…
Fraud prevention and user experience don't have to be a tradeoff. IPQS shows how combining identity, device, and network signals stops fraud without adding friction. [...]
Ofcom, the United Kingdom's independent communications regulator, has launched an investigation into Telegram based on evidence suggesting it's being used to share child sexual abuse material (CSAM). [...]
Overview Terrarium is a sandbox-based code execution platform that enables users to run and execute code in a controlled environment, providing a secure way to test and validate code. However, a vulnerability has been discovered in Terrarium that allows arbitrary code execution with root privileges on the host Node.js process. This vulnerability is caused by a JavaScript prototype chain traversal in the Pyodide WebAssembly environment. Description The root cause of the vulnerability lies in the configuration of jsglobals objects in service.ts . Specifically, the mock document object is created using a standard JavaScript object literal, which inherits properties from Object.prototype . This inheritance chain allows sandbox code to traverse up to the function constructor, create a function that returns globalThis , and from there access Node.js internals, including require() . As a result, an attacker can escape the sandbox and execute arbitrary system commands as root within the container. CVE-2026-5752 Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal. Impact Applications that use Terrarium for sandboxed code execution may be compromised, allowing an attacker to: Execute arbitrary commands as root inside the container Access and modify sensitive files, including /etc/passwd and environment variables Reach other services on the container's network, including databases and internal APIs
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory exposure, and brand damage. The root cause of slow MTTR is almost never "not enough analysts." It is almost always the same structural problem: threat intelligence that exists
For us humans to interact with the online world, we need a gateway: keyboard, screen, browser, device. What is called "human detection" online are patterns that humans use when interacting with such devices. These patterns have changed in recent years: a startup CEO now uses their browser to summarize the news, a tech enthusiast automates the process to book their concert tickets when sales open at night, someone who's visually impaired enables accessibility on their screen reader, and companies route their employee traffic through zero trust proxies. At the same time, website owners are still looking to protect their data, manage their resources, control content distribution, and prevent abuse. These problems aren’t solved by knowing whether the client is a human or a bot: There are wanted bots and there are unwanted humans. These problems require knowing intent and behavior. The ability to detect automation remains critical. However, as the distinctions between actors become blurry, the systems we build now should accommodate a future where "bots vs. humans" is not the important data point. What actually matters is not humanity in the abstract, but questions such as: is this attack traffic, is that crawler load proportional to the traffic it returns, do I expect this user to connect from this new country, are my ads being gamed? What we discuss with the term “bots” is really two stories. The first is whether website owners should let known crawlers through when they are not getting traffic back. We have touched on this with bot authentication with http message signatures for crawlers that want to identify without being impersonated. The second is the emergence of new clients that do not embed the same behaviors as web browsers historically did, which matters for systems such as private rate limit . In thi
Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. "The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated," ESET security researcher Lukáš Štefanko said in a
CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager vulnerability it flagged as actively exploited in attacks. [...]
CEO suspects silicon sidekick behind 'surprising velocity' breach - cyber crims shop stolen data for $2M Vercel's CEO reckons the crooks behind its recent breach likely had a helping hand from AI, saying the attackers moved with "surprising velocity" and a deep understanding of the company's infrastructure.…
IOCX v0.7.0 is out. It’s a static IOC extraction and PE‑analysis engine built for DFIR and malware‑analysis workflows focused on deterministic behaviour. This release adds a deterministic heuristic engine, new adversarial PE samples, and a contract‑testing framework to keep output stable across runs. **Key changes in v0.7.0:** **Deterministic heuristic engine (new)** Snapshot‑tested heuristics for: * anti‑debug API usage * TLS callback anomalies * packer‑like section layouts + entropy * RWX sections * import‑table anomalies * signature anomalies Runs under `analysis_level = full` and is designed to avoid false‑positive reconstruction. **Adversarial PE samples (new)** Three intentionally hostile binaries covering: * rich/atypical imports * high‑entropy + malformed Rich Headers * split/reversed/null‑interspersed strings Useful to validate deterministic heuristics and literal-only IOC extraction. **Rich Header crash fix** Malformed Rich Headers with non‑UTF8 bytes could break JSON serialization. v0.7.0 adds a deep sanitiser that hex‑encodes nested byte structures for deterministic, JSON‑safe output. **Snapshot‑driven contract testing** Each sample has a byte‑for‑byte JSON snapshot. Output must match exactly — same file, same output, every time. **Performance** Remains \~28 MB/s on typical PE samples. **Links** GitHub: [https://github.com/iocx-dev/iocx](https://github.com/iocx-dev/iocx) PyPI: [https://pypi.org/project/iocx/](https://pypi.org/project/iocx/) **Example** `pip install iocx` `iocx suspicious.exe -a full` Happy to hear feedback from anyone working with obfuscated or adversarial PE samples.
