GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer information stored outside of GitHub's internal repositories (such as our customers' enterprises,
Cybersecurity News and Vulnerability Aggregator
Cybersecurity news aggregator
Updated: 9:00 pm
J/K Navigate / Search S Save V Open Link
— or
treemd <(curl -sL https://allsec.sh/md) (as Markdown) Top Cybersecurity Stories Today
AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here's why your current stack can't see them, and what detection actually requires. Download the CISO Expert Guide to Typosquatting in the AI Era → TL;DR Typosquatting is no longer a user problem. Attackers now embed lookalike domains inside legitimate third-party scripts.
Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. "Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as 'YellowKey,'" the
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last week. [...]
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the MSaaS scheme
Latest
Wednesday, May 20
Built this because I was frustrated with the same gap every small blue team hits: great alerting, zero autonomous response. You get paged at 2am, stare at a dashboard, and still have to manually decide what to do. Zer0Vuln runs a local Ollama model (llama3.2:3b by default) that classifies every incoming event in real time. When the Defensive worker's confidence hits the threshold, it acts without waiting for a human: BLOCK\_IP, ISOLATE\_HOST, KILL\_PROCESS, QUARANTINE\_FILE, DISABLE\_USER, CONTAINER\_STOP, SUSPEND\_PROCESS. All dispatched directly to the agent. Three AI workers run continuously: \- Automation: real-time triage on every event \- Manual: operator-driven deep scan on demand \- Defensive: autonomous SOAR dispatch on high-confidence threats Agents (Windows + Linux) cover: SIEM log collection, File Integrity Monitoring, installed package inventory, open port scanning, Docker container monitoring, WebSocket screen streaming. Server-side OSV vulnerability scanner reads each agent's installed packages and queries OSV (or your on-prem mirror) for CVE matches. Findings are persisted per agent. Visual SOAR playbook engine with multi-node execution and per-step result tracking. Air-gap ready: local Fernet keys, no external CDN, optional OSV mirror, zero telemetry. Fully offline capable. No caps on agents, retention, or features. AGPL-3.0. [https://github.com/0giv/Zer0Vuln-Community-Edition](https://github.com/0giv/Zer0Vuln-Community-Edition) Would genuinely love feedback from people who have dealt with real SOC workflows, especially around the autonomous action confidence tuning.
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and security testing framework for writing and running safety and security tests for AI agents, covering
Attorney John Scola is representing a police officer who is suing over injuries allegedly sustained while working security at an MSG property in 2025.
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last week. [...]
After my last post on the death of the 90-day window ([https://blog.himanshuanand.com/2026/05/the-90-day-disclosure-policy-is-dead/](https://blog.himanshuanand.com/2026/05/the-90-day-disclosure-policy-is-dead/)), the loudest critique I got was: 'Great complaint, what's the proposal?' This is the proposal. It is an informal RFC on how we actually have to change engineering architecture when LLM-assisted bug hunting means the exploit lands before the patch. No magic vendor tools, just strict egress rules, ephemeral infrastructure (burning containers every 12 hours) and rootless runtime sandboxing. Curious to hear where you think this approach breaks down.
