The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that prioritizes security updates for Federal Civilian Executive Branch (FCEB) agencies. [...]
Cybersecurity News and Vulnerability Aggregator
Cybersecurity news aggregator
Updated: 8:40 pm
J/K Navigate / Search S Save V Open Link
— or
treemd <(curl -sL https://allsec.sh/md) (as Markdown) Top Cybersecurity Stories Today
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. [...]
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. [...]
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs. Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a test agent on
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in a post on Blogger. "If you ever attempted to use Windows Defender Offline Scan, you're
Latest
Thursday, June 11
A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok's website, including nonconsensual depictions of celebrities and at least one prominent US politician.
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks. [...]
6/11/26. From my red 14 I phone, worth repeating.
They claim to be state of the art for cybersecurity, but every one of my questions are getting flagged down to 4.8. And it's not even related to offsec, just doing software security research. Honestly feels like Anthropic is trying to FOMO researchers into adopting their paid plans to use this model after June 22nd. "**This model has measures that flagged something in this session. This sometimes happens with safe, normal conversations. These measures let us bring you Mythos-level capability in other areas sooner, and we're working to refine them. Switched to Opus 4.8. Send feedback with /feedback or learn more: https://support.claude.com/en/articles/15363606"**
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs. Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a test agent on
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in a post on Blogger. "If you ever attempted to use Windows Defender Offline Scan, you're
On June 2, the White House signed a new executive order (EO), “Promoting Advanced Artificial Intelligence Innovation and Security.” While most coverage has focused on the voluntary framework for frontier model access, there’s language around defensive cybersecurity that also deserves attention from security leaders.The order directs CISA to establish or expand federal programs and cybersecurity […] The post What the New AI Executive Order Means for Federal Security Testing appeared first on Synack .
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service (RaaS) schemes like LockBit (aka Tenacious Mantis), Qilin (aka Pestilent Mantis), and Medusa (aka Venomous Mantis). According to a detailed report
Reverse engineered BLE protocol of a $7 generic Chinese smart ring from Temu, and built an iOS app around it
A joint congressional report describes a spam operation that turned tens of thousands of fake podcasts into search-engine bait for illegal pharmacy and scam sites.
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. [...]
Overview A vulnerability has been discovered in the Haskell TLS software stack, commonly used by applications built in the Haskell programming language to securely connect to servers over the internet. Specifically, the libraries "crypton-x509-validation" fail to enforce a key security feature called NameConstraints, a standard defined in RFC 5280 that helps organizations control which domains a certificate authority (CA) is allowed to issue certificates for. This vulnerability allows an attacker with access to the sub-CA to create certificates that will validate successfully with any Haskell TLS connection, allowing the attacker access to full session visibility. Version 1.91 for crypton-x509-validation have been released to address the vulnerability, tracked as CVE-2026-9648. Description Haskell is a programming language often used in enterprise, academic, and financial systems such as banks, insurance companies, and data processing platforms, which use it for backend services like fraud detection, risk modeling, and other sensitive connections. The Haskell TLS software stack is the implementation used by Haskell applications to establish secure HTTPS or TLS connections to servers, just like OpenSSL or Go’s TLS libraries do in other ecosystems. A vulnerability has been discovered within the stack; crypton-x509-validation , which do not enforce the NameContstraints security feature that other libraries, such as OpenSSL or Go, do. The description for CVE-2026-9648 is as follows: The crypton-x509-validation Haskell library fails to enforce X.509 NameConstraints, allowing TLS clients to accept certificates whose Subject Alternative Names fall outside the issuing CA’s permitted subtrees. This oversight enables an attacker who compromises a name-constrained sub-CA
AI-driven attacks are exposing the limits of fragmented MSP security stacks and slow response workflows. Kaseya breaks down why integrated security, automation, and recovery are becoming essential. [...]
Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four main award categories. The reason is simple. Cybersecurity is full of work that deserves recognition and rarely gets it. Products that quietly close real gaps. Teams that stop incidents nobody reads about. Companies that raise the
The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37 million customers [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced a new Binding Operational Directive, 26-04, that prioritizes security updates for Federal Civilian Executive Branch (FCEB) agencies. [...]
The new open-source project could serve as the basis for a future of apps with features as complex as Slack, Discord, or Google Docs—but with added protection against surveillance.
