Netsec
@RNetsec
7.51K subscribers
22.6K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.51K subscribers
Netsec
Tracking DPRK operator IPs over time by snooping on mailboxes
https://ift.tt/wXh1gjW

Submitted 2026-02-25T12:31:10+00:00 by -nbsp-
via reddit https://ift.tt/OjRLnrW
kmsec.uk
Tracking DPRK operator IPs over time | kmsec.uk
FAMOUS CHOLLIMA's temporary email usage leaks IP addresses (opsec mistakes part 3)
406 views
Netsec
I rendered 1,418 Unicode confusable pairs across 230 system fonts. 82 are pixel-identical, and the font your site uses determines which ones.
https://paultendo.github.io/posts/confusable-vision-visual-similarity/

Submitted 2026-02-25T12:27:57+00:00 by paultendo
via reddit https://ift.tt/73vPMkJ
paultendo.github.io
I rendered 1,418 Unicode confusable pairs across 230 fonts. Most aren't confusable to the eye.
confusable-vision renders every TR39 confusable pair across 230 macOS system fonts and measures visual similarity with SSIM. 96.5% of confusables.txt is not high-risk, but 82 pairs are pixel-identical in at least one font.
425 views
Netsec
Large-Scale Online Deanonymization with LLMs
https://ift.tt/ThEeqYg

Submitted 2026-02-25T14:08:30+00:00 by MyFest
via reddit https://ift.tt/IJqlwEQ
Substack
Large-Scale Online Deanonymization with LLMs
We measure the capabilities of LLMs to deanonymize users online.
411 views
Netsec
Active deception against AI pentesting agents: context saturation, tarpitting benchmarks, and cited research
https://ift.tt/aJkjcxh

Submitted 2026-02-25T18:47:38+00:00 by AdventurousPlum7945
via reddit https://ift.tt/jRCiLNZ
portspoof.io
AI Agents Are Scanning Your Network. Here's What Stops Them.
AI agents now run 80-90% of attack campaigns autonomously. Active deception exhausts them by flooding context windows, draining budgets, and freezing pipelines.
385 views
Netsec
Enterprise Evaluation Framework for OpenClaw (and other autonomous AI agents)
https://ift.tt/WfqYh68

Submitted 2026-02-25T19:53:56+00:00 by HobbyGamerDev
via reddit https://ift.tt/dYlEc0W
www.onyx.app
OpenClaw Enterprise Evaluation Framework | CLAW-10
A 10-dimension scoring matrix for evaluating OpenClaw in enterprise environments. Evidence-based ratings across identity, sandboxing, and compliance.
395 views
Netsec
Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain(s)) - watchTowr Labs
https://ift.tt/7Cxpo48

Submitted 2026-02-25T20:16:20+00:00 by dx7r__
via reddit https://ift.tt/He6gLC0
watchTowr Labs
Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain(s))
It’s been a while, but we’re back - in time for story time.

Gather round, strap in, and prepare for another depressing journey of “all we wanted to do was reproduce an N-day, and here we are with 0-days”.

Today, friends, we’re looking at SolarWinds Web…
445 views
Netsec
Diesel Vortex: Inside the Russian cybercrime group targeting US & EU freight
https://ift.tt/TqDLOXv

Submitted 2026-02-24T10:42:20+00:00 by JDBHub
via reddit https://ift.tt/fC5to2b
Have I Been Squatted
Diesel Vortex: Inside the Russian cybercrime group targeting US & EU freight — Have I Been Squatted
Diesel Vortex is a Russian phishing-as-a-service group targeting freight and logistics companies across the US and Europe. This report details the group's infrastructure, tactics, and the 1,600+ credentials stolen from DAT Truckstop, Penske, EFS and Timocom.
448 views
Netsec
Google API Keys Weren't Secrets. But then Gemini Changed the Rules.
https://ift.tt/MYxrjzO

Submitted 2026-02-26T09:48:43+00:00 by _vavkamil_
via reddit https://ift.tt/iQb8nDI
Trufflesecurity
Google API Keys Weren't Secrets. But then Gemini Changed the Rules. ◆ Truffle Security Co.
Google spent over a decade telling developers that Google API keys (like those used in Maps, Firebase, etc.) are not secrets. But that's no longer true.
419 views
Netsec
We audited 1,620 OpenClaw skills. The ecosystem's safety scanner labels 91% of confirmed threats "benign." [full reports linked]
https://ift.tt/9otbPiL

Submitted 2026-02-26T14:50:23+00:00 by Ok-Form1598
via reddit https://ift.tt/83Oxykp
Oathe
The Malware Isn't in the Code — Oathe Engineering
We audited 1,620 AI agent skills. The leading security scanner missed 91% of the threats.
440 views
Netsec
Reverse Engineering Garmin Watch Applications with Ghidra
https://ift.tt/VwUzK8n