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromising thousands of machines and networks across the world. The tech giant attributed the activity to a threat actor it calls Fox Tempest, which it said offered the MSaaS scheme
Every detection program starts with LSASS dump detection. Most stop there. The problem: an attacker who hits ASR LSASS protection, PPL, or Credential Guard pivots to techniques that never touch LSASS. Kerberoasting, DCSync, SAM hive extraction, and DPAPI abuse each target a different credential store, generate different telemetry, and need a different rule. If you only detect LSASS access, you detect only the attacker who didn't adapt. I wrote up the 5 credential access techniques we see most often in real environments, with the actual KQL and Sigma rules for each: **1. LSASS memory access** — filtering on GrantedAccess mask (0x1010 vs 0x1000) instead of process name. Process name exclusions break on renamed binaries. The access mask doesn't lie. **2. Kerberoasting** — Event ID 4769 with encryption type 0x17 (RC4). Legitimate Kerberos uses AES. A burst of RC4 TGS requests from one source = Kerberoasting. Threshold: >3 unique services in 5 minutes. **3. DCSync** — Event ID 4662 with the three replication GUIDs, from a non-DC. This is near-zero false positive if you maintain a DC allowlist. Any non-DC requesting DS-Replication-Get-Changes is a confirmed incident. **4. SAM/NTDS extraction** — command-line patterns: `reg save` targeting SAM/SECURITY/SYSTEM hives, `ntdsutil` IFM creation, `vssadmin create shadow`, `esentutl` copying ntds.dit. DeviceProcessEvents with ProcessCommandLine matching. **5. DPAPI secrets** — the one nobody covers. Browser passwords, WiFi creds, RDP saved passwords are all DPAPI-protected and all extractable without touching LSASS. Credential Guard doesn't protect DPAPI. Monitor access to `%APPDATA%\Microsoft\Protect\` by non-system processes. Full writeup with copy-paste KQL, a Sigma rule for Kerberoasting, MDE IdentityQueryEvents alternatives (for environments without DC log forwarding), and false positive analysis for each: [https://training.ridgelinecyber.com/blog/credential-access-detection-beyond-lsass/](https://training.ridgelinecyber.com/blog/credential-access-detection-beyond-lsass/) Happy to answer questions on any of the rules or tuning approaches.
Identity checks alone can't stop attackers using stolen session tokens and compromised devices. Specops Software outlines why Zero Trust strategies increasingly depend on continuous device verification. [...]
Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. [...]
Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications. Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies
The rise of groups like The Gentlemen shows how ransomware operations are starting to look less like random cybercrime and more like scalable businesses. Faster affiliate growth, pre-compromised edge devices, and coordinated operations are turning ransomware into an industrialized threat model.
New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results of our Identity Gap: Snapshot 2026. Among the findings, "identity dark matter" (the unseen, unmanaged elements of identity) now overshadows the visible elements 57% vs. 43%. And it couldn't have occurred at a worse time, with enterprises embracing Agent AI with both arms (and unfortunately, as
GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer information stored outside of GitHub's internal repositories (such as our customers' enterprises,
PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. [...]
AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here's why your current stack can't see them, and what detection actually requires. Download the CISO Expert Guide to Typosquatting in the AI Era → TL;DR Typosquatting is no longer a user problem. Attackers now embed lookalike domains inside legitimate third-party scripts.
A cyberattack on the New York City Health and Hospitals Corporation went undetected from November 2025 through February 2026, compromising the data of at least 1.8 million people. [https://www.inc.com/amaya-nichole/hackers-spent-nearly-3-months-inside-the-new-york-city-health-system-before-anyone-noticed/91346772](https://www.inc.com/amaya-nichole/hackers-spent-nearly-3-months-inside-the-new-york-city-health-system-before-anyone-noticed/91346772)
A new study finds AI companies, defense firms, and dating apps are among 38 data collectors allegedly using manipulative design to confuse users while collecting their data.
Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. It has been described as a BitLocker security feature bypass. "Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as 'YellowKey,'" the
I’ve been working on a Bash-based Linux persistence detection and artifact collection script called `persisthunt`. The goal is to help defenders and incident responders quickly identify suspicious persistence mechanisms and collect relevant artifacts during investigations without immediately jumping into full disk forensics. The script currently hunts for a variety of Linux persistence techniques including: * suspicious network listeners/reverse shells * eBPF based raw network socket persistence (bpfdoor) * hidden processes * systemd services/timers/generators * cron jobs * shell profile persistence * ld.so.preload * SSH authorized\_keys abuse * world-writable SUID/SGID files * references to `/tmp`, `/dev/shm`, `/dev/tcp`, `curl`, `wget`, `nc`, etc. in autorun locations * more... Findings are categorized as: * High * Low * Informational based on confidence and severity. The project is designed to be lightweight and easily customizable depending on the environment and threat model. Would appreciate feedback, ideas for additional persistence mechanisms to cover, and suggestions from others doing Linux IR/threat hunting. GitHub: [https://github.com/raj3shp/persisthunt](https://github.com/raj3shp/persisthunt)
In my day job I do pentest almost everyday and now we are actually using AI agents against real targets like banks, fintech, and saas those are behind paid waf and multilayered infra still just a LLMloop was breaking everything, and the raise of opensource agents are autonomously doing all the pentest without any intervention tools like strix, CAI, hexStrix, people just buy tokens and run pentest now a day even i made a mobile agent loop for my office work. Even the waf methods became old now a simple block won’t stop AI agents from bypassing or trying on other routes even spa application are victim in both blackbox and greybox assessment. So I have built and open sourced it which is called veilgate where it will not block rather have three diff modes observe(scoring each req), challenge(proof of work) and trapit(honeypot) it won’t block any req rather keep on loop and feeding fake vulnerabilities.
