Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild
https://ift.tt/SFEoZIA
Submitted June 2, 2026 at 08:34PM by vaizor
via reddit https://ift.tt/CDT1Nsi
https://ift.tt/SFEoZIA
Submitted June 2, 2026 at 08:34PM by vaizor
via reddit https://ift.tt/CDT1Nsi
Eye Research
Device Code Phishing Forensics: What We Learned Investigating BEC in the Wild
Device code phishing is scaling fast. We investigated real BEC cases to show how attackers abuse Microsoft’s login flow, why forensics get tricky, and how defenders can detect, block, and investigate these attacks in Entra ID, Sentinel, Conditional Access…
1-Click GitHub Token Stealing via a VSCode Bug
https://ift.tt/4pyB3hC
Submitted June 2, 2026 at 08:59PM by ammar2
via reddit https://ift.tt/kvr0COE
https://ift.tt/4pyB3hC
Submitted June 2, 2026 at 08:59PM by ammar2
via reddit https://ift.tt/kvr0COE
Ammar's Blog
1-Click GitHub Token Stealing via a VSCode Bug
My blog, mostly about programming
We Added a Detection Rule. We Were Not Expecting This.
https://ift.tt/PR3ZaOk
Submitted June 2, 2026 at 11:36PM by GelosSnake
via reddit https://ift.tt/dUzYiuw
https://ift.tt/PR3ZaOk
Submitted June 2, 2026 at 11:36PM by GelosSnake
via reddit https://ift.tt/dUzYiuw
Profero | Rapid-IR
We Added a Detection Rule. We Were Not Expecting This.
Claude Desktop launches its AI subprocess with --allow-dangerously-skip-permissions. We found the command line, reverse-engineered the architecture, and threat-modeled what an attacker could actually do inside that sandbox, including a prompt injection chain…
Using AI to Secure Its Generated Code Is a Ponzi Scheme
https://ift.tt/XY7iCAj
Submitted June 3, 2026 at 11:09AM by pi3ch
via reddit https://ift.tt/qe5C9R7
https://ift.tt/XY7iCAj
Submitted June 3, 2026 at 11:09AM by pi3ch
via reddit https://ift.tt/qe5C9R7
Pedram Hayati
Using AI to Secure Its Own Code Is a Ponzi Scheme
AI can tell you what your software does. It cannot tell you what your software must never do. So you should not rely on it
If I wrote my own financial audit report and handed it to you, would you give me a loan?
Most people would not. A self-certified audit…
If I wrote my own financial audit report and handed it to you, would you give me a loan?
Most people would not. A self-certified audit…
Golang code review notes II - elttam
https://ift.tt/j0IOT9J
Submitted June 3, 2026 at 12:11PM by AnimalStrange
via reddit https://ift.tt/P0CB9TL
https://ift.tt/j0IOT9J
Submitted June 3, 2026 at 12:11PM by AnimalStrange
via reddit https://ift.tt/P0CB9TL
Elttam
Golang code review notes II - elttam
Abusing iDEAL (Wero): how criminals weaponise legitimate payment links in phishing
https://ift.tt/GVtDph6
Submitted June 3, 2026 at 01:32PM by wez32
via reddit https://ift.tt/uTyCQRk
https://ift.tt/GVtDph6
Submitted June 3, 2026 at 01:32PM by wez32
via reddit https://ift.tt/uTyCQRk
Zolder
Abusing iDEAL (Wero): how criminals weaponise legitimate payment links in phishing - Zolder
During our security research we keep encountering the same iDEAL abuse pattern: criminals generate a real iDEAL payment link for their own purchases and trick victims into paying it. Here is how it works, why it is hard to prevent, and an open question for…
Hacking your PC using your speaker without ever touching it
https://ift.tt/qNIpxGy
Submitted June 3, 2026 at 04:24PM by nns_ee
via reddit https://ift.tt/g8WFrSZ
https://ift.tt/qNIpxGy
Submitted June 3, 2026 at 04:24PM by nns_ee
via reddit https://ift.tt/g8WFrSZ
blog.nns.ee
Pwnd Blaster: Hacking your PC using your speaker without ever touching it | nns.ee
Abusing an unauthenticated Bluetooth protocol to turn a PC speaker into a Rubber Ducky.