A new 13Cubed episode is now available. I’ve got some thoughts about AI. Let’s talk about how it’s changing digital forensics, how I actually use it in practice, and what you need to know if you’re in or entering the field. [https://www.youtube.com/watch?v=wKn-9sKBqX8](https://www.youtube.com/watch?v=wKn-9sKBqX8)
Mexican IT services firm admits it was hacked, but says client operations weren't affected A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted screenshots of what they claimed was company video surveillance footage to a cybercrime forum.…
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn't changed: stolen credentials. Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing
No facial recognition privacy intrusions either! Well, maybe a little London's Metropolitan Police is trialing new retail technology to help curtail the city's pervasive shoplifting problem… and it doesn't rely on live facial recognition (LFR).…
Forensic readiness is not yet a clean standalone category, but enterprises are already spending on the underlying problem through digital forensics, incident response, and evidence-focused security workflows.
There’s a lot of love all over the world for GrapheneOS, the gold standard of mobile security. There’s very little love between the two guys at the center of its history.
COPENHAGEN, Denmark, 21 April 2026 — Heimdal today unveiled the next phase of its AI strategy, expanding AI Wingman with three new layers – Assist, Triage and SOC – alongside the introduction of Third-Party AI Containment. Together, these capabilities build on Heimdal’s existing AI-powered protection and give organisations a clearer way to manage AI safely, speed […] The post Heimdal Expands AI Strategy with AI Wingman and Third-Party AI Containment appeared first on Heimdal Security Blog .
Fake emails already doing the rounds as ransomware crew boasts about what it allegedly stole UK enterprise software consultancy The Adaptavist Group is investigating a security breach after an intruder logged in with stolen credentials, while a ransomware crew claims it grabbed far more than the company is currently admitting.…
Admins are tired of taking photos, so this enables secure on-site unattended enrolment Japanese industrial giant Panasonic has created a new form of QR code it says will only work on designated devices and environments.…
And China is loving it Iranian media is claiming that the US used backdoors and/or botnets to disable networking equipment during the current war, and Chinese state media is dining out on the allegations.…
What Happens When Sara Pentest Gets Six Hours With a Live Application In a single six-hour session, with no human intervention, Sara found and fully exploited multiple high-severity vulnerabilities across a live application including a SQL injection (SQLi), an admin account takeover, and stored cross-site scripting. In fact, 70% of Sara’s findings on this target […] The post How Sara Pentest is Changing the Game for AI Pentesting appeared first on Synack .
Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus
A lesson in how not to respond to vulnerability reports UPDATED Vibe-coding platform Lovable is pooh-poohing a researcher’s finding that anyone could open a free account on the service and read other users' sensitive info, including credentials, chat history, and source code. However, the company’s story keeps changing: First it attributed the publicly exposed info to "intentional behavior" and "unclear documentation," then threw bug-bounty service HackerOne under the bus.…
State-sponsored North Korean hackers are likely behind the $290 million crypto-heist that impacted the KelpDAO DeFi project on Saturday. [...]
A set of 26 malicious apps on Apple App Store impersonate popular wallets, such as Metamask, Coinbase, Trust Wallet, and OneKey, to steal recovery or seed phrases and drain them of cryptocurrency assets. [...]
