1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. Austrian researchers demonstrated that all 3
Austrian researchers demonstrated that all 3.5 billion WhatsApp users can be enumerated at 100 million users per hour, exposing phone numbers, profile photos (57%), and profile texts (27%) via the WhatsApp Web interface. Meta addressed the issue by implementing rate limiting.
Category: Newsletter
9. Deepstrike published a detailed guide highlighting common se…
Deepstrike published a detailed guide highlighting common security pitfalls in Next.js applications, such as risks from dangerouslySetInnerHtml and third-party templating engines, and attack surfaces including SSRF through image optimization and misconfigured server actions.
Category: Newsletter
10. ShadowRay 2
ShadowRay 2.0 malware campaign targets Ray, an open-source AI framework, hijacking compute clusters to form a self-propagating botnet capable of data theft, DDoS attacks, and autonomous spread. The attack exploits unpatched flaws and exposed misconfigurations.
Category: Newsletter
11. SupaPwn is a multi-stage exploit affecting outdated Supabase…
SupaPwn is a multi-stage exploit affecting outdated Supabase setups, exploiting privilege weaknesses and cloud credential issues to escalate beyond tenant permissions. Rapid patches limited impact, with AI tools aiding exploit development and validation.
Category: Newsletter
12. Research by Endor Labs analyzed over 10,000 GitHub repositor…
Research by Endor Labs analyzed over 10,000 GitHub repositories and found AI coding agents introduce supply chain risks by recommending dependencies, 49% of which have known vulnerabilities and 34% do not actually exist.
Category: Newsletter
13. DetonatorAgent is an open-source tool providing a Web API pl…
DetonatorAgent is an open-source tool providing a Web API platform to safely detonate malware within virtual machines and collect endpoint detection and response (EDR) logs for analysis.
Category: Newsletter
14. This Python CLI tool uses large language models and an embed…
This Python CLI tool uses large language models and an embedded Selenium browser to automatically solve several CAPTCHA types, streamlining automated interactions with protected web services.
Category: Newsletter
15. Mate provides AI-driven automation for security operations c…
Mate provides AI-driven automation for security operations centers (SOCs), reducing false positives and mean time to respond (MTTR) while enabling continuous learning and improvement of incident investigation workflows.
Category: Newsletter