Pwning Supercomputers - A 20yo vulnerability in Munge
https://ift.tt/4Nv7Ys1
Submitted February 13, 2026 at 02:26PM by qwerty0x41
via reddit https://ift.tt/xwnQ4pH
https://ift.tt/4Nv7Ys1
Submitted February 13, 2026 at 02:26PM by qwerty0x41
via reddit https://ift.tt/xwnQ4pH
blog.lexfo.fr
Pwning Supercomputers - A 20yo vulnerability in Munge
<p>Exploiting Heap Buffer Overflow in the authentication daemon used by most High Performance Computer.</p>
Brutus: Open-source credential testing tool for offensive security
https://ift.tt/oYNfKTa
Submitted February 13, 2026 at 09:03PM by Praetorian_Security
via reddit https://ift.tt/0AWmR5n
https://ift.tt/oYNfKTa
Submitted February 13, 2026 at 09:03PM by Praetorian_Security
via reddit https://ift.tt/0AWmR5n
Help Net Security
Brutus: Open-source credential testing tool for offensive security
Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated
BeyondTrust Gets Hit Again: Pre-Auth RCE in Remote Support Tools
https://ift.tt/c1xKSN2
Submitted February 13, 2026 at 10:26PM by IncidentSpecial5053
via reddit https://ift.tt/I1TPbA7
https://ift.tt/c1xKSN2
Submitted February 13, 2026 at 10:26PM by IncidentSpecial5053
via reddit https://ift.tt/I1TPbA7
FOSS Daily!
BeyondTrust Gets Hit Again: Pre-Auth RCE in Remote Support Tools
CVE-2026-1731: Command injection vulnerability in BeyondTrust Remote Support and Privileged Remote Access allows unauthenticated remote code execution
BeyondTrust Gets Hit Again: Pre-Auth RCE in Remote Support Tools
https://ift.tt/wlSAOh5
Submitted February 13, 2026 at 10:28PM by IncidentSpecial5053
via reddit https://ift.tt/v9AfDFg
https://ift.tt/wlSAOh5
Submitted February 13, 2026 at 10:28PM by IncidentSpecial5053
via reddit https://ift.tt/v9AfDFg
FOSS Daily!
BeyondTrust Gets Hit Again: Pre-Auth RCE in Remote Support Tools
CVE-2026-1731: Command injection vulnerability in BeyondTrust Remote Support and Privileged Remote Access allows unauthenticated remote code execution
Best Free Security Tools Everyone Should Use in 2026
https://ift.tt/lbmaKt9
Submitted February 14, 2026 at 10:21AM by i-drake
via reddit https://ift.tt/5LEiRuJ
https://ift.tt/lbmaKt9
Submitted February 14, 2026 at 10:21AM by i-drake
via reddit https://ift.tt/5LEiRuJ
techputs
Best Free Security Tools Everyone Should Use in 2026
Discover the best free security tools in 2026 for antivirus, network scanning, password management, and penetration testing. Protect your devices without spending money.
Hacking a pharmacy to get free prescription drugs and more
https://ift.tt/jakwG37
Submitted February 14, 2026 at 06:58PM by EatonZ
via reddit https://ift.tt/Mw430Va
https://ift.tt/jakwG37
Submitted February 14, 2026 at 06:58PM by EatonZ
via reddit https://ift.tt/Mw430Va
Eaton-Works
Hacking a pharmacy to get free prescription drugs and more
Super admin exploit on Dava India Pharmacy’s website gave complete control over everything.
I’m building graph-based compliance risk engine, looking for honest feedback
http://joinsentra.com/
Submitted February 14, 2026 at 09:14PM by Queasy_Hamster_6040
via reddit https://ift.tt/c7g0IyW
http://joinsentra.com/
Submitted February 14, 2026 at 09:14PM by Queasy_Hamster_6040
via reddit https://ift.tt/c7g0IyW
Abuse-prevention design: using IP reputation as one signal in signup defense-in-depth
https://ift.tt/HZOMFyI
Submitted February 14, 2026 at 10:53PM by prem_onReddit
via reddit https://ift.tt/Vu3axoC
https://ift.tt/HZOMFyI
Submitted February 14, 2026 at 10:53PM by prem_onReddit
via reddit https://ift.tt/Vu3axoC
Ipqualityscore
IP Fraud Score & Risk Checker | Real-Time IP Risk Analysis
Free IP fraud score checker & risk analysis tool. Detect proxies, VPNs, bots & high-risk IPs in real time with IPQualityScore's accurate fraud detection.
Cloudflare Pages “Continue Read” Redirect Kit Abused for Phishing, Adware, and Malware Delivery
https://ift.tt/vBiCk86
Submitted February 15, 2026 at 01:17AM by anuraggawande
via reddit https://ift.tt/DEGWSdj
https://ift.tt/vBiCk86
Submitted February 15, 2026 at 01:17AM by anuraggawande
via reddit https://ift.tt/DEGWSdj
Malware Analysis, Phishing, and Email Scams
Cloudflare Pages “Continue Read” Redirect Kit Abused for Phishing, Adware, and Malware Delivery
I identified a long-running redirect infrastructure abusing Cloudflare Pages (pages.dev) to host benign-looking SEO articles (for example, celebrity “net worth” blogs or gaming help con…
First Ever OffSec USA Chapter Meetup - DMV Area!
https://ift.tt/fYhQeAH
Submitted February 15, 2026 at 06:24AM by Kaorrosi
via reddit https://ift.tt/g1DXNty
https://ift.tt/fYhQeAH
Submitted February 15, 2026 at 06:24AM by Kaorrosi
via reddit https://ift.tt/g1DXNty
oxidized-root-d90 on Notion
March ’26 Meetup Registration | Notion
Hosted by Notion Sites — The easiest way to get a website up and running.