I designed a 99‑fixture adversarial PE corpus, where each binary contains one controlled corruption pattern with full ground‑truth metadata. The goal was to answer a simple question: **How do PE tools behave when the binary stops playing by the rules?** The fixtures cover 8 anomaly classes: * entrypoint manipulation * section‑table corruption * Optional Header inconsistencies * directory contradictions * TLS anomalies * resource‑tree recursion * Authenticode corruption * entropy edge cases I tested 6 tools representing the major parsing philosophies: * IOCX * Ghidra * Detect It Easy * radare2 * PEview * CFF Explorer **The results were eye‑opening:** * **Literal tools** (r2, PEview) preserved bytes but surfaced no warnings * **Semantic tools** (CFF) normalised malformed fields, obscuring anomalies * **Heuristic tools** (DIE) ignored structure entirely * **Reconstructive loaders** (Ghidra) reconstructed internal models, omitting conflicting metadata and encountering crashes on entropy fixtures * **Hybrid literal‑semantic tools** (IOCX) preserved raw metadata and surfaced anomalies explicitly **Full write-up:** [The Adversarial PE Analysis Series, Part 1 — Why PE Parsers Break](https://medium.com/@malx-labs/the-adversarial-pe-analysis-series-part-1-why-pe-parsers-break-introducing-the-99-adversarial-1769556ab473?source=friends_link&sk=a053eaffcc2642062af3931c49ba6064) **Corpus and fixture spec**: [https://github.com/iocx-dev/iocx](https://github.com/iocx-dev/iocx) (fixtures are under `/tests/contract/fixtures/layer3_adversarial)`
For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weaponize it. The solution was straightforward enough; triage by severity, schedule the fix, validate, and move on. The buffer was what made that work. Today, that buffer is gone. AI didn't make your team slower. It changed the other side of the
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known as SPECTRALVIPER. The campaigns involve a prolonged cyber espionage operation aimed at a Vietnamese infrastructure and transport construction corporation between mid-2024 and February 2026, as well as a supply chain attack
The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students and alums. [...]
npm v12 is introducing several security-focused changes that will require developers to explicitly approve certain dependency behaviors. Some notable changes include: * Dependency install scripts won't automatically execute * Git-based dependencies won't be fetched unless permitted * Remote URL dependencies won't be resolved unless permitted * Native module build processes triggered during installation will be more restricted The goal appears to be reducing code execution opportunities during package installation and limiting common software supply-chain attack paths. From a security perspective, this seems like a better move towards Zero Trust model for dependency management. For developers who rely heavily on install scripts, Git dependencies, or custom build processes, there may be some workflow adjustments required. What do you think? Announcement: [https://github.blog/changelog/2026-06-09-upcoming-breaking-changes-for-npm-v12/](https://github.blog/changelog/2026-06-09-upcoming-breaking-changes-for-npm-v12/)
GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the "npm install" command to trigger the execution of malicious code using npm lifecycle hooks. "Npm install" is used to download and install all the necessary
Attackers are now targeting a recently patched maximum-severity flaw in Ivanti Sentry, enabling them to execute code with root privileges on Internet-exposed secure mobile gateways. [...]
GhostTrace – CLI forensic scanner for Windows: 22 modules, MITRE ATT&CK mapped, read-only by default
I've released GhostTrace, a Windows forensic scanner focused on finding persistence artifacts and execution evidence left behind after uninstallation or compromise. **Forensic coverage:** * TA0003 Persistence: Run/RunOnce, services/drivers, ASEP entries (Winlogon, IFEO, AppInit\_DLLs, LSA packages), scheduled tasks, Ghost Tasks via TaskCache\\Tree anomalies, WMI subscriptions (T1546.003) * TA0002 Execution: AppCompatCache (Win8.1/10/11 format), Prefetch with XPRESS-Huffman decode (v26/30/31), BAM/DAM timestamps per SID, UserAssist (ROT13), MUICache * User activity: PSReadLine history with encoded cradle detection (T1059.001), RDP outbound history (T1021.001), RecentDocs, USB history (T1052/T1091), hosts redirects **Design:** read-only scan by default, explicit YES confirmation for any cleanup, zero network calls, offline-only. Built on .NET 10 / C#. GitHub: [https://github.com/Devzinh/GhostTrace](https://github.com/Devzinh/GhostTrace) Playbook included for scheduled task correlation and Ghost Task investigation.
