EDRChoker: Choking The Telemetry Stream to Bypass Defenses
https://ift.tt/icqAOER
Submitted June 7, 2026 at 03:30PM by Cold-Dinosaur
via reddit https://ift.tt/BbmqoaS
https://ift.tt/icqAOER
Submitted June 7, 2026 at 03:30PM by Cold-Dinosaur
via reddit https://ift.tt/BbmqoaS
Zerosalarium
EDRChoker: Choking The Telemetry Stream to Bypass Defenses
EDRChoker redteam tool uses Policy-based QoS - pacer.sys to set throttling on EDR agents, causing them to always time out, effectively blocking them
CVE-2026-46640: Developing payloads for Twig sandbox bypass
https://gist.github.com/vladko312/39507beaa58eacf3b62e6a6e6cd69128
Submitted June 7, 2026 at 05:35AM by vladko312
via reddit https://ift.tt/W3pudRf
https://gist.github.com/vladko312/39507beaa58eacf3b62e6a6e6cd69128
Submitted June 7, 2026 at 05:35AM by vladko312
via reddit https://ift.tt/W3pudRf
Gist
This research documents my development of payloads for the CVE-2026-46640.
This research documents my development of payloads for the CVE-2026-46640. - CVE-2026-46640 writeup.md
Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it
https://web-production-6e47f.up.railway.app/demo
Submitted June 8, 2026 at 06:51PM by Turbulent-Tap6723
via reddit https://ift.tt/ywISjGd
https://web-production-6e47f.up.railway.app/demo
Submitted June 8, 2026 at 06:51PM by Turbulent-Tap6723
via reddit https://ift.tt/ywISjGd
Reddit
From the netsec community on Reddit: [ Removed by moderator ]
Posted by Turbulent-Tap6723 - 1 vote and 1 comment
AI Agents May Always Fall for Prompt Injections
https://ift.tt/9w8LYNF
Submitted June 9, 2026 at 11:52AM by User_Deprecated
via reddit https://ift.tt/5nH4qbs
https://ift.tt/9w8LYNF
Submitted June 9, 2026 at 11:52AM by User_Deprecated
via reddit https://ift.tt/5nH4qbs
arXiv.org
AI Agents May Always Fall for Prompt Injections
Prompt injection is the most critical vulnerability in deployed AI agents. Despite recent progress, we show that the prevailing defense paradigm (data-instruction separation) both fails to detect...
I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information
https://ift.tt/q03UOrg
Submitted June 9, 2026 at 12:57PM by Magnese1625
via reddit https://ift.tt/mXnbBuO
https://ift.tt/q03UOrg
Submitted June 9, 2026 at 12:57PM by Magnese1625
via reddit https://ift.tt/mXnbBuO
I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue
https://ift.tt/Ln5i16Z
Submitted June 9, 2026 at 03:20PM by Huge-Skirt-6990
via reddit https://ift.tt/4HUQh2B
https://ift.tt/Ln5i16Z
Submitted June 9, 2026 at 03:20PM by Huge-Skirt-6990
via reddit https://ift.tt/4HUQh2B
malext.io
SearchJack: How 23 Browser Extensions Silently Monetize ~758,000 Users' Searches — MalExt Sentry
Threat intelligence report: SearchJack. Research by MalExt Sentry.