Tuesday, May 19
A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to run arbitrary code on exposed servers. [...]
Discord announced that all voice and video calls through the communication platform are now protected by default with end-to-end encryption (E2EE). [...]
The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. [...]
A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. [...]
Key Takeaways What AI Pentesting Means for Continuous Security Validation Every CISO conversation I’ve had this quarter circles back to the same problem: AI produces more vulnerability findings than security teams can read in a week, and it clouds their understanding of which findings are connected to real business risk. This week’s Wall Street Journal […] The post AI Can Find More Vulnerabilities. Humans Still Decide What Matters. appeared first on Synack .
Cybersecurity researchers have disclosed details of a new ad fraud and malvertising operation dubbed Trapdoor targeting Android device users. The activity, per HUMAN's Satori Threat Intelligence and Research Team, encompassed 455 malicious Android apps and 183 threat actor-owned command-and-control (C2) domains, turning the infrastructure into a pipeline for multi-stage fraud. "Users
Math at Scale: Reversing The Construction Of The Perspective-Projection Matrix (Game Engine Reversing)
Microsoft has confirmed user reports that the Teams team collaboration app is displaying non-dismissible location prompts on some macOS systems. [...]
Threat actors earlier today published more than 600 malicious packages to the Node Package Manager (npm) index as part of a new Shai-Hulud supply-chain campaign. [...]
Hi BlueTeamers, Not sure if you have to regularly review Entra ID PIM for Group settings as well, but I find it pretty cumbersome to do through the portal during security assessments. Therefore, I extended the PowerShell tool EntraFalcon with a new report for reviewing the role settings of PIM-enabled groups. The report collects all PIM-enabled groups, their maximum Entra ID or Azure tier level, and their member and owner role settings into a single interactive HTML report. It also flags potential issues for higher-tier groups, including: * Long Activation duration * Checks whether: * Role activations require approval OR * Authentication Context is used and linked to a Conditional Access Policy (CAP) * If an Authentication Context is used, it verifies the linked CAP: * Is enabled * Scoped to all users * No additional conditions set (e.g., Networks, Risks, Platforms, App Types, Auth Flow) * MFA or Authentication Strength is enforced * Sign-in frequency is set to Every time As with the rest of the tool: * Pure PowerShell (5.1 / 7), all data remain on your client * Integrated authentication and no MS Graph consent required * Generates interactive standalone HTML reports (sortable, filterable, includes predefined views) Maybe it is useful for someone else. If you’re interested, feel free to check it out on GitHub: 🔗 [https://github.com/CompassSecurity/EntraFalcon](https://github.com/CompassSecurity/EntraFalcon) Some example screenshots from the PIM for Groups report: [https://github.com/CompassSecurity/EntraFalcon/releases/tag/V20260518](https://github.com/CompassSecurity/EntraFalcon/releases/tag/V20260518)
Cloudflare and Anthropic have collaborated to integrate Claude Managed Agents with Cloudflare Sandboxes. Our new integration gives you more control over your agent sandboxes, secures connections to private services, and improves observability. In the past year, Cloudflare’s Developer Platform has expanded to give more developers the tools they need to run agents at scale. This includes: Sandboxes for full stateful Linux microVMs at scale Agents SDK , providing simple and customizable agent framework Browser Run , which gives agents fully programmable and observable browsers Dynamic Workers , allowing for dynamic sandboxed code execution at massive scale Our goal is to make Cloudflare the simplest, most secure, and most programmable cloud for agents. Integrating with Claude Managed Agents is another step in this direction. You can run your agent loop on the Claude Platform, while using Cloudflare to execute code, secure connections, and run custom tool calls. To get going in just minutes, we’ve created a default deployment template that gives you the following: Enhanced security - Run all agent traffic through customizable proxies. This allows you to securely inject credentials, prevent data exfiltration, and better observe how your agents interact with the outside world. Sandbox control and observability - Get detailed sandbox metrics and logs. SSH into running machines. Customize sandbox images.