Entra Agent ID is an extension of Entra's application model that provides identities for AI agents. Unlike applications, the agent identity model allows linking a single app registration (blueprint) to multiple identities and their associated privileges, increasing the potential blast radius of a compromised agent.
Wednesday, June 10
US lawmakers are alarmed that Bill Pulte, a housing official with no intelligence experience, is poised to take charge of one of the government's most powerful surveillance tools.
The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. [...]
GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking supply-chain attacks abusing behaviors triggered by the 'npm install' command. [...]
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet
The curl project, one of the most important pieces of software on the internet, just shut down its bug bounty program. Not because the project is less important. Not because the community gave up. But because 95% of the vulnerability reports it received were not valid. About a fifth were outright AI-generated noise. Only around […] The post Nobody’s in the Cockpit: The Real Risk of Fully Autonomous AI Security Testing appeared first on Synack .
Cybersecurity researchers have warned of a "resurgence and expansion" of JDY, a covert network associated with China-nexus state-sponsored threat actors. "The JDY botnet comprises over 1,500 SOHO [small office and home office] and IoT devices and operates as a centrally controlled, high-performance scanner used to discover, fingerprint, and continuously map exposed services at scale," Lumen's
Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS WEB UI. It's tracked as CVE-2026-25089 (CVSS score: 9.1). "An
Attackers are increasingly bypassing weak authentication through phishing, MFA fatigue, and service desk social engineering. Specops Software breaks down five best practices for stronger identity verification and access security. [...]
The ACLU is suing two Florida police departments over the arrest of a Fort Myers man in a child-abduction case, saying officers treated a flawed face-recognition match as a near-certain ID.
Most US World Cup stadiums are surrounded by surveillance cameras. Want to know if you’re being watched on your way to a match? These maps will help you.
From anti-drone tech to face recognition, 2026 World Cup stadiums in the US, Canada, and Mexico are subjecting fans to an array of surveillance tech. Here’s what you need to know.
The organization claims that the FIFA tournament could have impacts on the rights of local people and visiting soccer fans in all three host countries.
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the time of release. Of the 206 flaws, 39 are rated Critical, and 167 are rated Important in severity. This includes 63 privilege escalation, 56 remote code execution, 30 information disclosure, 27 spoofing, 20 security
certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA"
certSIGN seems to have revoked a commonly-used intermediate cert. At least their CRL seems to say that.
Cybersecurity failures now happen beyond the OSI stack. Faulty governance, the human factor, and AI tools create new attack surfaces. After seven years working across cybersecurity, cloud infrastructure, and Zero Trust architecture, Jayal Yadav explains how we got here and what organizations still get wrong. “The original seven layers of the OSI model still matter. […] The post The OSI Model and Its Two Missing Layers appeared first on Heimdal Security Blog .
On June 9, Anthropic released Claude Fable 5, the most capable model it has ever made, generally available. It also did something unusual: it shipped one model as two products, split not by capability but by a layer of safety classifiers. Fable 5 goes to the public. Its twin, Claude Mythos 5, the same underlying model with the cyber safeguards lifted, stays locked to a vetted group of cyber
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite 1,000 breaches is one hell of a milestone. It's not just the process of getting data, verifying it, loading it, sending notifications etc, it's all the other stuff that goes into keeping the whole thing afloat. Legal docs. Trademarks. Accounting. Agreements. The most mind-numbingly boring stuff you can imagine happening in the background so that the stuff you see in the foreground can all work. And then there are those "other things" I had to deal with along the way, but more of that in this week's video. Thanks to everyone who has stuck around to see this thing reach such a milestone
The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named RoguePlanet. "The exploit is a race condition, so it's a hit or miss," the researcher, who published the exploit under a new GitHub account "MSNightmare" said. "I have managed to get a 100% success rate on
Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result in remote code execution (RCE) and denial-of-service (DoS) attacks. "In affected environments, a single malicious protobuf schema, descriptor, or crafted payload could be enough to trigger
Tuesday, June 9