Installation and pre-approval without consent looks dubious under EU law One app should not modify another app without asking for and receiving your explicit consent. Yet Anthropic's Claude Desktop for macOS installs files that affect other vendors' applications without disclosure, even before those applications have been installed, and authorizes browser extensions without consent.…
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code. SGLang is a high-performance, open-source serving
Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks. [...]
Backups protect data, but don't keep your business running during downtime. Datto shows why BCDR is essential to keep operations running during ransomware and outages. [...]
Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push payloads. It’s not breaking systems—it’s bending trust. There’s also a shift in how attacks run.
Out-of-band or out of control? Microsoft has pushed out an out-of-band update to address the restart loop that hit some Windows Server devices after its April update.…
Today marks the end of our first Agents Week, an innovation week dedicated entirely to the age of agents. It couldn’t have been more timely: over the past year, agents have swiftly changed how people work. Coding agents are helping developers ship faster than ever. Support agents resolve tickets end-to-end. Research agents validate hypotheses across hundreds of sources in minutes. And people aren't just running one agent: they're running several in parallel and around the clock. As Cloudflare's CTO Dane Knecht and VP of Product Rita Kozlov noted in our welcome to Agents Week post , the potential scale of agents is staggering: If even a fraction of the world's knowledge workers each run a few agents in parallel, you need compute capacity for tens of millions of simultaneous sessions. The one-app-serves-many-users model the cloud was built on doesn't work for that. But that's exactly what developers and businesses want to do: build agents, deploy them to users, and run them at scale. Getting there means solving problems across the entire stack. Agents need compute that scales from full operating systems to lightweight isolates. They need security and identity built into how they run. They need an agent toolbox : the right models, tools, and context to do real work. All the code that agents generate needs a clear path from afternoon prototype to production app. And finally, as agents drive a growing share of Internet traffic, the web itself needs to adapt for the emerging agentic web . Turns out, the containerless, serverless compute platform we launched eight years ago with Workers was ready-made for this moment. Since then, we've grown it into a full platform, and this week we shipped the next wave of primitives purpose-built for agents, organized around exactly those problems. We are here to create Cloud 2.0 — the agentic cloud. Infr
In the last 30 days, 93% of Cloudflare’s R&D organization used AI coding tools powered by infrastructure we built on our own platform. Eleven months ago, we undertook a major project: to truly integrate AI into our engineering stack. We needed to build the internal MCP servers, access layer, and AI tooling necessary for agents to be useful at Cloudflare. We pulled together engineers from across the company to form a tiger team called iMARS (Internal MCP Agent/Server Rollout Squad). The sustained work landed with the Dev Productivity team, who also own much of our internal tooling including CI/CD, build systems, and automation. Here are some numbers that capture our own agentic AI use over the last 30 days: 3,683 internal users actively using AI coding tools (60% company-wide, 93% across R&D), out of approximately 6,100 total employees 47.95 million AI requests 295 teams are currently utilizing agentic AI tools and coding assistants. 20.18 million AI Gateway requests per month 241.37 billion tokens routed through AI Gateway 51.83 billion tokens processed on Workers AI The impact on developer velocity internally is clear: we’ve never seen a quarter-to-quarter increase in merge requests to this degree. As AI tooling adoption has grown the 4-week rolling average has climbed from ~5,600/week to over 8,700. The week of March 23 hit 10,952, nearly double the Q4 baseline. MCP servers were the starting point, but the team quickly realized we needed to go further: rethink how standards are codified, how code gets reviewed, how engineers onboard, and how changes propagate across thousands of repos. Thi
