Post AI Agent Hacked Amazon & McKinsey, I compiled a list of 5 situations where deploying agents can be catastrophic
https://ift.tt/jveZzQ4
Submitted March 15, 2026 at 03:41PM by Physical-Parfait9980
via reddit https://ift.tt/AMtrY3B
https://ift.tt/jveZzQ4
Submitted March 15, 2026 at 03:41PM by Physical-Parfait9980
via reddit https://ift.tt/AMtrY3B
GlassWorm V2 analysis: Part 2. Infrastructure rotation and GitHub injection
https://ift.tt/7M84xXv
Submitted March 15, 2026 at 07:21PM by Willing_Monitor5855
via reddit https://ift.tt/4Hm90MT
https://ift.tt/7M84xXv
Submitted March 15, 2026 at 07:21PM by Willing_Monitor5855
via reddit https://ift.tt/4Hm90MT
We audited authorization in 30 AI agent frameworks — 93% rely on unscoped API keys
https://ift.tt/QyIteEP
Submitted March 15, 2026 at 07:15PM by MousseSad4993
via reddit https://ift.tt/oXj8fRD
https://ift.tt/QyIteEP
Submitted March 15, 2026 at 07:15PM by MousseSad4993
via reddit https://ift.tt/oXj8fRD
grantex.dev
State of AI Agent Security 2026
We audited 30 AI agent projects. 93% use unscoped API keys with no per-agent identity, no consent, and no revocation.
The rise of malicious repositories on GitHub
https://ift.tt/Q6ab8T4
Submitted March 16, 2026 at 02:24AM by f311a
via reddit https://ift.tt/WNLYZac
https://ift.tt/Q6ab8T4
Submitted March 16, 2026 at 02:24AM by f311a
via reddit https://ift.tt/WNLYZac
Artem Golubin
The rise of malicious repositories on GitHub
An article about malicious repositories on GitHub
Perfex CRM: Autologin cookie fed into unserialize() gives unauthenticated RCE
https://ift.tt/YBJdxfA
Submitted March 16, 2026 at 04:32PM by nullcathedral
via reddit https://ift.tt/cCy80lH
https://ift.tt/YBJdxfA
Submitted March 16, 2026 at 04:32PM by nullcathedral
via reddit https://ift.tt/cCy80lH
NULL CATHEDRAL
Perfex CRM <=3.4.0 allows unauthenticated RCE via insecure deserialization
Perfex CRM passed the autologin cookie into unserialize() without validation, giving unauthenticated attackers remote code execution.
How Autonomous AI Just Made INC Ransomware Obsolete
https://ift.tt/tpxJ6RN
Submitted March 16, 2026 at 05:35PM by Mysterious_Salt395
via reddit https://ift.tt/ON1Ga56
https://ift.tt/tpxJ6RN
Submitted March 16, 2026 at 05:35PM by Mysterious_Salt395
via reddit https://ift.tt/ON1Ga56
Guardz.com
How Autonomous AI Just Made INC Ransomware Obsolete | Guardz.com
One of the core philosophies we implement at Guardz is the deep integration of security and intelligence teams with our proprietary AI capabilities. This
Hypervisor Based Defense
https://idov31.github.io/posts/hypervisor-based-defense
Submitted March 16, 2026 at 08:46PM by Idov31
via reddit https://ift.tt/DAYt4Wl
https://idov31.github.io/posts/hypervisor-based-defense
Submitted March 16, 2026 at 08:46PM by Idov31
via reddit https://ift.tt/DAYt4Wl
Reddit
From the netsec community on Reddit: Hypervisor Based Defense
Posted by Idov31 - 0 votes and 0 comments
GlassWorm: Part 3. Wave 3 Windows payload, sideloaded Chrome extension, two additional wallets
https://ift.tt/Mg28mRv
Submitted March 16, 2026 at 08:30PM by Willing_Monitor5855
via reddit https://ift.tt/FXtviJo
https://ift.tt/Mg28mRv
Submitted March 16, 2026 at 08:30PM by Willing_Monitor5855
via reddit https://ift.tt/FXtviJo
Qihoo 360's AI Product Leaked the Platform's SSL Key, Issued by Its Own CA Banned for Fraud
https://ift.tt/OxJPMVE
Submitted March 17, 2026 at 12:24AM by LostPrune2143
via reddit https://ift.tt/8T2CthY
https://ift.tt/OxJPMVE
Submitted March 17, 2026 at 12:24AM by LostPrune2143
via reddit https://ift.tt/8T2CthY
blog.barrack.ai
Qihoo 360's AI Product Leaked the Platform's SSL Key, Issued by Its Own CA Banned for Fraud | Barrack AI
Qihoo 360 shipped the wildcard SSL private key for *.myclaw.360.cn inside its AI assistant installer. The certificate was issued by WoTrus CA, Qihoo 360's own subsidiary, previously distrusted by Chrome, Firefox, and Safari under its former name WoSign for…
How to Apply VXLAN-GBP Encapsulation to PCAP Files Using PacketSmith
https://ift.tt/VDtKdJQ
Submitted March 17, 2026 at 03:35AM by MFMokbel
via reddit https://ift.tt/FqIawmG
https://ift.tt/VDtKdJQ
Submitted March 17, 2026 at 03:35AM by MFMokbel
via reddit https://ift.tt/FqIawmG
BIGO Ads Deploys C2-Style Infrastructure to Survive Domain Bans. Here's the Decrypted Config.
https://ift.tt/42dPRop
Submitted March 17, 2026 at 05:41AM by AdTemporary2475
via reddit https://ift.tt/F5Qt8Zf
https://ift.tt/42dPRop
Submitted March 17, 2026 at 05:41AM by AdTemporary2475
via reddit https://ift.tt/F5Qt8Zf
Buchodi's Threat Intel
BIGO Ads Deploys C2-Style Infrastructure to Survive Domain Bans. Here's the Decrypted Config.