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available. The software giant said in a blog post last month that both its engineers and the security community are increasing using artificial intelligence tools to find bugs, meaning this month’s heavy Patch Tuesday may start to become the norm, said Satnam Narang , senior staff research engineer at Tenable . “Some surveys put AI usage among security professionals generally at 90%, so it’s unsurprising that this volume of patches may be the norm,” Narang said. “Pandora’s proverbial box has been opened, and as more advanced AI models become available, we expect the norm to continue upward across the board, not just for Patch Tuesday.” June’s zero-day bugs include CVE-2026-49160 , a denial of service vulnerability affecting a range of web servers, including Microsoft Internet Information Services (IIS). Microsoft says the flaw was reported by OpenAI’s Codex. Two of the zero-days addressed this month appear to stem from recent vulnerability disclosures by Nightmare Eclipse , the nickname chosen by a security researcher who has been dropping exploits for various Windows flaws. One of those, dubbed “GreenPlasma,” leverages an elevation of privilege weakness in the Windows Collaborati
Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one layer of protection, it implemented a custom virtual machine with 32 opcode handlers, wrapped that in spaghetti code and anti-debug checks, and then buried a second VM inside the 64-bit payload. Microsoft’s researchers had to write their own IDA plugins and build a full opcode interpreter just to understand what the malware was doing. The idea that you could interpose an entire bytecode interpreter between your real logic and an analyst’s tools, making both static and dynamic analysis incredibly difficult, stuck with me. I made real progress toward this over
AI is changing the economics of offensive security. Models can now accelerate vulnerability discovery, reason about attack paths, draft exploit logic, and speed up remediation guidance. For defenders, that is a meaningful step forward. It is also the hard part. The capabilities that help defenders move faster also help attackers because cyber AI is dual-use […] The post Trusted Access, Human Validation, and the Future of AI Pentesting appeared first on Synack .
Overview Microsoft-signed UEFI bootloaders of the open-source shim project, primarily from version 0.9 and earlier, were identified as vulnerable to Secure Boot bypass. To mitigate this risk, the affected bootloaders will be added to the Microsoft UEFI Forbidden Signature Database (DBX). Once the DBX update is applied, these bootloaders will no longer be trusted for execution during the boot process. An attacker could exploit these vulnerable shim bootloaders using a Bring Your Own Vulnerable Driver (BYOVD)-style technique to execute arbitrary code during the early boot phase, prior to operating system initialization, thereby bypassing Secure Boot protections. Description The Unified Extensible Firmware Interface (UEFI) standard defines the modern firmware architecture used to initialize hardware and transfer control to the operating system during system startup. On systems with Secure Boot enabled, UEFI applications and drivers must be cryptographically signed and verified before execution. Trust for these signatures is established through several firmware-managed databases, including the authorized signature database (DB), which commonly contains the "Microsoft Corporation UEFI CA 2011" certificate. This Microsoft certificate is widely used to sign third-party boot components intended to run under Secure Boot. The open-source UEFI shim project is a small, signed bootloader that Microsoft signed using the "Microsoft Corporation UEFI CA 2011" certificate. Shim acts as a bridge between the motherboard's UEFI firmware and the operating system (typically a Linux distribution). Its purpose is to allow Linux distributions to boot with Secure Boot enabled without requiring every individual distribution's key to be built into the motherboard's NVRAM settings. In doing so, shim allows Linux distributions and other third parties to esta
Meta on Tuesday announced that it will use information shared by other businesses to personalize users' feed and responses from its artificial intelligence (AI) chatbot, expanding its scope beyond targeted ads. "Businesses often share information about people's activity on their sites with us to make ads more relevant," Meta said in a statement. "We already use this data - like games you play
Anthropic is releasing Claude Mythos 5 to trusted organizations and Claude Fable 5 to the public, a version it says can’t be used for cyberattacks.
Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as CVE-2026-44963, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.0. "A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain user," Veeam said in a Tuesday advisory. It
Tech company says it ‘caught and disrupted’ NSO Group’s attempts to access accounts in Jordan and Lebanon A spyware firm has been targeting WhatsApp users with malicious links in contravention of a US court order forbidding it from doing so, Meta has said. In a post, Meta said WhatsApp had “caught and disrupted spear phishing attempts” by NSO Group, which a spokesperson said targeted a handful of users in Jordan and Lebanon. It had also caught the group creating “test accounts and groups” on WhatsApp. Continue reading...
Worm is a desktop forensic acquisition tool for authorized investigations. It brings disk imaging, memory acquisition, Android collection, hash verification, case output handling, image viewing, and reporting into one native application. The app runs as a real desktop window on Linux and Windows. [https://github.com/noirlang/worm](https://github.com/noirlang/worm) [https://worm.noirlang.tr/](https://worm.noirlang.tr/)
Monday, June 8
The code WIRED identified is gone from the latest version of Meta AI, the companion app for the company’s smart glasses. Meta won’t say why or whether it’s coming back.