Code review is a fantastic mechanism for catching bugs and sharing knowledge, but it is also one of the most reliable ways to bottleneck an engineering team. A merge request sits in a queue, a reviewer eventually context-switches to read the diff, they leave a handful of nitpicks about variable naming, the author responds, and the cycle repeats. Across our internal projects, the median wait time for a first review was often measured in hours. When we first started experimenting with AI code review, we took the path that most other people probably take: we tried out a few different AI code review tools and found that a lot of these tools worked pretty well, and a lot of them even offered a good amount of customisation and configurability! Unfortunately, though, the one recurring theme that kept coming up was that they just didn’t offer enough flexibility and customisation for an organisation the size of Cloudflare. So, we jumped to the next most obvious path, which was to grab a git diff, shove it into a half-baked prompt, and ask a large language model to find bugs. The results were exactly as noisy as you might expect, with a flood of vague suggestions, hallucinated syntax errors, and helpful advice to "consider adding error handling" on functions that already had it. We realised pretty quickly that a naive summarisation approach wasn't going to give us the results we wanted, especially on complex codebases. Instead of building a monolithic code review agent from scratch, we decided to build a CI-native orchestration system around OpenCode , an open-source coding agent. Today, when an engineer at Cloudflare opens a merge request, it gets an initial pass from a coordinated smörgåsbord of AI agents. Rather than relying on one model with a massive, generic prompt, we launch up to seven specialised reviewers covering security, performance
The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don't fail because of bad technology. They stall because what worked in the demo doesn't survive contact with real operations. The gap between a
Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code execution and have a cascading effect on the artificial intelligence (AI) supply chain. "This flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation, granting attackers direct access to
Years before the figure skater became an Olympic superstar, a Chinese operative tried to stalk her father and monitored other US residents deemed dissidents against China. And that’s just the beginning.
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local configuration files, and scan for operational technology (OT)-relevant services on the local subnet.
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the [Reverse Engineering StackExchange](http://reverseengineering.stackexchange.com/). See also /r/AskReverseEngineering.
Hey community, I'm sharing my latest post about clickdetect, an alternative to ElastAlert.
Before Cisco disclosed a CVSS 10.0 zero-day, GreyNoise sensors had already observed eight surges of targeting activity compressing from 39 days to 2 days. A new study finds this pattern repeated across 33 CVEs and 16 vendor families — with a median lead time of 11 days. Read the full findings.
Aren't we all just prompting tokens of linguistic meaning and hoping the other person isn't bullshitting us? kettle It's a week of the year, which means there's been the discovery of yet another prompt injection attack that will force supposedly well-guarded AI bots to spill secrets by asking the right way. …
Passing the buck, and the blame, down the road shows lack of AI companies' maturity OPINION AI vendors: "You need to use AI to fight AI threats (and do everything else in your corporate IT environment)." Also AI vendors: "That's not a security flaw; it's working as intended."…
**Hey everyone,** I just pushed Crow-Eye version 0.9.1. I completely rewrote the LNK/JumpList parsers from scratch, enhanced the Prefetch parser, and standardized global UTC time handling across all artifacts. It’s faster, more resilient, and the expanded timeline visualization now supports even more artifacts. But while pushing these updates, I wanted to talk about a growing problem in our field: **The "Black Box" of Forensics.** Right now, most people depend heavily on parsers without really knowing the behavior underneath them. With AI becoming more prevalent, this problem is only going to get worse. People will start trusting outputs without understanding the binary structure or the forensic anatomy of what they are actually looking at. I have a different vision. I believe AI should make it easier for researchers to develop parsers and understand data, not just blindly output answers. That’s why I decided we need a backbone , something to help the next generation deeply understand the forensic anatomy we are studying. # 👁️ Introducing "Eye-Describe": Visualizing the Binary Truth To fix this, I am building a new educational suite called Eye-Describe. It aims to visually explain the internal binary structures of forensic artifacts directly to the user. It will show investigators exactly how the parsers work under the hood. When you are looking at extracted data (like Prefetch or Amcache), you won't just see the result. Eye-Describe will visually highlight the binary structure of the artifact, showing you exactly where in the hex data that specific evidence was extracted from, and why it matters. **A Live Example: The Windows Boot Disk Explorer** To give you a taste of this philosophy, I’ve published the first piece of this initiative online: The Interactive Tool: Windows Boot Disk Explorer (https://crow-eye.com/Eye-Describe/windows\_boot\_disk\_explorer) The Deep-Dive Article: The Anatomy of the Windows Boot Process (https://crow-eye.com/booting-process) Instead of just listing partitions, this interactive tool visually breaks down the actual physical disk architecture (UEFI+GPT vs. BIOS+MBR). When you click a segment (like the ESP or MSR), it reveals its specific forensic role, the file structure inside it, and a node-based visualization showing exactly how the files interact during the system startup sequence. https://preview.redd.it/b5m273lvu0wg1.png?width=1447&format=png&auto=webp&s=d209ec6a07b5280c796aa21b8a741f8473bfb4de \--- Coming in Crow-Eye 0.10.0: "The Eye" AI Agent While we are building out this Eye-Describe educational backbone, we are simultaneously working on our AI integration. In our next major release (0.10.0), we are introducing **The Eye** a feature that allows users to connect their own API keys or CLI agents directly into Crow-Eye. This isn't just a basic chatbot. The Eye will have direct access to the parser results generated by Crow-Eye, making it deeply aware of both your specific forensic data and general artifact behavior. It will assist investigators by: Spotting the Unseen: By analyzing the parsed results across all artifacts, The Eye can proactively spot anomalies, correlations, or hidden tracks that you might have missed during manual review. Building & Testing Hypotheses: You can propose an attack scenario, and the agent will use the actual parsed evidence to help you verify if the artifacts support or refute that hypothesis, helping you build a clear picture of the attack. Evaluating Trust: It will understand the nuances of different artifacts advising you on what data is highly reliable (like the MFT) versus what might be easily manipulated or fragile. Querying the Database: Helping you search through massive datasets using natural language. \--- 🤝 Open Call to Researchers & Reverse Engineers I’d love for you to check out the Boot Disk Explorer concept and read the article. Let me know what you think what artifacts do you think are the hardest for students to grasp and would benefit most from this kind of visual binary breakdown? If you have deep knowledge about the binary structure of specific Windows artifacts and want to help visualize them, please reach out! I believe collaborating on this will massively help the DFIR community and the next generation of investigators. You can contact me directly at: [Ghassanelsman@gmail.com](mailto:Ghassanelsman@gmail.com) GitHub Repo: [https://github.com/Ghassan-elsman/Crow-Eye](https://github.com/Ghassan-elsman/Crow-Eye) Eye-Describe : [https://crow-eye.com/Eye-Describe/windows\_boot\_disk\_explorer](https://crow-eye.com/Eye-Describe/windows_boot_disk_explorer) Boot Process Article: [https://crow-eye.com/booting-process](https://crow-eye.com/booting-process) Happy hunting!
Plus: Major data breaches at a gym chain and hotel giant, a disruptive DDoS attack against Bluesky, dubious ICE hires, and more.
This is ModsHub (formerly FiveMods) - a GTA V/FiveM software claiming to have over 1,2 million active users. It falls under the family TamperedChef. It shares similarities with previous TC-classified software - e.g. it collects a lot of system user data, provides extensive logging, various backup domains, obfuscated C2 communication and scheduled task set to autorun every day at 18:00 with a custom argument. We have also discovered a more capable variant (**which does not fall under the same business/network**) called Network Graphics that includes for example WebSocket connection that shares undeniable similarities with ModsHub - the code, technical functionality, behaviour and **code signer Danylo Babenko** are all almost identical. Full report: [https://rifteyy.org/report/tamperedchef-within-gta-v-modding-community](https://rifteyy.org/report/tamperedchef-within-gta-v-modding-community)
Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack that bore hallmarks of foreign intelligence agency involvement. This attack led to the theft of over 1
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting
The Kill Chain models how an attack succeeds. The Attack Helix models how the offensive baseline improves. The Tipping Point One person. Two AI subscriptions. Ten government agencies. 150 gigabytes of sovereign data. In December of 2025, a single unidentified operator used Anthropic’s Clau
Bug hiding in plain sight for over a decade lands on KEV list CISA is sounding the alarm on a newly-exploited Apache ActiveMQ bug, ordering federal agencies to patch within two weeks as attackers circle a flaw that's been quietly lurking for more than a decade.…
Or, how public information and a €5 tracker exposed an avoidable opsec lapse Militaries around the world spend countless hours training, developing policies, and implementing best operational security practices, so imagine the size of the egg on the face of the Dutch navy when journalists managed to track one of its warships for less than the cost of some hagelslag and a coffee.…
A post-midnight revolt in the House sank the White House's efforts to extend Section 702—a spy program the FBI has used to look into members of Congress, protesters, and political donors.