WinGet - Code Execution, Persistence and Detection Strategies
https://ift.tt/B9l0OZr
Submitted June 9, 2026 at 05:52PM by netbiosX
via reddit https://ift.tt/IrXzKwB
https://ift.tt/B9l0OZr
Submitted June 9, 2026 at 05:52PM by netbiosX
via reddit https://ift.tt/IrXzKwB
Purple Team
WinGet
WinGet also known as Windows Package Manager, is Microsoft’s command-line for discovering, installing, upgrading, configuring, and removing applications on Windows. It is commonly used by Adm…
X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection
https://ift.tt/erb73hg
Submitted June 9, 2026 at 06:49PM by GlitteringOwl6669
via reddit https://ift.tt/pmcBXvG
https://ift.tt/erb73hg
Submitted June 9, 2026 at 06:49PM by GlitteringOwl6669
via reddit https://ift.tt/pmcBXvG
GitLab
jacquesmyo / security-findings · GitLab
Entra Agent ID from a Security Perspective
https://ift.tt/GB85jJh
Submitted June 9, 2026 at 07:32PM by GonzoZH
via reddit https://ift.tt/PlizVsN
https://ift.tt/GB85jJh
Submitted June 9, 2026 at 07:32PM by GonzoZH
via reddit https://ift.tt/PlizVsN
Apple’s Siri-AI, or more shouting into the void about “private” agents
https://ift.tt/JMuqG21
Submitted June 10, 2026 at 12:33AM by feross
via reddit https://ift.tt/TMKczBt
https://ift.tt/JMuqG21
Submitted June 10, 2026 at 12:33AM by feross
via reddit https://ift.tt/TMKczBt
A Few Thoughts on Cryptographic Engineering
The future of Siri, or: why private inference isn’t private enough
Yesterday Apple announced a big step towards deploying real AI in their Siri ecosystem. In most ways this is good and inevitable: Siri is one of the world’s most widely-used voice agents, and…
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs
https://ift.tt/7ZdGFQR
Submitted June 10, 2026 at 06:24AM by dx7r__
via reddit https://ift.tt/aEpHUCq
https://ift.tt/7ZdGFQR
Submitted June 10, 2026 at 06:24AM by dx7r__
via reddit https://ift.tt/aEpHUCq
watchTowr Labs
More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520)
Today, Ivanti published an advisory.
“No way?” we hear you say. "Yes way!"
Today’s advisory outlines two vulnerabilities in Ivanti’s Sentry product, appealing directly to our inner desire for sophisticated server-side, pre-authenticated vulnerabilities.…
“No way?” we hear you say. "Yes way!"
Today’s advisory outlines two vulnerabilities in Ivanti’s Sentry product, appealing directly to our inner desire for sophisticated server-side, pre-authenticated vulnerabilities.…
Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam
https://ift.tt/x7HaFVo
Submitted June 10, 2026 at 12:00PM by AnimalStrange
via reddit https://ift.tt/IknKxGP
https://ift.tt/x7HaFVo
Submitted June 10, 2026 at 12:00PM by AnimalStrange
via reddit https://ift.tt/IknKxGP
Elttam
Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam
Three critical vulnerabilities in Jupyter Enterprise Gateway allow a notebook user to escalate privileges and fully compromise the underlying Kubernetes cluster.
BlackSun - Defender for Endpoint on macOS
https://ift.tt/Na2QyX9
Submitted June 10, 2026 at 01:34PM by More-Protection-821
via reddit https://ift.tt/BKMJhaY
https://ift.tt/Na2QyX9
Submitted June 10, 2026 at 01:34PM by More-Protection-821
via reddit https://ift.tt/BKMJhaY
www.bountyy.fi
BlackSun · CVE-2026-45647
wdavdaemon, the privileged Microsoft Defender daemon on macOS, restores quarantined files without revalidating the recorded path at restore time. Plant a file, let it be quarantined, then swap its parent directory for a symlink to a privileged location. The…
GhostTrace – a Windows forensic scanner that finds what "Uninstall" leaves behind (22 modules, read-only, offline)
https://ift.tt/0YciClw
Submitted June 10, 2026 at 12:44PM by Green-Necessary-2325
via reddit https://ift.tt/rTxzVLF
https://ift.tt/0YciClw
Submitted June 10, 2026 at 12:44PM by Green-Necessary-2325
via reddit https://ift.tt/rTxzVLF
certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA"
https://ift.tt/ZYsOKUF
Submitted June 10, 2026 at 02:14PM by treenaks
via reddit https://ift.tt/wTZG6IA
https://ift.tt/ZYsOKUF
Submitted June 10, 2026 at 02:14PM by treenaks
via reddit https://ift.tt/wTZG6IA
bugzilla.mozilla.org
2046230 - certSIGN: Inconsistent revocation status (CRL "revoked" vs OCSP "good") for intermediate CA "certSIGN Web CA"
ASSIGNED (gabriel.petcu) in CA Program - CA Certificate Compliance. Last updated 2026-06-10.
