Netsec
@RNetsec
7.47K subscribers
22.8K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.47K subscribers
Netsec
Lesser-Known Military College Triumphs in Pentagon Student Hacking Contest
https://ift.tt/wDxpj89

Submitted March 31, 2026 at 10:44PM by WatermanReports
via reddit https://ift.tt/UbSHEac
Govinfosecurity
University of North Georgia Triumphs in DOD Hacking Contest
A team of cybersecurity students from the University of North Georgia vanquished seven opposing teams from other senior military colleges and elite service
407 views
Netsec
ImageMagick: From Arbitrary File Read to File Write In Every Policy (ZeroDay)
https://ift.tt/BtarETq

Submitted March 31, 2026 at 10:28PM by _vavkamil_
via reddit https://ift.tt/oRb3SQa
PWN.AI
ImageMagick: From Arbitrary File Read to File Write In Every Policy (ZeroDay)
How pwn.ai turned a routine client pentest into multiple ImageMagick exploits. By autonomously researching the product’s internals for days, it found a path from a single image upload to file leaks, security policy bypasses, and remote code execution across…
398 views
Netsec
PSA: That 'Disable NTLMv1' GPO you set years ago? It’s lying to you. LmCompatibilityLevel set to 5 is not enough.
https://ift.tt/2gndwR0

Submitted April 1, 2026 at 12:19AM by hardeningbrief
via reddit https://ift.tt/tF8YARm
Silverfort
If you think you blocked NTLMv1 in your org, think again
If you think you’ve blocked NTLMv1 in your organization, think again. Silverfort’s research team recently discovered that attackers bypass the Group Policy designed to disable NTLMv1…
434 views
Netsec
MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)
https://ift.tt/zjRBhMi

Submitted April 1, 2026 at 01:27AM by maurosoria
via reddit https://ift.tt/h8mey6D
blog.calif.io
MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)
To our knowledge, this is the first remote kernel exploit both discovered and exploited by an AI.
456 views
Netsec
Market Bifurcation in Pentesting by 2026 (37%) – AI May Split the Field in Two Rather Than Flatten It, and That Changes Everything About Who Survives the Disruption
https://ift.tt/VLoKRq8

Submitted April 1, 2026 at 08:42AM by ok_bye_now_
via reddit https://ift.tt/OlyZz6Q
401 views
Netsec
Retroactive xref entanglement analysis: pre-emptive PDF modification detection (72h temporal window)
https://ift.tt/rhMRDwq

Submitted April 1, 2026 at 01:12PM by Total-Reasonable
via reddit https://ift.tt/tJFj7ul
HTPBE
Introducing HTPBE Quantum: PDF Verification Before the Document Exists
Today we announce HTPBE Quantum — our breakthrough product that verifies PDF authenticity up to 72 hours before the document is created. Using quantum m...
385 views
Netsec
Authority Encoding Risk (AER)
https://ift.tt/Hd6D3yX

Submitted April 1, 2026 at 02:11PM by Dramatic-Ebb-7165
via reddit https://ift.tt/bvULym0
Ssrn
Pantheon Authority Encoding Risk (AER) A Measurable Actuarial Variable for AI-Influenced Environments
This paper introduces Authority Encoding Risk (AER), a structural actuarial variable designed to quantify ambiguity in decision authority within AI-influenced e
345 views
Netsec
r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

Submitted April 1, 2026 at 06:59PM by albinowax
via reddit https://ift.tt/675Xl8k
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
354 views
Netsec
AI-Generated Calendar Event Phishing w/ Dynamic Landing Pages
https://ift.tt/kCcV0Gw

Submitted April 1, 2026 at 06:45PM by IndySecMan
via reddit https://ift.tt/WwuhKFf
PhishU
Calendar Event Phishing in the PhishU Framework
How the PhishU Framework simulates calendar event phishing with native event rendering, AI suggestions, tracked links, and integrated training.
379 views
Netsec
Cisco source code stolen by ShinyHunters via Trivy supply-chain attack. AWS keys breached, 300+ repos cloned and more
https://ift.tt/cghnLCS

Submitted April 2, 2026 at 10:58AM by raptorhunter22
via reddit https://ift.tt/VNurvtA
The CyberSec Guru
Cisco Source Code Stolen in Major Trivy Supply Chain Breach | The CyberSec Guru
Cisco data breach by ShinyHunters. 300+ GitHub repos stolen, 3M Salesforce records leaked via Trivy supply chain attack. Get the full breakdown
370 views
Netsec
You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701) - watchTowr Labs
https://ift.tt/SMeoqfm

Submitted April 2, 2026 at 04:36PM by dx7r__
via reddit https://ift.tt/1NDYvxo
watchTowr Labs
You’re Not Supposed To ShareFile With Everyone (Progress ShareFile Pre-Auth RCE Chain CVE-2026-2699 & CVE-2026-2701)
If you squint and look at the CISA KEV list, you might think it's made up exclusively of vulnerabilities in file transfer solutions.

