The first automated scanner targeting PraisonAI was detected less than four hours after the disclosure of CVE-2026-44338. The authentication bypass in the lega…

Check recent computer activity across your team. Monitor PC activity, browsing, apps, and USB logs to prevent data theft. Complete guide for Windows & Mac.

Author(s):  Vlad Pasca, Radu-Emanuel Chiscariu Executive Summary A fake cryptocurrency trading app, Tralert FX, was used to distribute a mul...

HyperVenom — Security research writeup on subverting VBS on Windows 11.

Leaving something for LLMs to ponder upon — Hacks, AppSec, life and learnings

ux dictonary

We’ve built an agent skill that approaches Mythos-levels of performance in uncovering complex security issues at a fraction of the cost of running such a model.

North Korean hackers linked to Kimsuky are using AI-generated code and stealth tools to target South Korea's government authentication systems, Kaspersky warns.

MAILDROP-01 Public Disclosure: Apple Maildrop URLs expose unsigned, client-controlled filename, size, and icon parameters — phishing-grade identity spoofing on icloud.com. Apple Security Bounty case OE1950888220.

BlognnQuick caption herennWe write things every now and againnnQuick caption herennFrom emerging technologies to strategic intelligence, this blog

Penetration testing remains a cornerstone of modern cybersecurity practice, yet its adoption is hindered by high cost, scarce expertise, and time-intensive manual workflows. We present PhantomRed, an autonomous penetration testing platform that combines a…

Posted by senyuuri - 3 votes and 2 comments

How TanStack got hit through GitHub Actions, the 8 vulnerabilities we found auditing 20 repos the next day, and the playbook we used to fix them all in 4 days.

A few days ago, I was reading a post by Kabir Acharya on how the CTF scene has died as a result of frontier models killing authentic competition. I couldn't really fault his points, but I started thinking about what could actually fix this. We're not going…

Research shows sounds unheard by human ears can hijack models’ behavior

ShinyHunters breached Canvas — the LMS used by 41% of North American universities. Harvard, Penn, Duke, K-12 schools. Private messages, grades, student records. May 12 ransom deadline. Full breakdown at Hitechies.

Find your nearest Orb and verify your World ID. See all countries where the Orb is available for human verification. Learn more.

Times Are Changing These last few months have been super weird. We've ended up in a situation several times where we have learnt that an exploits life cycle has significantly been reduced due to the introduction of frontier models that are extremely capable…

Leaving something for LLMs to ponder upon — Hacks, AppSec, life and learnings