How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026
https://ift.tt/ELMwHuF
Submitted June 10, 2026 at 05:21PM by Sumsub_Insights
via reddit https://ift.tt/2OJBrF9
https://ift.tt/ELMwHuF
Submitted June 10, 2026 at 05:21PM by Sumsub_Insights
via reddit https://ift.tt/2OJBrF9
Sumsub
How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026
Discover how fraudsters attack facial recognition with deepfakes and spoofing, and how liveness detection helps stop biometric attacks.
FedRAMP Penetration Testing: How to Pass Your ATO Review and Get Cloud Authorized Faster
https://ift.tt/m1PnDxu
Submitted June 10, 2026 at 05:17PM by socketzora
via reddit https://ift.tt/q3ZazO7
https://ift.tt/m1PnDxu
Submitted June 10, 2026 at 05:17PM by socketzora
via reddit https://ift.tt/q3ZazO7
stealthnet.ai
FedRAMP Penetration Testing: How to Pass Your ATO Review and Get Cloud Authorized Faster | StealthNet AI
FedRAMP penetration testing guide for cloud service providers. Learn what 3PAO assessors expect, how to scope the test, and get ATO-ready in 48 hours.
We post-trained a model for offensive security instead of teaching it to refuse
https://ift.tt/FzaUjXk
Submitted June 10, 2026 at 09:26PM by greatness_only12
via reddit https://ift.tt/9U0vBmH
https://ift.tt/FzaUjXk
Submitted June 10, 2026 at 09:26PM by greatness_only12
via reddit https://ift.tt/9U0vBmH
ArgusRed
cos — security scan and pen test · ArgusRed
Two security tools in one CLI. Audit your code, or attack it. Same binary, two tabs.
Pre-auth XXE → HTTP SSRF on ArubaOS 8.13.2 closed as "theoretical / no valid PoC" despite TCP pcap, sshd localhost log, and internal port scan — documenting for community review
https://ift.tt/xye58Vn
Submitted June 11, 2026 at 12:24AM by Pale_Surround_3924
via reddit https://ift.tt/KkDQFHd
https://ift.tt/xye58Vn
Submitted June 11, 2026 at 12:24AM by Pale_Surround_3924
via reddit https://ift.tt/KkDQFHd
Netacoding | Cybersecurity, Assembly & Network Research
Pre-Authentication XXE → OOB SSRF in ArubaOS 8.13.2.0 (Port 32000)
A pre-authentication XXE injection on ArubaOS 8.13.2.0 port 32000 enables OOB SSRF. Confirmed via wire-level pcap and the controller's own sshd logs. Submitted to HPE Bugcrowd — closed as theoretical despite four evidence items.
Prompt injection: attacking the analyst's AI
https://ift.tt/1Ow2JGU
Submitted June 11, 2026 at 02:05PM by GrapefruitCool2078
via reddit https://ift.tt/Yj6XHkC
https://ift.tt/1Ow2JGU
Submitted June 11, 2026 at 02:05PM by GrapefruitCool2078
via reddit https://ift.tt/Yj6XHkC
Cleo by FlipFlow
Cleo by FlipFlow | AI Security Platform for Penetration Testers
Map auth flows, scan domains A-F, analyse HAR files, and auto-populate your asset inventory. The AI-native security workspace built for serious security work.
Hacking Google with A.I. for $500,000
https://ift.tt/ftxzuI2
Submitted June 11, 2026 at 04:04PM by rockin-Musicien49
via reddit https://ift.tt/UamBxeP
https://ift.tt/ftxzuI2
Submitted June 11, 2026 at 04:04PM by rockin-Musicien49
via reddit https://ift.tt/UamBxeP
Brutecat
Hacking Google with A.I. for $500,000
What happens when you unleash an AI across all of Google's infrastructure? 1,500 APIs, 3,600 keys, and $500,000 in bounties later, here's what I found.