How the PhishU Framework simulates Microsoft Entra OAuth Consent Grant phishing with persistent token capture, live notifications and an interactive Token Explorer.

A high-level look at one-click transparent AiTM proxying, Google support, and Chrome heuristic evasion in the PhishU Framework.

PyPI package 'telnyx' versions 4.87.1 and 4.87.2 contain malware from threat actor TeamPCP. Malware runs on import, uses WAV steganography for payloads

Download redatcted_resume.pdf on LimeWire

Two medium-severity findings chained into full admin compromise on a SaaS pen test. Attack walkthrough, Docker PoC lab, and fixes.

6 specialized AI subagents for penetration testing. Plan engagements, analyze recon, research exploits, build detections, check STIGs, and write reports -- all through Claude Code.

We gave our AI agent admin access to production infrastructure. Then we tried to trick it into leaking everything. Here's what happened.

Sequels? Pain? We're obviously talking about Citrix NetScalers, yet again.

Welcome back to another watchTowr Labs blog post - pull up a chair, we always welcome new members to our group therapy sessions.

If you asked a C programmer what they most dislike…

How the PhishU Framework simulates Microsoft Entra device code phishing with silent token capture, live notifications, and Token Explorer follow-on actions.

Learn how attackers hide malware inside WAV audio files using steganography, based on the real-world TeamPCP supply chain campaign.

Today, we woke up with a nagging feeling: what if Citrix had, in fact, patched multiple Memory Overread vulnerabilities as part of CVE-2026-3055?

While we've been using our analysis from Part 1 (please read it first, as this post will be brief) to accurately…

AI middleware shouldn’t be a data drain. Cyera uncovers 3 critical LangChain vulnerabilities. See the research and learn how to patch your AI stack now.

Supply chain attacks cascade through ecosystems in ways traditional metrics hardly capture. GitGuardian evaluates the PCP Team incidents and finds damage spread to thousands of public targets.

Collaborative threat intelligence note-taking platform

Postural manipulation as a new attack class. Empirical record across four frontier models, propagation findings, six-layer defensive architecture. AG Davidson, 2026.

Break your AI agents before someone else does. Security scanning for system prompts, MCP servers, and AI coding agents.

A Claude Code Agent Dashboard

BeyondTrust Phantom Labs disclosed a critical command injection vulnerability in OpenAI Codex that allowed attackers to steal GitHub OAuth tokens through unsanitized branch names. The flaw affected ChatGPT, Codex CLI, SDK, and IDE extensions, and could scale…

Containers, VMs, and serverless were built for code you wrote. Agents write their own.

Axios NPM packages v1.14.1 and v0.30.4 compromised. Malicious plain-crypto-js@4.2.1 dependency injected. Full technical breakdown