COPENHAGEN, Denmark, June 8, 2026 – Heimdal has achieved ISAE 3000 SOC 2 Type II certification for the sixth consecutive year, reflecting the company’s continued focus on operational security, accountability, and data protection. The 2026 audit covered the period from 1 April 2025 to 31 March 2026 and examined Heimdal’s controls across access management, data […] The post Heimdal® Marks Six Years of Consecutive ISAE 3000 SOC 2 Type II Certification appeared first on Heimdal Security Blog .
To reduce the amount of noise from questions, we have disabled self-posts in favor of a unified questions thread every week. Feel free to ask any question about reverse engineering here. If your question is about how to use a specific tool, or is specific to some particular target, you will have better luck on the [Reverse Engineering StackExchange](http://reverseengineering.stackexchange.com/). See also /r/AskReverseEngineering.
A WIRED timeline shows how dozens of governments, companies, and other organizations across Europe are moving, or planning to shift, away from US Big Tech.
Sunday, June 7
Slapping an LLM onto a security tool without guardrails is a massive liability. In digital forensics and incident response (DFIR), an AI hallucination can ruin an entire chain of custody. An answer without mathematical, binary proof is completely worthless. If an AI agent cannot anchor its reasoning to exact offsets, hashes, and unmanipulated timestamps, it has no business touching forensic data. With **Crow-Eye v0.11.0**, we are pushing a massive update to our full-spectrum forensic lifecycle platform. This release introduces a hardened AI compliance architecture and completely upgrades the core correlation engines. We are treating the underlying intelligence layer like a highly supervised junior analyst. Everything it sees is hashed, everything it thinks is visible, its memory management is strictly audited, and its ability to alter rules is completely sandboxed. Here is exactly how we are enforcing forensic integrity under the hood in v0.11.0: # 1. AI Compliance & Governance # Evidence Seal & Cryptographic Chain of Custody Every single time the AI interacts with your forensic data, it is cryptographically verified. * **The Process:** Before any payload is passed to the AI model, the `evidence_seal.py` service steps in. * **Hashing & Provenance:** It calculates the SHA-256 hash of the exact bytes being sent and attaches metadata tracking the absolute source (e.g., `database:table:rowid`), token count, and the specific AI model used. * **Hash-Chaining:** This metadata is written to an append-only JSONL ledger. Each new record incorporates the hash of the previous record. If a single byte of historical evidence is tampered with, the entire cryptographic chain breaks instantly. # The TruncationAuditor Service (Context Auditing) AI context windows are a massive compliance bottleneck. Silent truncation—where a tool quietly drops data when limits are exceeded—is unacceptable in an investigation. The `TruncationAuditor` service acts as a strict forensic bookkeeper to log exactly how history is modified during our Self-Healing Context routine. * **The Append-Only Audit Log:** Events are permanently written to `<case>/EYE_Logs/truncation_audit.log`, tracking whether data was compressed (`SUMMARIZED`) or entirely removed (`TRUNCATED`). * **High-Fidelity Tracking:** Every single dropped or compressed message records its unique Message ID, token count, reason (e.g., `budget_exceeded`), extra JSON metadata, and a SHA-256 Content Hash of the exact message text to mathematically prove what was removed. * **Tamper-Evident Hash-Chaining:** Each log entry combines its content with the hash of the previous log line using a `chain=...` signature. If a rogue actor manually deletes a record from the text log to hide missed evidence, the chain breaks instantly, and the `verify_chain()` check fails. * **Protocol Compliance Panel:** The auditor exports this ledger into a structured JSON array (`audit_trail.json`). The React UI reads this to give investigators a clean visual timeline of exactly what was preserved, summarized, or dropped. https://preview.redd.it/7yysi31xgu5h1.png?width=3394&format=png&auto=webp&s=16032abda1bbbccd2986be1479e37a0c45ec5a69 # The ThinkingStep Protocol (Anti-Black-Box Streaming) The AI is hard-coded to "show its work." The `ThinkingStep` protocol bridges the Python backend (`eye_bridge.py` and `query_processor.py`) and the React frontend (`EyeDialogue.tsx`), streaming real-time updates over `QWebChannel` across 4 distinct, auditable phases: * **Phase 1: thinking (Intent Detection):** The backend queries the LLM to determine