The web has always had to adapt to new standards. It learned to speak to web browsers, and then it learned to speak to search engines. Now, it needs to speak to AI agents. Today, we are excited to introduce isitagentready.com — a new tool to help site owners understand how they can make their sites optimized for agents, from guiding agents on how to authenticate, to controlling what content agents can see, the format they receive it in, and how they pay for it. We are also introducing a new dataset to Cloudflare Radar that tracks the overall adoption of each agent standard across the Internet. We want to lead by example. That is why we are also sharing how we recently overhauled Cloudflare's Developer Documentation to make it the most agent-friendly documentation site, allowing AI tools to answer questions faster and significantly cheaper. How agent-ready is the web today? The short answer: not very. This is expected, but also shows how much more effective agents can be than they are today, if standards are adopted. To analyze this, Cloudflare Radar took the 200,000 most visited domains on the Internet; filtered out categories where agent readiness isn't important (like redirects, ad-servers, and tunneling services) to focus on businesses, publishers, and platforms that AI agents might realistically need to interact with; and scanned them using our new tool. The result is a new “Adoption
Web pages have grown 6-9% heavier every year for the past decade, spurred by the web becoming more framework-driven, interactive, and media-rich. Nothing about that trajectory is changing. What is changing is how often those pages get rebuilt and how many clients request them. Both are skyrocketing because of agents. Shared dictionaries shrink asset transfers from servers to browsers so pages load faster with less bloat on the wire, especially for returning users or visitors on a slow connection. Instead of re-downloading entire JavaScript bundles after every deploy, the browser tells the server what it already has cached, and the server only sends the file diffs. Today, we’re excited to give you a sneak peek of our support for shared compression dictionaries, show you what we’ve seen in early testing, and reveal when you’ll be able to try the beta yourself (hint: it’s April 30, 2026!). The problem: more shipping = less caching Agentic crawlers, browsers, and other tools hit endpoints repeatedly, fetching full pages, often to extract a fragment of information. Agentic actors represented just under 10% of total requests across Cloudflare's network during March 2026, up ~60% year-over-year. Every page shipped is heavier than last year and read more often by machines than ever before. But agents aren’t just consuming the web, they’re helping to build it. AI-assisted development means teams ship faster. Increasing the frequency of deploys, experiments, and iterations is great for product velocity, but terrible for caching. As agents push a one-line fix, the bundler re-chunks, filenames change, and every user on earth could re-download the entire application. Not because the code is meaningfully any different, b
Two weeks ago, Google’s Quantum AI group published a zero-knowledge proof of a quantum circuit so optimized, they concluded that first-generation quantum computers will break elliptic curve cryptography keys in as little as 9 minutes. Today, Trail of Bits is publishing our own zero-knowledge proof that significantly improves Google’s on all metrics. Our result is not due to some quantum breakthrough, but rather the exploitation of multiple subtle memory safety and logic vulnerabilities in Google’s Rust prover code. Google has patched their proof, and their scientific claims are unaffected, but this story reflects the unique attack surface that systems introduce when they use zero-knowledge proofs. Google’s proof uses a zero-knowledge virtual machine (zkVM) to calculate the cost of a quantum circuit on three key metrics. The total number of operations and Toffoli gate count represent the running time of the circuit, and the number of qubits represents the memory requirements. Google, along with their coauthors from UC Berkeley, the Ethereum Foundation, and Stanford, published proofs for two circuits; one minimizes the number of gates, and the other minimizes qubits. Our proof improves on both. Resource Type Google’s Low-Gate
Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location permissions in Android, allowing third-party apps to access the contact lists and a user's location in
Famously vengeful Knicks owner Jim Dolan has long spied on people at his iconic arenas. WIRED goes deep inside the operation that allegedly tracked a trans woman, lawyers, protesters, and more.