Introducing IDA-Free-MCP: mcp server for IDA Free version (native)
https://0xshlomil.github.io/introducing-ida-free-mcp/
Submitted February 15, 2026 at 12:15PM by Full_One_4807
via reddit https://ift.tt/Gx9ofUy
https://0xshlomil.github.io/introducing-ida-free-mcp/
Submitted February 15, 2026 at 12:15PM by Full_One_4807
via reddit https://ift.tt/Gx9ofUy
Product engineering teams must own supply chain risk
https://ift.tt/X6QTHIi
Submitted February 15, 2026 at 07:28PM by ArtisticProgrammer11
via reddit https://ift.tt/oPlqxWD
https://ift.tt/X6QTHIi
Submitted February 15, 2026 at 07:28PM by ArtisticProgrammer11
via reddit https://ift.tt/oPlqxWD
www.hyperact.co.uk
Product engineering teams must own supply chain risk
Product teams must own software supply chain risk as third-party dependencies become the primary attack surface. Learn how provenance, attestations, and SLSA make trust explicit, enforceable, and verifiable.
I built a free, open-source platform to learn GenAI security, learning content + hands-on labs against real LLMs (beta, looking for feedback)
https://ift.tt/17MenyD
Submitted February 16, 2026 at 04:09AM by MasterpieceMuch872
via reddit https://ift.tt/QAPk9iz
https://ift.tt/17MenyD
Submitted February 16, 2026 at 04:09AM by MasterpieceMuch872
via reddit https://ift.tt/QAPk9iz
PromptTrace
PromptTrace — GenAI Security Labs
Learn to hack and defend AI systems through hands-on labs. Practice prompt injection, RAG poisoning, and tool exploitation against real LLMs.
sandboxec: A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
https://ift.tt/Xy8pzMZ
Submitted February 16, 2026 at 01:47PM by dwisiswant0
via reddit https://ift.tt/MOgcmsF
https://ift.tt/Xy8pzMZ
Submitted February 16, 2026 at 01:47PM by dwisiswant0
via reddit https://ift.tt/MOgcmsF
GitHub
GitHub - dwisiswant0/sandboxec: A lightweight command sandbox for Linux, secure-by-default, built on Landlock.
A lightweight command sandbox for Linux, secure-by-default, built on Landlock. - dwisiswant0/sandboxec
Architectural Isolation Tradeoffs in the OpenClaw Ecosystem After CVE-2026-25253
https://ift.tt/LINeBbu
Submitted February 16, 2026 at 01:34PM by rsrini7
via reddit https://ift.tt/Fd1eIE5
https://ift.tt/LINeBbu
Submitted February 16, 2026 at 01:34PM by rsrini7
via reddit https://ift.tt/Fd1eIE5
New Joomla! Novarain/Tassos Framework Vulnerabilities Advisory
https://ift.tt/rF3gGCE
Submitted February 16, 2026 at 02:45PM by SSDisclosure
via reddit https://ift.tt/MKIBiDt
https://ift.tt/rF3gGCE
Submitted February 16, 2026 at 02:45PM by SSDisclosure
via reddit https://ift.tt/MKIBiDt
SSD Secure Disclosure
Joomla! Novarain/Tassos Framework Vulnerabilities - SSD Secure Disclosure
Summary Source code review of the Novarain/Tassos Framework revealed three critical primitives – unauthenticated file read, unauthenticated file deletion, and SQL injection leading to arbitrary database read – across five widely deployed Joomla! extensions…
[Analysis] Massive Active GitHub Malware Campaign | Hundreds of Malicious Repositories Identified
https://ift.tt/6jsgzio
Submitted February 16, 2026 at 04:38PM by WanderBetter
via reddit https://ift.tt/dexMQvw
https://ift.tt/6jsgzio
Submitted February 16, 2026 at 04:38PM by WanderBetter
via reddit https://ift.tt/dexMQvw
brennan.day
The Curious Case of the Triton Malware Fork
Today, a weird malware distribution campaign targeting users of omg.lol and Triton, an open-source macOS client of omg.lol, was found. The attack leverages the trust of GitHub, creating a malicious fork where the download link has been replaced with malware…
Security audit for LLM skill files: skillaudit.sh
https://skillaudit.sh/
Submitted February 17, 2026 at 12:11AM by c0daman
via reddit https://ift.tt/zIcxhr6
https://skillaudit.sh/
Submitted February 17, 2026 at 12:11AM by c0daman
via reddit https://ift.tt/zIcxhr6
skillaudit.sh
Security audit for LLM skill files in GitHub repositories
nono - kernel-enforced capability sandbox for AI agents
https://nono.sh
Submitted February 17, 2026 at 01:29AM by DecodeBytes
via reddit https://ift.tt/1OGcthT
https://nono.sh
Submitted February 17, 2026 at 01:29AM by DecodeBytes
via reddit https://ift.tt/1OGcthT
nono.sh
nono - Secure Shell for AI Agents
OS-enforced capability sandbox for running untrusted AI agents. No escape hatch. Works with any AI agent.
When Audits Fail Part 2: From Pre-Auth SSRF to RCE in TRUfusion Enterprise
https://ift.tt/QNbqiwJ
Submitted February 17, 2026 at 02:06AM by MrTuxracer
via reddit https://ift.tt/sOj2zNX
https://ift.tt/QNbqiwJ
Submitted February 17, 2026 at 02:06AM by MrTuxracer
via reddit https://ift.tt/sOj2zNX
RCE Security - Your European Offensive Security Partner
When Audits Fail Part 2: From Pre-Auth SSRF … | RCE Security
A pre-auth SSRF in TRUfusion Enterprise (CVE-2025-32355) allows external attackers to reach internal-only services via a misconfigured reverse proxy. This …