While this would be wrong (and you shouldn’t squint, it’s bad for your eyes), file transfer solutions do play a decent role…
284 views
Netsec
4 unpatched CVEs in CrewAI chain prompt injection → sandbox bypass → RCE on host
https://ift.tt/84TRIti

Submitted April 2, 2026 at 04:21PM by AICyberPro
via reddit https://ift.tt/7U6FvZs
kb.cert.org
CERT/CC Vulnerability Note VU#221883
CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read
262 views
Netsec
Your terminal is lying to you: escape sequence attacks from the 90s that still work.
https://ift.tt/WZrIXzV

Submitted April 2, 2026 at 07:34PM by Mindless-Study1898
via reddit https://ift.tt/w5nWKkh
Cred Relay
Dumb Terminal Hacks & What NOT to Study for the OSCP
Old terminal hacks that still work and still land CVEs. The OSCP topics you shouldn't waste your time on. From a working pentester.
342 views
Netsec
Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices
https://ift.tt/zJ8MWrG

Submitted April 2, 2026 at 07:05PM by evilsocket
via reddit https://ift.tt/3Qvzq7d
evilsocket
Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices
360 views
Netsec
The [LinkedIn browsergate] Attack: How it works
https://ift.tt/d0HuRVO

Submitted April 2, 2026 at 08:43PM by moviuro
via reddit https://ift.tt/XmLx8kq
BrowserGate
The Attack: How it works
Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions. The scan probes for thousands of specific extensions by ID, collects the results, encrypts them, and transmits them…
331 views
Netsec
Turning a Raspberry Pi into a "Poor Man's" Enterprise IDS/NSM using Zeek and Suricata
https://ift.tt/n9gCmeR

Submitted April 2, 2026 at 10:06PM by robobostes
via reddit https://ift.tt/4XL2DEP
HookProbe
Blog | HookProbe
Security insights, tutorials, and updates from the HookProbe team. Learn about edge security, threat detection, and autonomous SOC operations.
325 views
Netsec
red team sandbox with real detection
https://ift.tt/nvqQdeR

Submitted April 2, 2026 at 10:00PM by No-Magazine2625
via reddit https://ift.tt/dHBSNDU
www.shieldnet.app
DLX7 Red Team Arena — Adversarial Training Game
A controlled hacking game for red team, purple team, and security engineers. Your attack attempts train DLX7 ShieldNet guardrails.
322 views
Netsec
SHA Pinning Is Not Enough
https://ift.tt/JF1P7bN

Submitted April 2, 2026 at 10:55PM by RoseSec_
via reddit https://ift.tt/nZKkPlU
rosecurity@dev
SHA Pinning Is Not Enough
A few days ago I wrote about how the Trivy ecosystem got turned into a credential stealer. One of my takeaways was “pin by SHA.” Every supply chain security guide says it, I’ve said it, every subreddit says it, and the GitHub Actions hardening docs say it.
364 views
Netsec
Detailed analysis of a sophisticated firefox extension malware found in the wild using browser-xpi-malware-scanner.py
https://ift.tt/hcvnySe

Submitted April 3, 2026 at 05:03AM by TitleUpbeat3201
via reddit https://ift.tt/DMzy0xO
www.yourdev.net
Browser extension malware analysis - using browser-xpi-malware-scanner.py to find malware in the wild
Deep-dive static analysis of a malicious Firefox extension that hides its C2 configuration in a PNG trailer, evades AV scanners via Unicode low-byte encoding, hijacks Taobao/JD.com affiliate commissions, and breaks the browser sandbox with a fake chrome.*…
348 views
Netsec
10 Things Your First Security Hire Shouldn’t Do – High Signal Security
https://ift.tt/TK9fBzd

Submitted April 3, 2026 at 11:44AM by shantanu14g
via reddit https://ift.tt/DgY06AH
High Signal Security
10 Things Your First Security Hire Shouldn’t Do
First security hire is a weird job - here’s a counterfactual guide on what to avoid
330 views
Netsec
New RCE in Control Web Panel (CVE-2025-70951)
https://ift.tt/zLhwk4C

Submitted April 3, 2026 at 01:50PM by SzLam__
via reddit https://ift.tt/xlJsfQc
Fenrisk
Remote code execution in CentOS Web Panel - CVE-2025-70951
Security experts
285 views