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. "CVEs that do not meet those criteria will still be listed in the NVD but will not
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I love cutting-edge tech, but I hate hyperbole, so I find AI to be a real paradox. Somewhere in that whole mess of overnight influencers, disinformation and ludicrous claims is some real "gold" - AI stuff that's genuinely useful and makes a meaningful difference. This blog post cuts straight to the good stuff, specifically how you can use AI with Have I Been Pwned to do some pretty cool things. I'll be showing examples based on OpenClaw running on the Mac Mini in the hero shot, but they're applicable to other agents that turn HIBP's data into more insightful analysis. So, let me talk about what you can do right now, what we're working on and what you'll be able to do in the future. Model Context Protocol (MCP) A quick MCP primer first: Anthropic came up with the idea of building a protocol that could connect systems to AI apps, and thus the Model Context Protocol was born: Using MCP, AI applications like Claude or ChatGPT can connect to data sources (e.g. local files, databases), tools (e.g. search engines, calculators) and workflows (e.g. specialized prompts)—enabling them to access key information and perform tasks. If I'm honest, I'm a bit on the fence as to how useful this really is ( and I'm not alone ), but creating it was a
Two day intrusion. RDP brute force with a company specific wordlist, Cobalt Strike, and a custom Rust exfiltration platform (RustyRocket) that connected to over 6,900 unique Cloudflare IPs over 443 to pull data from every reachable host over SMB. Recovered the operator README documenting three operating modes and a companion pivoting proxy for segmented networks. Personalized extortion notes addressed by name to each employee with separate templates for leadership and staff. Writeup includes screen recordings of the intrusion, full negotiation chat from their Tor portal, timeline, and IOCs.
HAProxy HTTP/3 -> HTTP/1 Desync: Cross-Protocol Smuggling via a Standalone QUIC FIN (CVE-2026-33555)
u/albinowax ’s work on request smuggling has always inspired me. I’ve followed his research, watched his talks at DEFCON and BlackHat, and spent time experimenting with his labs and tooling. Coming from a web security background, I’ve explored vulnerabilities both from a black-box and white-box perspective — understanding not just how to exploit them, but also the exact lines of code responsible for issues like SQLi, XSS, and broken access control. Request smuggling, however, always felt different. It remained something I could detect and exploit… but never fully trace down to its root cause in real-world server implementations. A few months ago, I decided to go deeper into networking and protocol internals, and now, months later, I can say that I “might” have figured out how the internet works😂 This research on HAProxy (HTTP/3, standalone mode) is the result of that journey — finally connecting the dots between protocol behavior and the actual code paths leading to the bug. (Yes, I used AI 😉 )
Available for free to any company that wants to use it, the “completely anonymous” app puts the pressure on porn sites and social media platforms to start blocking access by minors.
I submitted an earlier version of this dataset and was declined on the basis of missing methodology and unverifiable provenance. The feedback was fair. The documentation has since been rewritten to address it directly, and I would very much appreciate a second look. ## What the dataset contains 101,032 samples in total, balanced 1:1 attack to benign. **Attack samples (50,516)** across 27 categories sourced from over 55 published papers and disclosed vulnerabilities. Coverage spans: - Classical injection - direct override, indirect via documents, tool-call injection, system prompt extraction - Adversarial suffixes - GCG, AutoDAN, Beast - Cross-modal delivery - text with image, document, audio, and combined payloads across three and four modalities - Multi-turn escalation - Crescendo, PAIR, TAP, Skeleton Key, Many-shot - Emerging agentic attacks - MCP tool descriptor poisoning, memory-write exploits, inter-agent contagion, RAG chunk-boundary injection, reasoning-token hijacking on thinking-trace models - Evasion techniques - homoglyph substitution, zero-width space insertion, Unicode tag-plane smuggling, cipher jailbreaks, detector perturbation - Media-surface attacks - audio ASR divergence, chart and diagram injection, PDF active content, instruction-hierarchy spoofing **Benign samples (50,516)** are drawn from Stanford Alpaca, WildChat, MS-COCO 2017, Wikipedia (English), and LibriSpeech. The benign set is matched to the surface characteristics of the attack set so that classifiers must learn genuine injection structure rather than stylistic artefacts. ## Methodology The previous README lacked this section entirely. The current version documents the following: 1. **Scope definition.