intent (e.g., separating general questions from direct MFT queries). The UI displays "Analyzing request..." * **Phase 2: rag (Retrieval-Augmented Generation):** The backend searches local forensic rules inside `configs/knowledge_base/` (like pulling up Living off the Land tactics for PowerShell analysis) and shows you exactly what was fetched. * **Phase 3: tool\_call (Execution):** If the AI needs hard data, it sends a structured command to the backend to fire off a tool (e.g., executing a raw SQLite database query). The UI displays a dedicated "Tool Execution" block exposing the exact arguments, execution status, and raw JSON payloads returned. This layer loops sequentially if multiple tools are required. If a tool fails on a bad SQL query, the step turns red, exposes the raw Python exception, and allows the AI to catch the error in its context to heal and try a corrected query. * **Phase 4: synthesis (Final Generation):** The backend bundles the RAG knowledge and tool results securely using the Evidence Seal, routing them to the model to stream out the final human-readable response. * **UI Transparency:** In the frontend, these phases are rendered as interactive, collapsible accordion blocks. You can expand a tool block to verify every database query syntax or piece of documentation the AI used before arriving at its final conclusion. # Governance Enforcement Protocols (GEP Rules 9-11) When the AI acts as an author (like generating correlation rules), it is locked down: * **Reasoning Required (R9):** The AI cannot create or edit any rule without rendering a clear text justification. * **Evidence Linking (R10):** The AI cannot hallucinate a rule. It must bind it back to the exact physical forensic artifact (`related_evidence`) that prompted it. * **Read-Only Built-ins (R11):** The AI is strictly sandboxed from modifying human-authored rules or built-in system defaults. # 2. Core Engine Upgrades With the AI heavily supervised, v0.11.0 also delivers massive architectural upgrades to the data engines feeding the platform. **Advanced Core Correlation Engine Upgrade** An adversary leaves footprints across multiple layers of the system simultaneously. * **Deep Artifact Stitching:** Crow-Eye automatically maps the connective tissue between Master File Table (MFT) records, Registry hives, LNK files, and Jump Lists. * **Instant Timeline Reconstruction:** The engine identifies non-obvious relationships instantly, allowing you to trace an execution lifecycle from initial file access straight to system persistence without manual cross-referencing. **Ironclad Identity Engine Upgrade** Attributing actions to specific security identifiers (SIDs) in modern Windows 11 environments can get incredibly messy during high-stress triage. * The upgraded **Identity Engine** brings precise, deterministic execution-context tracking. It resolves user sessions, elevation states, and mapped SIDs with absolute certainty, eliminating ambiguity during credential abuse investigations. For the next release, I am focusing completely on user bugs and performance edge-cases. Please feel free to contact me for any bug reports or support queries you can find all of my direct contact details on the official website:https://crow-eye.com/ **GitHub:**[https://github.com/Ghassan-elsman/Crow-Eye](https://github.com/Ghassan-elsman/Crow-Eye) for the full details of the Resale notes please check [https://github.com/Ghassan-elsman/Crow-Eye/releases/tag/0.11.0](https://github.com/Ghassan-elsman/Crow-Eye/releases/tag/0.11.0) Good hunting,
EDRChoker uses **Policy-based Quality of Service (QoS)** to set hard bandwidth caps (throttling) on Endpoint Detection and Response (EDR) agents, causing them to always time out - effectively blocking them.
I recently learned about multiple sandbox bypasses discovered in Twig by project Glasswing. From the descriptions, only CVE-2026-46640 and CVE-2026-46633 seemed universally exploitable, so I decoded to research them. This writeup documents my development of payloads for the CVE-2026-46640 and the corresponding SSTImap module.
Saturday, June 6
Plus: Hackers use Meta’s AI bots to hack Instagram accounts, Anthropic helps NSA hackers, a decades-long GPS satellite mystery may have been solved, and more.
Friday, June 5
At Gartner SRM 2026 this week I gave a talk called “Cutting Through AI Noise: Defending Against Machine-Speed Cyber Adversaries.” The room was full of security leaders who’ve been through enough hype cycles to be skeptical of seeing AI on the label. That skepticism is warranted, and I built the session around it. Here’s what […] The post What I Told Security Leaders at Gartner SRM 2026 appeared first on Synack .