Submitted 2026-02-26T16:15:05+00:00 by anvilventures
via reddit https://ift.tt/PFlgALa
Anvil Secure
Reverse Engineering Garmin Watch Applications with Ghidra - Anvil Secure
Luigi Fragale introduces a custom Ghidra processor and loader for reverse engineering Garmin watch application binaries.
438 views
Netsec
New Malware - Moonrise Analysis
https://ift.tt/MXuHaEz

Submitted February 27, 2026 at 01:25AM by Deciqher_
via reddit https://ift.tt/UDoruVH
Evalian®
Moonrise remote access trojan analysis: live surveillance and crypto theft capabilities
Technical analysis of the Moonrise remote access trojan, including WebSocket C2 architecture, JSON command schema, surveillance features and crypto theft risk.
414 views
Netsec
Reverse CAPTCHA: Evaluating LLM Susceptibility to Invisible Unicode Instruction Injection
https://ift.tt/WSdTq3m

Submitted February 27, 2026 at 12:51AM by thecanonicalmg
via reddit https://ift.tt/jn6m7OQ
Moltwire
Reverse CAPTCHA: Evaluating LLM Susceptibility to Invisible Unicode Instruction Injection
A systematic evaluation of five frontier models across two encoding schemes, four hint levels, and tool use ablation — 8,308 graded outputs with full statistical analysis
450 views
Netsec
From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510)
https://ift.tt/Zjh2urY

Submitted February 27, 2026 at 12:49AM by WiseTuna
via reddit https://ift.tt/wOEBsW7
430 views
Netsec
We scanned 6,500+ ClawHub skills. 36% have security flaws. Built a Free Community run scanner to catch them before they execute
https://clawned.io

Submitted February 27, 2026 at 01:19PM by kinso1338
via reddit https://ift.tt/JtWdDoa
Clawned
Clawned — OpenClaw & ClawHub Security Scanner
Free scanner for OpenClaw skills and ClawHub packages. 230+ malicious skills blocked. 60+ threat patterns detected in seconds.
438 views
Netsec
Uncovering a Global macOS Malware Campaign
https://ift.tt/ZDSe1cz

Submitted February 27, 2026 at 04:46PM by RiddleMeDisk
via reddit https://ift.tt/4qVzEd6
Substack
The "Ghost" in the Annotations
Uncovering a Global macOS Malware Campaign
415 views
Netsec
Bypassing Apache FOP Postscript Escaping to reach GhostScript
https://ift.tt/ea45gsC

Submitted February 27, 2026 at 05:59PM by AlmondOffSec
via reddit https://ift.tt/H5W81mY
421 views
Netsec
Twitch Ships Server-Side Eppo Keys in Its iOS App, Exposing Its Entire Product Roadmap
https://ift.tt/5E8iCB2

Submitted February 27, 2026 at 06:56PM by AdTemporary2475
via reddit https://ift.tt/8QbJeuK
Buchodi's Threat Intel
Twitch Ships Server-Side Eppo Keys in Its iOS App, Exposing Its Entire Product Roadmap
How a one-character configuration mistake turns feature flags into a competitive intelligence feed

The Twitch iOS application initializes the Eppo feature flagging SDK (now a Datadog product) using server-side SDK Keys instead of Client Tokens. This means…
430 views
Netsec
The Forgotten Bug: How a Node.js Core Design Flaw Enables HTTP Request Splitting
https://r3verii.github.io/cve/2026/02/27/nodejs-toctou.html

Submitted February 27, 2026 at 11:28PM by r3verii
via reddit https://ift.tt/rMp2wcY
CyberSec Notes
The Forgotten Bug: How a Node.js Core Design Flaw Enables HTTP Request Splitting
Deep dive into a TOCTOU vulnerability in Node.js’s ClientRequest.path that bypasses CRLF validation and enables Header Injection and HTTP Request Splitting across 7+ major HTTP libraries totaling 160M+ weekly downloads.
468 views
Netsec
I used MCP Ghidra and Claude Code to find 9 kernel driver vulnerabilities on my gaming laptop
https://ift.tt/Ud7Wzls

Submitted February 28, 2026 at 08:40PM by Mindless-Study1898
via reddit https://ift.tt/gUnYQ4O
Cred Relay
Cred Relay Issue #2
Reverse engineering kernel drivers with MCP Ghidra and Claude Code
459 views
Netsec
Network Security News Feed
https://ift.tt/byimBlK

Submitted March 1, 2026 at 02:03AM by kivarada
via reddit https://ift.tt/9iOIb0a
insidestack.it
InsideStack | The Latest in Tech
InsideStack delivers the latest technology news, insights, and trends in one place.
493 views
Netsec
r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

Submitted March 1, 2026 at 07:59PM by albinowax
via reddit https://ift.tt/NyTWaVC
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
414 views