** Prompt injection is defined per Greshake et al. and OWASP LLM01 as runtime text that overrides or redirects model behaviour. Pure harmful-content requests without override framing are explicitly excluded. 2. **Four-layer construction.** Hand-crafted seeds, PyRIT template expansion, cross-modal delivery matrix, and matched benign collection. Each layer documents the tool used, the paper referenced, and the design decision behind it. 3. **Label assignment.** Labels are assigned by construction at the category level rather than through per-sample human review. This is stated plainly rather than overclaimed. 4. **Benign edge-case design.** The ten vocabulary clusters used to reduce false positives on security-adjacent language are documented individually. 5. **Quality control.** Deduplication audit results are included: zero duplicate texts in the benign pool, zero benign texts appearing in attacks, one documented legacy duplicate cluster with cause noted. 6. **Known limitations.** Six limitations are stated explicitly: text-based multimodal representation, hand-crafted seed counts, English-skewed benign pool, no inter-rater reliability score, ASR figures sourced from original papers rather than re-measured, and small v4 seed counts for emerging categories. ## Reproducibility Generators are deterministic (`random.seed(42)`). Running them reproduces the published dataset exactly. Every sample carries `attack_source` and `attack_reference` fields with arXiv or CVE links. A reviewer can select any sample, follow the citation, and verify that the attack class is documented in the literature. ## Comparison to existing datasets The README includes a comparison table against deepset (500 samples), jackhhao (2,600), Tensor Trust (126k from an adversarial game), HackAPrompt (600k from competition data), and InjectAgent (1,054). The gap this dataset aims to fill is multimodal cross-delivery combinations and emerging agentic attack categories, neither of which exists at scale in current public datasets. ## What this is not To be direct: this is not a peer-reviewed paper. The README is documentation at the level expected of a serious open dataset submission - methodology, sourcing, limitations, and reproducibility - but it does not replace academic publication. If that bar is a requirement for r/netsec specifically, that is reasonable and I will accept the feedback. ## Links - GitHub: https://github.com/Josh-blythe/bordair-multimodal - Hugging Face: https://huggingface.co/datasets/Bordair/bordair-multimodal I am happy to answer questions about any construction decision, provide verification scripts for specific categories, or discuss where the methodology falls short.
Understanding npm and the importance of dependency cooldowns.
What Are Shadow Admins in AD? A common problem we encounter within many customer Active Directory environments are accounts that, at first glance, may appear innocuous, but that actually have hidden administrative privileges or unrolled privileges equivalent to those of a domain administrator account. We call these accounts shadow domain admins. These accounts don’t show up when you run the net group domain admins command. They won’t appear in your PAM solution’s audit reports. But an attacker who finds one has effectively won the domain. Over the past several years, the problem has gotten significantly worse as organizations undergo digital transformation. Workloads are migrating to AWS and Azure, identity is being federated to the cloud via ADFS, and domain controllers are running as virtual machines on ESXi. The blast radius of a single compromised account now extends well beyond the traditional Active Directory boundary. A shadow admin path in 2016 might have been a service account with an overly permissive ACL. In 2026, it’s an ADFS server running on a hypervisor managed by a VMware admin who doesn’t even know they’re one hop from domain admin, and two hops from your entire AWS environment. In this post, we’ll walk through several real-world examples we routinely discover during engagements and show how Praetorian Guard’s continuous attack path mapping surfaces them before an adversary does. ADFS Servers and the Federation Layer If your organization federates identity to cloud providers using Active Directory Federation Services (ADFS), you’ve almost certainly heard of the Golden SAML technique that was exploited in the SolarWinds (Solorigate) attack. The ADFS server h
An analysis by WIRED and Indicator found nearly 90 schools and 600 students around the world impacted by AI-generated deepfake nude images—and the problem shows no signs of going away.