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries. The targets of the platform received a message asking them to enter a short code at microsoft.com/devicelogin and complete their normal MFA challenge, then walked away believing they had verified a
Disclosure: this is my own research/writeup. I reported this ZTE H-series router DoS in 2024; it is now public as `CVE-2026-34473`. The writeup focuses on the root cause rather than just the symptom. The issue is not simply “large POST body kills the UI.” Firmware analysis maps the behavior to CGILua request-body parsing: attacker-controlled `application/x-www-form-urlencoded` POST data reaches body handling before login enforcement matters. The article includes validation footage, affected-model context, disclosure timeline, decompiled parser evidence, and reconstructed public-safe code-path notes. Interested in feedback on the root-cause framing from people who review embedded web stacks or router firmware. open for collabs too.
Drupal has issued an alert stating that it intends to release a "core security release" for all supported branches on May 20, 2026, from 5-9 p.m. UTC. "The Drupal Security Team urges you to reserve time for core updates at that time because exploits might be developed within hours or days," the maintainers of the PHP-based content management system (CMS) said. "Not all configurations are
Starting May 19, tech platforms in the US will have to comply with the Take It Down Act. Here’s how more than a dozen major platforms are handling takedown demands for your nonconsensual nudes.
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appliance. "These vulnerabilities could have been exploited to read all mail traffic or as an entry vector into the internal network,"
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface and plugin for code editors like VS Code, Cursor, and JetBrains. The VS Code extension has more than 2.2 million installations. The Open
Monday, May 18
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history. On May 15, KrebsOnSecurity heard from Guillaume Valadon , a researcher with the security firm GitGuardian . Valadon’s company constantly scans public code repositories at GitHub and elsewhere for exposed secrets, automatically alerting the offending accounts of any apparent sensitive data exposures. Valadon said he reached out because the owner in this case wasn’t responding and the information exposed was highly sensitive. A redacted screenshot of the now-defunct “Private CISA” repository maintained by a CISA contractor. The GitHub repository that V
AudioHijack: adversarial audio attacks on generative voice models transfer from open weights to Microsoft and Mistral production systems
Interesting new research you may have heard of on attacking large audio language models. The attack is called AudioHijack and the part worth paying attention to is that adversarial clips built against open models transferred to commercial Microsoft and Mistral systems sharing the same architecture. OpenAI and Anthropic are harder targets but the team thinks shared open-source audio encoders are a viable path in, and they're working on it. The manipulations are shaped to sound like natural reverberation instead of added noise, so you can't really hear them. Threat model only requires controlling the audio the model processes, not the user's prompt. So: poisoned YouTube clips, music, voice notes, Zoom audio fed to transcription, and the team also says they've gotten this working against live voice chats in real time (unpublished). Six attack categories demonstrated. Refusing user requests, returning false info, inserting malicious links, swapping persona, claiming it can't process audio, and triggering unauthorized tool use. On the technical side, two things stood out to me. First, generative audio models tokenize the input, which kills the fine-grained gradient signal older adversarial audio work relied on, so they approximated it. Second, they explicitly hijack the attention mechanism by scoring how much attention the model pays to the adversarial audio vs. the user instruction and feeding that back into the optimization. Defenses are where it gets bleak. Few-shot prompting with examples of malicious instructions cut attack success by 7%. Self-reflection caught 28%. Monitoring internal attention patterns was the only thing that actually worked, and an attacker who knows about it can dial back the attention manipulation and take a small hit to success rate to evade it. Microsoft acknowledged the work and pointed at developer-side mitigations. Mistral didn't respond. Text prompt injection at least leaves visible artifacts. Audio doesn't, and we don't really have a good story for this yet. Thoughts?