Interesting- What LLM vuln research looks like
https://ift.tt/72bXQay
Submitted June 3, 2026 at 06:03PM by derp6996
via reddit https://ift.tt/ZHsQPz6
https://ift.tt/72bXQay
Submitted June 3, 2026 at 06:03PM by derp6996
via reddit https://ift.tt/ZHsQPz6
Claroty
Hands Free: What LLM Driven Vulnerability Research Looks Like
Claroty Team82 researchers used Anthropic’s Claude Opus 4.6 AI model to uncover vulnerabilities in a popular video intercom platform manufactured by Zenitel. Team82 had already manually researched and disclosed five vulnerabilities in the TCIV-3+ model, a…
Season VI of the US Games launches TOMORROW!
https://ift.tt/OJruEi4
Submitted June 4, 2026 at 01:35AM by US_Cyber_Games
via reddit https://ift.tt/bGVN0Wi
https://ift.tt/OJruEi4
Submitted June 4, 2026 at 01:35AM by US_Cyber_Games
via reddit https://ift.tt/bGVN0Wi
Enter the WasmForge: Compiling Sliver into WebAssembly
https://ift.tt/SrcXPao
Submitted June 4, 2026 at 07:19PM by bouncyhat
via reddit https://ift.tt/hpe5zOV
https://ift.tt/SrcXPao
Submitted June 4, 2026 at 07:19PM by bouncyhat
via reddit https://ift.tt/hpe5zOV
Praetorian
Enter the WasmForge: Compiling Sliver into WebAssembly
Expose how compiling Sliver into WebAssembly beats EDR: WasmForge produces opsec-safe binaries with zero changes to the tool source.
Re:CACHE - Excessive reflection, type confusion, and 0-click SXSS on Next.js
https://zhero-web-sec.github.io/research-and-things/re-cache-excessive-reflection-type-confusion-and-0-click-sxss-on-nextjs
Submitted June 4, 2026 at 08:20PM by albinowax
via reddit https://ift.tt/zi6AQy2
https://zhero-web-sec.github.io/research-and-things/re-cache-excessive-reflection-type-confusion-and-0-click-sxss-on-nextjs
Submitted June 4, 2026 at 08:20PM by albinowax
via reddit https://ift.tt/zi6AQy2
Reddit
From the netsec community on Reddit: Re:CACHE - Excessive reflection, type confusion, and 0-click SXSS on Next.js
Posted by albinowax - 8 votes and 3 comments
Empty-ciphertext panic in aws-encryption-provider (CVD with AWS)
https://ift.tt/cpWFtzN
Submitted June 4, 2026 at 08:24PM by Sandwich_1337
via reddit https://ift.tt/4MIscT3
https://ift.tt/cpWFtzN
Submitted June 4, 2026 at 08:24PM by Sandwich_1337
via reddit https://ift.tt/4MIscT3
Syntetisk
Empty-ciphertext panic in aws-encryption-provider (CVD with AWS)
A two-byte gRPC request crashed AWS's Kubernetes KMS plugin. Coordinated disclosure with AWS VDP; fix merged as aws-encryption-provider#169.
System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models
https://clearbluejar.github.io/posts/system-over-model-tested-mythos-freebsd-local-openweight/
Submitted June 4, 2026 at 11:42PM by onlinereadme
via reddit https://ift.tt/kTcBKQ0
https://clearbluejar.github.io/posts/system-over-model-tested-mythos-freebsd-local-openweight/
Submitted June 4, 2026 at 11:42PM by onlinereadme
via reddit https://ift.tt/kTcBKQ0
clearbluejar
System Over Model, Tested: Reproducing Mythos’s FreeBSD Find on Local Open-Weight Models
Mythos found a 17-year-old FreeBSD RCE; AISLE reproduced it with gpt-5.4-nano via their nano-analyzer pipeline. I ran the pipeline on two local open-weight models, gpt-oss-20b and gemma-4-31b-it. The misses recovered on re-run. The real problem was the false…
Unauthenticated RCE as QSECOFR via IBM i Management Central — port 5555, client-controlled verify flag, no credentials required (V7R4 and earlier)
https://ift.tt/ifQ24dH
Submitted June 5, 2026 at 05:05PM by dn3t
via reddit https://ift.tt/SVun0JQ
https://ift.tt/ifQ24dH
Submitted June 5, 2026 at 05:05PM by dn3t
via reddit https://ift.tt/SVun0JQ
Silent Signal Techblog
Unauthenticated RCE as QSECOFR via IBM i Management Central
Because we can!