The BIGO Ads SDK ships with an encrypted configuration file that maps out a global network of ad-serving domains, backup hosts, and failover infrastructure. The file is AES-encrypted with a hardcoded key, served from Alibaba Cloud, and designed to make the…
Offensive Cases about Credential Guard & Detection Strategies
https://ift.tt/fbkEZtO
Submitted March 17, 2026 at 06:22PM by netbiosX
via reddit https://ift.tt/JK2jVXY
https://ift.tt/fbkEZtO
Submitted March 17, 2026 at 06:22PM by netbiosX
via reddit https://ift.tt/JK2jVXY
Purple Team
Credential Guard
Microsoft introduced Credential Guard in Windows 10 (2015) and Windows Server 2016 to prevent credential harvesting from the LSASS process that was abused for years by threat actors. Microsoft used…
Built a self-hosted email threat daemon: IMAP IDLE + multi-stage enrichment (SPF/DKIM/DMARC/DNSBL/WHOIS/URLhaus/VirusTotal) + provider-agnostic LLM verdict — write-up
https://ift.tt/njRoYIW
Submitted March 17, 2026 at 06:16PM by Low_Elk_7307
via reddit https://ift.tt/dMFLKTE
https://ift.tt/njRoYIW
Submitted March 17, 2026 at 06:16PM by Low_Elk_7307
via reddit https://ift.tt/dMFLKTE
Scarolas
Development Projects - Scarolas.com
Open-source development projects by Anthony Scarola — C64UX and VerdictMail.
Reversing the FT100 BLE fitness bracelet
https://ift.tt/EBQN5OS
Submitted March 17, 2026 at 07:17PM by coscoscoscoscos
via reddit https://ift.tt/FWsi85P
https://ift.tt/EBQN5OS
Submitted March 17, 2026 at 07:17PM by coscoscoscoscos
via reddit https://ift.tt/FWsi85P
Lessonsec
Reversing the FT100 BLE Fitness Bracelet
Personal blog on cybersecurity, harware hacking and security research.
From Enumeration to Findings: The Security Findings Report in EntraFalcon
https://ift.tt/eiIRGko
Submitted March 17, 2026 at 07:59PM by GonzoZH
via reddit https://ift.tt/Z1yCO5M
https://ift.tt/eiIRGko
Submitted March 17, 2026 at 07:59PM by GonzoZH
via reddit https://ift.tt/Z1yCO5M
GlassWorm Part 4 -- 24h after samples made live: DLL injection, Chrome hijacking via COM abuse, and the full supply chain loop confirmed
https://ift.tt/oGjq6W8
Submitted March 17, 2026 at 08:30PM by Willing_Monitor5855
via reddit https://ift.tt/zdqiEm5
https://ift.tt/oGjq6W8
Submitted March 17, 2026 at 08:30PM by Willing_Monitor5855
via reddit https://ift.tt/zdqiEm5
Now You See mi: Now You're Pwned
https://ift.tt/uKGndOc
Submitted March 17, 2026 at 10:08PM by AlmondOffSec
via reddit https://ift.tt/tI9PvHQ
https://ift.tt/uKGndOc
Submitted March 17, 2026 at 10:08PM by AlmondOffSec
via reddit https://ift.tt/tI9PvHQ
labs.taszk.io
Now You See mi: Now You're Pwned
Exploiting and jailbreaking Xiaomi Home Security Smart Cameras
Detect Malicious .ip6.arpa TLD Reverse DNS Zone Response Packets using PacketSmith Yara-X Detection Module
https://ift.tt/MEyWPpj
Submitted March 17, 2026 at 09:59PM by MFMokbel
via reddit https://ift.tt/sQ295R3
https://ift.tt/MEyWPpj
Submitted March 17, 2026 at 09:59PM by MFMokbel
via reddit https://ift.tt/sQ295R3
Credential Guard - Control Validation
https://ift.tt/fbkEZtO
Submitted March 17, 2026 at 09:37PM by netbiosX
via reddit https://ift.tt/r3wbMFE
https://ift.tt/fbkEZtO
Submitted March 17, 2026 at 09:37PM by netbiosX
via reddit https://ift.tt/r3wbMFE
Purple Team
Credential Guard
Microsoft introduced Credential Guard in Windows 10 (2015) and Windows Server 2016 to prevent credential harvesting from the LSASS process that was abused for years by threat actors. Microsoft used…
CVE-2025-59284: How reading a gnu manpage led to a Windows NetNTLM phishing exploit
https://ift.tt/NKvthDu
Submitted March 18, 2026 at 01:04AM by Jaded_Unit_1223
via reddit https://ift.tt/3aoE4Pg
https://ift.tt/NKvthDu
Submitted March 18, 2026 at 01:04AM by Jaded_Unit_1223
via reddit https://ift.tt/3aoE4Pg