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region between October 2025 and February 2026, aiming to investigate and neutralize malicious infrastructure, arrest perpetrators behind these
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams unsure what was exposed, who else was targeted, and how far the risk has spread. Early phishing detection closes that gap. It helps teams move from uncertainty to evidence faster,
I am working on a pre-MVP evidence readiness artifact and would value practitioner feedback on the output model.
Hello. I've shared feedback and blog posts before —some of you may remember-. For some time now, I've been developing a project related to the industry (CS & DFIR/IR), and thanks to the valuable feedback I've gathered from you, I've made significant progress. I'm now in the phase of pre-MVP validation and gathering expert opinions. Thank you in advance, and I apologize if I've caused any inconvenience. Question: The artifact is generated from existing security records and public fixture data. It includes source summaries, reliability reasons, limitation statements, manifests, hash lists, and package verification output. Scope boundaries: - it does not claim legal admissibility; - it does not prove original source truth; - it is not a SIEM, DFIR lab tool, threat detector, or forensic acquisition tool; - it focuses on ingestion-onward integrity and handoff clarity. The question is not "would you buy this product?" The question is whether this kind of package would help during IR, audit, insurance, legal, or internal investigation handoff. Specific feedback I am looking for: 1. Are source reliability and limitations clear enough? 2. Does the artifact separate package integrity from upstream source trust? 3. What uncertainty is still hidden? 4. What would make this misleading or unusable in practice? Artifact repo: https://github.com/tracehound/tracehound-pre-mvp-feedback-artifact Virustotal: https://www.virustotal.com/gui/url/dbdbf56e71c39fcfd158babdbb11b57037fa53b333efa27de619ce919278e66e?nocache=1
Overview Three vulnerabilities have been discovered in the SGLang project, two enabling remote code execution (RCE), and one regarding a path traversal vulnerability. In order for an attacker to exploit these vulnerabilities, the multimodal generation mode must be enabled, and an attacker must have network access to the SGLang service. No patch is available at this time, and no response was obtained from the project maintainers during coordination. Description SGLang is an open-source framework for serving large language models (LLMs) and multimodal AI models, supporting models such as Qwen, DeepSeek, Mistral, and Skywork, and is compatible with OpenAI APIs. Three vulnerabilities have been discovered within the tool and are tracked as follows: CVE-2026-7301 The multimodal generation runtime scheduler's ROUTER socket contains a sink that calls pickle.loads() on incoming messages, enabling RCE when exposed to the internet. This vulnerability is distinct from CVE-2026-3060 and CVE-2026-3059, which would be open to the Internet via the ZMQ broker, which automatically binded to all network interfaces without user awareness. CVE-2026-7301 is exposed to the internet by default through the scheduler host, which binds to 0.0.0.0 by default. CVE-2026-7302 The multimodal generation runtime is vulnerable to an unauthenticated path traversal vulnerability, allowing an attacker to write arbitrary files anywhere the server process has write access, by including ../ sequences in the upload filename when sent to specific endpoints. CVE-2026-7304 The multimodal generation runtime is vulnerable to unauthenticated remote code execution when the
David Norman, a former Phoenix police officer who’s described himself as “a fucking savage,” now runs a company that provided training to Homeland Security’s Special Response Teams.
Came across this really interesting analysis of a pirated Android movie streaming APK called NetMirror and honestly didn’t expect it to go this deep. At first glance the app looked completely normal: clean UI, React Native based, movies streamed properly. But the analysis found: * emulator/sandbox detection for Genymotion, Nox, BlueStacks, VirtualBox, etc. * Base64-encoded infrastructure domains hidden inside the Hermes JS bundle * staged permission handling for SMS and call log access * WebView credential interception hooks * native libraries containing the same tracking infrastructure references The most interesting part was how it bypassed automated analysis. Hybrid Analysis apparently marked it as “safe” because most of the suspicious logic wasn’t in the Java layer scanners usually inspect — it was hidden inside the React Native Hermes bundle and native libraries. Pretty solid example of how modern Android malware is starting to exploit analysis blind spots in cross-platform frameworks. Worth the read: [https://medium.com/@Espress0/the-free-movie-app-that-was-robbing-you-blind-eeefe9c5e65c](https://medium.com/@Espress0/the-free-movie-app-that-was-robbing-you-blind-eeefe9c5e65c) greatly broken down and presented
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the [Reverse Engineering StackExchange](http://reverseengineering.stackexchange.com/). See also /r/AskReverseEngineering.