Seven Years on a Public Clipboard: Pasted Secrets, Türkiye's Exposure, and a Stored XSS
https://ift.tt/21IVA3g
Submitted June 5, 2026 at 06:27PM by thewhippersnapper4
via reddit https://ift.tt/6GCQV2U
https://ift.tt/21IVA3g
Submitted June 5, 2026 at 06:27PM by thewhippersnapper4
via reddit https://ift.tt/6GCQV2U
beyondmemory.io
Advanced Cyber Threat Intelligence | Beyond Memory
Unified threat intelligence platform combining dark web monitoring, stealer log analysis, and attack surface recon.
Keeping Secrets Out of Logs
https://ift.tt/lm8k5p0
Submitted June 5, 2026 at 08:05PM by fagnerbrack
via reddit https://ift.tt/qGif1Mj
https://ift.tt/lm8k5p0
Submitted June 5, 2026 at 08:05PM by fagnerbrack
via reddit https://ift.tt/qGif1Mj
allan.reyes.sh
Keeping Secrets Out of Logs
There's no silver bullet, but if we put some "lead" bullets in the right
places, we have a good shot at keeping sensitive data out of logs.
places, we have a good shot at keeping sensitive data out of logs.
Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption
https://ift.tt/ag08J2R
Submitted June 5, 2026 at 09:25PM by LowerGrand9303
via reddit https://ift.tt/mvulX9t
https://ift.tt/ag08J2R
Submitted June 5, 2026 at 09:25PM by LowerGrand9303
via reddit https://ift.tt/mvulX9t
paste.rs
Markdown | UkBmF | Rocket Powered Pastebin
a simple, no-frills, command-line driven
pastebin service powered by the Rocket web framework.
pastebin service powered by the Rocket web framework.
PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware
https://ift.tt/cKQaXoy
Submitted June 7, 2026 at 07:02AM by RefrigeratorLegal868
via reddit https://ift.tt/myCYQNd
https://ift.tt/cKQaXoy
Submitted June 7, 2026 at 07:02AM by RefrigeratorLegal868
via reddit https://ift.tt/myCYQNd
EDRChoker: Choking The Telemetry Stream to Bypass Defenses
https://ift.tt/icqAOER
Submitted June 7, 2026 at 03:30PM by Cold-Dinosaur
via reddit https://ift.tt/BbmqoaS
https://ift.tt/icqAOER
Submitted June 7, 2026 at 03:30PM by Cold-Dinosaur
via reddit https://ift.tt/BbmqoaS
Zerosalarium
EDRChoker: Choking The Telemetry Stream to Bypass Defenses
EDRChoker redteam tool uses Policy-based QoS - pacer.sys to set throttling on EDR agents, causing them to always time out, effectively blocking them
CVE-2026-46640: Developing payloads for Twig sandbox bypass
https://gist.github.com/vladko312/39507beaa58eacf3b62e6a6e6cd69128
Submitted June 7, 2026 at 05:35AM by vladko312
via reddit https://ift.tt/W3pudRf
https://gist.github.com/vladko312/39507beaa58eacf3b62e6a6e6cd69128
Submitted June 7, 2026 at 05:35AM by vladko312
via reddit https://ift.tt/W3pudRf
Gist
This research documents my development of payloads for the CVE-2026-46640.
This research documents my development of payloads for the CVE-2026-46640. - CVE-2026-46640 writeup.md
Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it
https://web-production-6e47f.up.railway.app/demo
Submitted June 8, 2026 at 06:51PM by Turbulent-Tap6723
via reddit https://ift.tt/ywISjGd
https://web-production-6e47f.up.railway.app/demo
Submitted June 8, 2026 at 06:51PM by Turbulent-Tap6723
via reddit https://ift.tt/ywISjGd
Reddit
From the netsec community on Reddit: [ Removed by moderator ]
Posted by Turbulent-Tap6723 - 1 vote and 1 comment