[Research] Full-chain RCE in Microsoft Semantic Kernel & Agent Framework 1.0 (6 Bypasses)
https://nuka-ai.github.io/posts/2026-07-28-Semantic-Kernel-disclosure/
Submitted April 28, 2026 at 07:40PM by JDP-SEC
via reddit https://ift.tt/dfQkSH1
https://nuka-ai.github.io/posts/2026-07-28-Semantic-Kernel-disclosure/
Submitted April 28, 2026 at 07:40PM by JDP-SEC
via reddit https://ift.tt/dfQkSH1
nuka-ai.github.io
Microsoft's Semantic Kernel - The Cracked Kernel - Nuka-AI Research Series
Technical research and advisories focusing on RCE and architectural trust gaps in AI orchestration frameworks.
89 vulnerabilities in XAPI / Citrix XenServer
https://ift.tt/3oLdbEB
Submitted April 28, 2026 at 12:36PM by AlmondOffSec
via reddit https://ift.tt/cl85R3q
https://ift.tt/3oLdbEB
Submitted April 28, 2026 at 12:36PM by AlmondOffSec
via reddit https://ift.tt/cl85R3q
shittrix.moksha.dk
89 vulnerabilities in XAPI / Citrix XenServer
Day-0 public disclosure of 89 independently exploitable vulnerabilities in Citrix's hypervisor management platform. 5 Critical, 28 High across 8 XAPI object types. Independent security research by Jakob Wolffhechel.
Kaspersky recently disclosed PhantomRPC, a privilege escalation technique affecting all Windows versions (tested on Server 2022/2025)
https://ift.tt/l6MItBw
Submitted April 27, 2026 at 10:42PM by maxcoder88
via reddit https://ift.tt/m4AGHvq
https://ift.tt/l6MItBw
Submitted April 27, 2026 at 10:42PM by maxcoder88
via reddit https://ift.tt/m4AGHvq
A Route to Root in a 4G Industrial Router
https://ift.tt/45oXhK0
Submitted April 29, 2026 at 07:09AM by _pimps
via reddit https://ift.tt/JXrO6Bd
https://ift.tt/45oXhK0
Submitted April 29, 2026 at 07:09AM by _pimps
via reddit https://ift.tt/JXrO6Bd
Set up automated dependency scanning after the recent npm/PyPI supply chain attacks
https://ift.tt/enDoJgr
Submitted April 29, 2026 at 07:03PM by root0ps
via reddit https://ift.tt/sExr6p2
https://ift.tt/enDoJgr
Submitted April 29, 2026 at 07:03PM by root0ps
via reddit https://ift.tt/sExr6p2
Medium
Setting Up Dependency-Track for SBOM-Based Supply Chain Security
Secure your projects with automated SBOM generation, vulnerability scanning, and GitHub Actions integration
The Thymeleaf Template Injection That Only Hurts If You Let It
https://ift.tt/6AHtr4S
Submitted April 29, 2026 at 09:58PM by lirantal
via reddit https://ift.tt/4f3cM1G
https://ift.tt/6AHtr4S
Submitted April 29, 2026 at 09:58PM by lirantal
via reddit https://ift.tt/4f3cM1G
Snyk
The Thymeleaf Template Injection That Only Hurts If You Let It | Snyk
CVE-2026-40478: The Thymeleaf template injection (CVSS 9.1) is conditional. Patch to 3.1.4+ immediately, and audit your code for dynamic view or template expression misuse, which is the key precondition for exploitability.
AI security capabilities and the human side of vulnerability management
https://ift.tt/ocl5ULd
Submitted April 29, 2026 at 11:22PM by pathetiq
via reddit https://ift.tt/92mI6Fr
https://ift.tt/ocl5ULd
Submitted April 29, 2026 at 11:22PM by pathetiq
via reddit https://ift.tt/92mI6Fr
Security Autopsy
AI security capabilities and the human side of vulnerability management
Mythos, oh Mythos. The whole web started to panic, leadership started to care about security... "good", but not really because this is fear, not real interest in securing their clients' data and environments. Mythos came out hard, finding vulnerabilities…
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940) - watchTowr Labs
https://ift.tt/Cq6iDuh
Submitted April 29, 2026 at 10:50PM by dx7r__
via reddit https://ift.tt/fl2r6sR
https://ift.tt/Cq6iDuh
Submitted April 29, 2026 at 10:50PM by dx7r__
via reddit https://ift.tt/fl2r6sR
watchTowr Labs
The Internet Is Falling Down, Falling Down, Falling Down (cPanel & WHM Authentication Bypass CVE-2026-41940)
Hello! Yes, it's all a disaster again!