For the last few months, we've been testing a range of security-focused LLMs on our own infrastructure. These LLMs help identify potential vulnerabilities in our own systems, so we can fix them – and they also show us what attackers are going to be able to do with the latest models. None of these LLMs has captured more attention than Mythos Preview, from Anthropic. A few weeks ago, we were invited to use Mythos Preview as part of Project Glasswing . We soon pointed it at more than fifty of our own repositories – to see what it would find, and to see how it works. This post shares what we observed, what the models did well and what they didn't, and how the architecture and process around them needs to change, so they can be used at scale. What changed with Mythos Preview Mythos Preview is a real step forward, and it's worth saying that plainly before getting into anything else. We've been running models against our code for a while now, and the jump from what was possible with previous general-purpose frontier models to what Mythos Preview does today is not just a refinement of what came before. It's a different kind of tool doing a different kind of work, and that makes a clean apples-to-apples comparison to earlier models difficult. So rather than trying to benchmark Mythos Preview against general-purpose frontier models, it's more useful to describe what it can actually do, and two features that stood out across the work we did with Mythos Preview: Exploit chain construction - A real attack rarely uses one bug. It chains several small attack primitives together into a working exploit. For instance, it might turn a use-after-free bug into an arbitrary read and write primitive, hijack the control flow, and use return-oriented programming (ROP)
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite It's a hot topic, the old "pay or don't pay" for hackers not to leak your data. Since recording this a few days ago, we've had Grafana go with the "no pay" approach , and I've seen a raft of commentary around other companies reaching "agreements", which is a much politer way of saying "we paid extortionists a ransom". I'm concerned about the normalisation of ransom payments, and using language that deflects from the criminal nature of it is a big part of that. Instructure's exact words were that they "reached an agreement with the unauthorised actor involved", which really waters down the severity of the whole thing. It looks like, for the time being, "pay or leak" is the new norm... along with nonsensical statements like "the data was returned to us" 路♂️
Introducing Pathfinding Labs, a collection of intentionally vulnerable AWS environments for red teamers and blue teamers to deploy, exploit, and use for detection validation.
Sunday, May 17
Saturday, May 16
Businesses are advised against paying – but many are prepared to deal to protect users’ privacy After a week of outages, hundreds of millions of students’ data stolen, delayed assignment due dates and school login pages being defaced by hackers, the US tech firm Instructure – which operates the education platform Canvas, used by education providers worldwide – announced it had “reached an agreement with the unauthorised actor” behind the ransomware attack. Experts read the careful language as a sign that a ransom has been paid. The company has not confirmed this. Continue reading...
Friday, May 15
After months of work, I’m excited to finally share [Brovan](https://github.com/AdvDebug/Brovan), my user-mode binary emulator. Brovan can emulate: \* PE binaries \* ELF binaries \* Memory dumps \* Even partially unknown or unrecognized binaries The goal is to make binary analysis, malware analysis and general binary research more flexible by giving full control over execution, memory, and runtime behavior in a contained environment. Building this involved a lot of work around emulation, syscall handling, memory management, binary loading and parsing, and there’s still much more to improve, but it’s finally at a stage where I’m happy to share it.
Key Takeaways Why Continuous Security Validation Matters California’s evolving privacy regulations are doing more than adding another compliance requirement. They’re changing how organizations think about cybersecurity governance, accountability, and operational resilience. The latest guidance around cybersecurity audits under the California Consumer Privacy Act (CCPA) signals a broader shift happening across the industry: security leaders are […] The post How CCPA Cybersecurity Audits Are Reshaping Cyber Governance appeared first on Synack .
Three-storey GreenSquare datacentre in Hazelmere was to power cloud computing and the acceleration of AI Get our breaking news email , free app or daily news podcast A 15,000 sq metre datacentre near Perth will no longer go ahead after the developer withdrew plans amid community opposition over its impact on culturally significant sites. The three-storey, 120-megawatt GreenSquare datacentre in the town of Hazelmere had been intended to power cloud computing and the acceleration of artificial intelligence, but faced fierce community backlash – as is increasingly common with such developments. Continue reading...
