The Recent 0-Days in Node.js and React Were Found by an AI
https://ift.tt/Abi78oa
Submitted February 03, 2026 at 09:43AM by mufeedvh
via reddit https://ift.tt/vqoFyN4
https://ift.tt/Abi78oa
Submitted February 03, 2026 at 09:43AM by mufeedvh
via reddit https://ift.tt/vqoFyN4
Winfunc
The Recent 0-Days in Node.js and React Were Found by an AI | winfunc
In December 2025 and January 2026, an AI system autonomously discovered zero-day vulnerabilities in Node.js and React, two of the most widely deployed JavaScrip...
Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport)
https://ift.tt/Nph9dQR
Submitted February 03, 2026 at 01:54PM by gid0rah
via reddit https://ift.tt/8Kp5Xre
https://ift.tt/Nph9dQR
Submitted February 03, 2026 at 01:54PM by gid0rah
via reddit https://ift.tt/8Kp5Xre
blog.offensive.af
Exploiting CVE-2025-49825
Teleport authentication bypass
How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS
https://clearbluejar.github.io/posts/how-llms-feed-your-re-habit-following-the-uaf-trail-in-clfs/
Submitted February 03, 2026 at 08:31PM by onlinereadme
via reddit https://ift.tt/1gfDECn
https://clearbluejar.github.io/posts/how-llms-feed-your-re-habit-following-the-uaf-trail-in-clfs/
Submitted February 03, 2026 at 08:31PM by onlinereadme
via reddit https://ift.tt/1gfDECn
clearbluejar
How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS
Dive into how LLMs and pyghidra-mcp accelerate reverse engineering by tracing a UAF vulnerability in CLFS through a patch diff.
10 SSO providers and solutions compared for 2026
https://ift.tt/uwVR853
Submitted February 03, 2026 at 08:01PM by Main-Perspective3235
via reddit https://ift.tt/ZpGyTnj
https://ift.tt/uwVR853
Submitted February 03, 2026 at 08:01PM by Main-Perspective3235
via reddit https://ift.tt/ZpGyTnj
Scalefusion
10 Best SSO Providers & Solutions in 2026
Here's a quick rundown of the top 10 SSO providers in 2026, offering a glimpse into their strengths. Explore one of the best SSO Solutions!
GatewayToHeaven: Finding a Cross-Tenant Vulnerability in Google Cloud's Apigee
https://ift.tt/s7Iw8ET
Submitted February 02, 2026 at 07:25PM by omerhacking
via reddit https://ift.tt/sGfpr8O
https://ift.tt/s7Iw8ET
Submitted February 02, 2026 at 07:25PM by omerhacking
via reddit https://ift.tt/sGfpr8O
Omeramiad
GatewayToHeaven: Finding a Cross-Tenant Vulnerability in GCP's Apigee | Omer Amiad's Blog
A technical step-by-step writeup about finding CVE-2025-13292, a cross-tenant vulnerability in Google Cloud's Apigee. This vulnerability allowed an attacker to gain read/write access to verbose cross-tenant access logs and analytics data that could contain…
Auditing Outline. Firsthand lessons from comparing manual testing and AI security platforms
https://ift.tt/Cm4sZ6l
Submitted February 03, 2026 at 10:16PM by nibblesec
via reddit https://ift.tt/NvnFP3O
https://ift.tt/Cm4sZ6l
Submitted February 03, 2026 at 10:16PM by nibblesec
via reddit https://ift.tt/NvnFP3O
Doyensec
Auditing Outline. Firsthand lessons from comparing manual testing and AI security platforms
In July 2025, we performed a brief audit of Outline - an OSS wiki similar in many ways to Notion. This activity was meant to evaluate the overall posture of the application, and involved two researchers for a total of 60 person-days. In parallel, we thought…
Fighting AI anomaly false-positives with firejail and proxychains
https://ift.tt/tjoqaHb
Submitted February 03, 2026 at 10:06PM by maltfield
via reddit https://ift.tt/F2NKkRx
https://ift.tt/tjoqaHb
Submitted February 03, 2026 at 10:06PM by maltfield
via reddit https://ift.tt/F2NKkRx
Michael Altfield's Tech Blog
Persistent, Sandboxed, Single-Site Browser (firejail and proxychains) - Michael Altfield's Tech Blog
Or how to avoid getting locked-out of another Google Account This guide will describe how to setup a persistent browser (for Evil Corp) that’s isolated in a sandbox (with firejail) and forced to use a SOCKS5 proxy to retain a static IP address (using proxychains)…
My book is about a corporate IT analyst who gets caught up in an illegal debt collection scheme through an anonymized encrypted device. It’s currently free on Amazon for educational purposes
https://ift.tt/VsiGZzQ
Submitted February 04, 2026 at 11:50AM by Legitimate_Pride_746
via reddit https://ift.tt/LO6QDUr
https://ift.tt/VsiGZzQ
Submitted February 04, 2026 at 11:50AM by Legitimate_Pride_746
via reddit https://ift.tt/LO6QDUr
Goodreads
You Have The Right To Remain Violent
Discover and share books you love on Goodreads.