Let's get this party started:
0:00
/0:12
1×
No comments today, so imagine this:
* We wrote something that we find very funny,
* Nobody else gets it,
* But everyone humors…
Let's get this party started:
0:00
/0:12
1×
No comments today, so imagine this:
* We wrote something that we find very funny,
* Nobody else gets it,
* But everyone humors…
Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root
https://nerds.xyz/2026/04/copy-fail-linux-root-exploit/
Submitted April 30, 2026 at 04:01AM by OkReport5065
via reddit https://ift.tt/vSaiQeW
https://nerds.xyz/2026/04/copy-fail-linux-root-exploit/
Submitted April 30, 2026 at 04:01AM by OkReport5065
via reddit https://ift.tt/vSaiQeW
NERDS.xyz
Copy Fail exploit lets 732 bytes hijack Linux systems and quietly grab root
A newly disclosed Linux kernel vulnerability called Copy Fail lets a normal user gain root access using just a 732-byte script. The exploit is simple, reliable, and works across major distributions like Ubuntu, RHEL, and SUSE. Even worse, it silently modifies…
Seventeen vulnerabilities in Omi, fourteen days of silence
https://kasparovabi.github.io/security-research/2026-04-omi-disclosure.html
Submitted April 30, 2026 at 05:02PM by kasparovabi
via reddit https://ift.tt/df4AK9S
https://kasparovabi.github.io/security-research/2026-04-omi-disclosure.html
Submitted April 30, 2026 at 05:02PM by kasparovabi
via reddit https://ift.tt/df4AK9S
Security Research
Seventeen Vulnerabilities in Omi, Fourteen Days of Silence
CVSS 10.0 advisory against BasedHardware/Omi backend (audio-recording AI wearable, claimed 300,000 users). Filed privately on 2026-04-15, ignored for 14 days, related public security PR closed without merging. RCE, auth bypass, hardcoded encryption key, SSRF…
Inspektor Gadget Security Audit - Shielder
https://ift.tt/narRAd8
Submitted April 30, 2026 at 07:38PM by smaury
via reddit https://ift.tt/eqtFYv2
https://ift.tt/narRAd8
Submitted April 30, 2026 at 07:38PM by smaury
via reddit https://ift.tt/eqtFYv2
Shielder
Shielder - Inspektor Gadget Security Audit
Security audit of Inspektor Gadget, an eBPF-based observability framework for Linux and Kubernetes. Sponsored by the CNCF (Cloud Native Computing Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
Phishing is no longer human as AI now drives 86 percent of attacks
https://nerds.xyz/2026/04/ai-phishing-attacks-86-percent/
Submitted April 30, 2026 at 06:58PM by OkReport5065
via reddit https://ift.tt/5aK9WyU
https://nerds.xyz/2026/04/ai-phishing-attacks-86-percent/
Submitted April 30, 2026 at 06:58PM by OkReport5065
via reddit https://ift.tt/5aK9WyU
NERDS.xyz
Phishing is no longer human as AI now drives 86 percent of attacks
Phishing is no longer just about shady emails. New data shows AI now powers 86 percent of attacks, with scammers moving into Teams, calendar invites, and more. As threats get smarter and more coordinated, companies may need to fight AI with AI just to keep…
PromptMink: ReversingLabs discloses 7-month DPRK supply chain campaign using LLM Optimization (LLMO) to target AI coding agents via npm
https://ift.tt/gWp4AUn
Submitted April 30, 2026 at 08:26PM by LostPrune2143
via reddit https://ift.tt/caPjlMe
https://ift.tt/gWp4AUn
Submitted April 30, 2026 at 08:26PM by LostPrune2143
via reddit https://ift.tt/caPjlMe
blog.barrack.ai
PromptMink: How North Korea Tricked Claude Into Installing npm Malware | Barrack AI
Famous Chollima spent seven months building malicious npm packages specifically designed to fool Claude, Copilot, and Gemini CLI. ReversingLabs calls it LLM Optimization abuse. Here is how the attack works, what it steals, and why your AI agent cannot tell…