Thursday, May 14
Hey everyone - I built a DFIR tool called **RDPuzzle** and would really appreciate feedback from people who have worked with RDP bitmap cache artifacts. It is a local, browser-based workspace for reconstructing 64x64 RDP cache tiles into larger readable images. The main thing it adds is **neural-assisted reconstruction**: instead of only manually placing tiles, RDPuzzle ranks likely neighboring tiles and can auto-stitch regions using edge-similarity scoring plus a local ONNX edge-matching model. Main features: * Loads RDP cache fragments, including BMC/BIN-style inputs * Manual and semi-automatic tile reconstruction * Neural-assisted neighbor suggestions * Auto-stitching of likely adjacent tiles * Fully local/browser-based processing * OCR for recovered text * Session save/load, undo/redo, and image export * Demo dataset included GitHub: [https://github.com/BZDaniel/RDPuzzle](https://github.com/BZDaniel/RDPuzzle) Live version: [https://bzdaniel.github.io/RDPuzzle/RDPuzzle.html](https://bzdaniel.github.io/RDPuzzle/RDPuzzle.html) Remember to enable AI at the top right corner, and also i currently only recommend running the smaller AI model as the large one needs quantization to run realistically in a browser. I’d especially appreciate feedback on workflow, validation concerns, parser edge cases, false-positive matches, and anything that would make it more useful in real forensic work.
Detecting Exploitation of CrushFTP Vulnerability (CVE-2025-31161) With PacketSmith Yara Detection Module - Using track_state and flow_state
Head over to Netomize's blog to learn about how we detect the exploitation of the CrushFTP Vulnerability (CVE-2025-31161) with PacketSmith's Yara detection module, using the newly introduced track\_state and flow\_state keywords to the correlation engine.
At Cloudflare, we are heavy users of ClickHouse, an open source online analytical processing (OLAP) database. Every day, we make millions of calls to ClickHouse to determine how much users should be billed for their usage of Cloudflare products. If we don't finish those jobs in a timely fashion, the invoices become very difficult to reconcile. This pipeline powers hundreds of millions of dollars in usage revenue, fraud systems, and more, so being delayed has major downstream implications. Which is why it was a big problem when the daily aggregation jobs in ClickHouse – responsible for ensuring Cloudflare’s bills go out – had slowed way down, following a migration. All the usual suspects looked clean: I/O, memory, rows scanned, parts read. Everything we would normally check when a ClickHouse query is slow appeared to be normal. This is the story of how we discovered a hidden bottleneck buried deep within ClickHouse’s internals, and the three patches we wrote to fix it. The setup: a petabyte-scale analytics platform We use ClickHouse to store over a hundred petabytes of data across a few dozen clusters. To simplify onboarding for our many internal teams, we built a system called "Ready-Analytics" in early 2022. The premise is simple: instead of designing new tables, teams can stream data into a single, massive table. Datasets are disambiguated by a namespace , and each record uses a standard schema (e.g., 20 float fields, 20 string fields, a timestamp, and an indexID ). In ClickHouse, the way data is sorted is crucial to query performance. This is where the indexID comes into play. It’s a string field, which forms part of the primary key, meaning that every individual namespace can have its data sorted in a way that is optimal for the queries the owners of that namesp
A bustling underground ecosystem is providing criminals with the tools to unlock iPhones—and wage phishing attacks against their contacts to access bank accounts and more.
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Today, we welcome the 44th government onboarded to Have I Been Pwned’s free gov service: The Bahamas. The National Computer Incident Response Team of The Bahamas, CIRT-BS, now has access to monitor government domains against the data in HIBP. As the national CIRT, CIRT-BS is responsible for coordinating and supporting cybersecurity-related matters across the country, and this access will help them prevent, identify, and mitigate incidents involving compromised credentials and data exposure affecting government entities and critical stakeholders. This is precisely the sort of use case the HIBP government service was designed for: giving national cybersecurity teams the ability to identify exposure across their own digital ecosystem, respond quickly when government acco