Kernel-Level Stealthy Observation of TTY Streams
https://ift.tt/Ihv6KQs
Submitted February 04, 2026 at 11:22PM by thnew_mammoth
via reddit https://ift.tt/fhKg1Wq
https://ift.tt/Ihv6KQs
Submitted February 04, 2026 at 11:22PM by thnew_mammoth
via reddit https://ift.tt/fhKg1Wq
Cybervelia
Kernel-Level Stealthy Observation of TTY Streams
TTY Subsystem Interposition for Covert Operations
Julius - Open Source LLM Service Fingerprinting Tool
https://ift.tt/lVmL6Rg
Submitted February 05, 2026 at 03:17AM by Praetorian_Security
via reddit https://ift.tt/LBZKFU4
https://ift.tt/lVmL6Rg
Submitted February 05, 2026 at 03:17AM by Praetorian_Security
via reddit https://ift.tt/LBZKFU4
Praetorian
Introducing Julius: Open Source LLM Service Fingerprinting
Explore LLM fingerprinting and its role in exposing vulnerable Ollama servers online to unauthorized access risks.
2026: New N8N RCE Deep Dive into CVE-2026-25049
https://ift.tt/QWGmk86
Submitted February 05, 2026 at 03:37AM by appsec1337
via reddit https://ift.tt/SU2VEqT
https://ift.tt/QWGmk86
Submitted February 05, 2026 at 03:37AM by appsec1337
via reddit https://ift.tt/SU2VEqT
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
A Deep Dive into CVE-2026-25049: n8n Remote Code Execution
Authors: BugDazz AI Research TeamPublication Date: February 04, 2026Severity Rating: Critical (CVSS Score: 9.4)Vulnerability Status: Zero-day at time of discovery We discovered a critical...
Recreating uncensored Epstein PDFs from raw encoded attachments... or trying to, anyway
https://ift.tt/WeKwDJE
Submitted February 05, 2026 at 05:02AM by mqudsi
via reddit https://ift.tt/I8ymnZh
https://ift.tt/WeKwDJE
Submitted February 05, 2026 at 05:02AM by mqudsi
via reddit https://ift.tt/I8ymnZh
The NeoSmart Files
Recreating uncensored Epstein PDFs from raw encoded attachments
There have been a lot of complaints about both the competency and the logic behind the latest Epstein archive release by the DoJ: from censoring the names of co-conspirators to censoring pictures o…
CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41)
https://ift.tt/oyJLOYe
Submitted February 05, 2026 at 12:23PM by Advanced_Rough8330
via reddit https://ift.tt/QsO19zX
https://ift.tt/oyJLOYe
Submitted February 05, 2026 at 12:23PM by Advanced_Rough8330
via reddit https://ift.tt/QsO19zX
Rainpwn
CVE-2025-11730: Remote Code Execution via DDNS configuration in ZYXEL ATP/USG Series (V5.41)
A critical vulnerability in Zyxel firewalls, allows remote command execution with root privileges through improper input sanitization in the Dynamic DNS (DDNS) configuration. By injecting shell commands into a user-controlled URL parameter, an authenticated…