High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)
https://ift.tt/e27u6Ah
Submitted April 30, 2026 at 02:31PM by Mempodipper
via reddit https://ift.tt/VMyvtCc
https://ift.tt/e27u6Ah
Submitted April 30, 2026 at 02:31PM by Mempodipper
via reddit https://ift.tt/VMyvtCc
Searchlight Cyber
High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940) › Searchlight Cyber
Less than 24 hours ago, an advisory was released for a complete authentication bypass in cPanel. Successful exploitation allows an unauthenticated attacker to get a login session of any user, including the all-powerful root user via WHM. We have seen PoCs…
Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster
https://ift.tt/dLE15O0
Submitted May 1, 2026 at 02:02PM by 0x5h4un
via reddit https://ift.tt/bT63i1V
https://ift.tt/dLE15O0
Submitted May 1, 2026 at 02:02PM by 0x5h4un
via reddit https://ift.tt/bT63i1V
Disclosing.Observer
Handled, Not Hosted: Administrative Activity Inside a Bulletproof Hoster
An analysis of administrative activity in the Media Land leak, showing how provider-level behaviour is concentrated, embedded in customer infrastructure, and...
Billions of meals at risk due to Iran war, says fertiliser boss
https://wesearch.press/s/fertiliser-boss-says-war-puts-10-billion-meals-a-week-at-ris-f70ae176
Submitted May 1, 2026 at 02:57PM by OGMYT
via reddit https://ift.tt/aHjy0Mt
https://wesearch.press/s/fertiliser-boss-says-war-puts-10-billion-meals-a-week-at-ris-f70ae176
Submitted May 1, 2026 at 02:57PM by OGMYT
via reddit https://ift.tt/aHjy0Mt
WeSearch
Billions of meals at risk due to Iran war, says fertiliser boss
The CEO of Yara, one of the world's largest fertiliser producers, warned that the war in Iran has disrupted fertiliser supplies, potentially putting up to 10…
r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted May 1, 2026 at 06:59PM by albinowax
via reddit https://ift.tt/dgb68Iq
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted May 1, 2026 at 06:59PM by albinowax
via reddit https://ift.tt/dgb68Iq
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
Major AI Clients Shipping With Broken OAuth Implementations
https://ift.tt/1GgY5Ud
Submitted May 1, 2026 at 09:18PM by mhat
via reddit https://ift.tt/YPWKi04
https://ift.tt/1GgY5Ud
Submitted May 1, 2026 at 09:18PM by mhat
via reddit https://ift.tt/YPWKi04
SecureCoders
MCP CLI Clients Are Shipping Without Refresh-Token Support
The MCP OAuth specification mandates OAuth 2.1 with PKCE, but as of April 2026 not a single MCP client fully implements the refresh-token flow. Server teams are forced to issue dangerously long-lived access tokens as a workaround.
Every incident public companies have disclosed to the SEC, in one searchable database
https://ift.tt/iNO51nS
Submitted May 2, 2026 at 04:12AM by LordKittyPanther
via reddit https://ift.tt/JMNOmxX
https://ift.tt/iNO51nS
Submitted May 2, 2026 at 04:12AM by LordKittyPanther
via reddit https://ift.tt/JMNOmxX
Duke Security
SEC Cybersecurity Incidents Database | Duke Security
SEC-disclosed cybersecurity incidents, AI-tagged with Duke's breach taxonomy.
For vulnerability research, smaller models run repeatedly can outperform larger frontier models on cost-to-recall.
https://ift.tt/Wf5D2l1
Submitted May 2, 2026 at 05:00AM by EliteRaids
via reddit https://ift.tt/zf8gWq9
https://ift.tt/Wf5D2l1
Submitted May 2, 2026 at 05:00AM by EliteRaids
via reddit https://ift.tt/zf8gWq9
Hacktron AI
Why Mythos doesn't matter (for us)
Benchmarking Hacktron's scanning pipeline shows that for most applications, smaller models run repeatedly can outperform larger frontier models on cost-to-recall.