Netsec
@RNetsec
7.5K subscribers
22.6K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.5K subscribers
Netsec
Bypassing Apache FOP Postscript Escaping to reach GhostScript
https://ift.tt/ea45gsC

Submitted February 27, 2026 at 05:59PM by AlmondOffSec
via reddit https://ift.tt/H5W81mY
452 views
Netsec
Twitch Ships Server-Side Eppo Keys in Its iOS App, Exposing Its Entire Product Roadmap
https://ift.tt/5E8iCB2

Submitted February 27, 2026 at 06:56PM by AdTemporary2475
via reddit https://ift.tt/8QbJeuK
Buchodi's Threat Intel
Twitch Ships Server-Side Eppo Keys in Its iOS App, Exposing Its Entire Product Roadmap
How a one-character configuration mistake turns feature flags into a competitive intelligence feed

The Twitch iOS application initializes the Eppo feature flagging SDK (now a Datadog product) using server-side SDK Keys instead of Client Tokens. This means…
461 views
Netsec
The Forgotten Bug: How a Node.js Core Design Flaw Enables HTTP Request Splitting
https://r3verii.github.io/cve/2026/02/27/nodejs-toctou.html

Submitted February 27, 2026 at 11:28PM by r3verii
via reddit https://ift.tt/rMp2wcY
CyberSec Notes
The Forgotten Bug: How a Node.js Core Design Flaw Enables HTTP Request Splitting
Deep dive into a TOCTOU vulnerability in Node.js’s ClientRequest.path that bypasses CRLF validation and enables Header Injection and HTTP Request Splitting across 7+ major HTTP libraries totaling 160M+ weekly downloads.
524 views
Netsec
I used MCP Ghidra and Claude Code to find 9 kernel driver vulnerabilities on my gaming laptop
https://ift.tt/Ud7Wzls

Submitted February 28, 2026 at 08:40PM by Mindless-Study1898
via reddit https://ift.tt/gUnYQ4O
Cred Relay
Cred Relay Issue #2
Reverse engineering kernel drivers with MCP Ghidra and Claude Code
540 views
Netsec
Network Security News Feed
https://ift.tt/byimBlK

Submitted March 1, 2026 at 02:03AM by kivarada
via reddit https://ift.tt/9iOIb0a
insidestack.it
InsideStack | The Latest in Tech
InsideStack delivers the latest technology news, insights, and trends in one place.
549 views
Netsec
r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

Submitted March 1, 2026 at 07:59PM by albinowax
via reddit https://ift.tt/NyTWaVC
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
473 views
Netsec
Google and Cloudflare testing Merkel Tree Certificates instead of normal signatures for TLS
https://ift.tt/zDGblBU

Submitted March 2, 2026 at 09:10PM by Shu_asha
via reddit https://ift.tt/UHFVd0a
The Cloudflare Blog
Keeping the Internet fast and secure- introducing Merkle Tree Certificates
Cloudflare is launching an experiment with Chrome to evaluate fast, scalable, and quantum-ready Merkle Tree Certificates, all without degrading performance or changing WebPKI trust relationships.
381 views
Netsec
Free browser-based steganography CTF generator create challenges with randomized encoding pipelines, auto-generated solutions, and progressive hints
https://8gwifi.org/ctf/stego-ctf-generator.jsp

Submitted March 2, 2026 at 08:52PM by anish2good
via reddit https://ift.tt/D2OlxV7
8gwifi.org
Free Steganography CTF Generator - 34 Steps, 7 Levels
Generate stego CTF challenges: hide flags in images and audio with 34 steps across 7 levels. LSB, ciphers, tar/zip. Free JSON export with solutions and hints.
417 views
Netsec
Built a free live CVE intelligence dashboard — looking for feedback
https://ift.tt/9I84BPD

Submitted March 3, 2026 at 06:02PM by Intelligent_Emu_8075
via reddit https://ift.tt/8oNfikM
Leakycreds
Credential Leak Monitoring & Stealer Log Intelligence | LeakyCreds
Credential exposure intelligence with fast detection, scoring, and remediation workflows.
385 views
Netsec
Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE) - watchTowr Labs
https://ift.tt/gRIso1f

Submitted March 3, 2026 at 07:45PM by dx7r__
via reddit https://ift.tt/cuVlzSG
watchTowr Labs
Sometimes, You Can Just Feel The Security In The Design (Junos OS Evolved CVE-2026-21902 RCE)
On today’s ‘good news disguised as other things’ segment, we’re turning our gaze to CVE-2026-21902 - a recently disclosed “Incorrect Permission Assignment for Critical Resource” vulnerability affecting Juniper’s Junos OS Evolved platform. This vulnerability…
368 views
Netsec
Red Teaming LLM Web Apps with Promptfoo: Writing a Custom Provider for Real-World Pentesting
https://ift.tt/k49lPox

Submitted March 3, 2026 at 09:18PM by adrian_rt
via reddit https://ift.tt/KOzkNo3
FORTBRIDGE
LLM Red Teaming with Promptfoo: Custom Provider for Real Pentests
How we wrote a custom promptfoo provider to red team a non-standard 4-step LLM API during a real penetration test - with Burp Suite integration, local grading, and OWASP LLM Top 10 coverage.
369 views
Netsec
IPVanish VPN macOS Privilege Escalation
https://ift.tt/Qph0Dsn

Submitted March 3, 2026 at 10:50PM by appsec1337
via reddit https://ift.tt/HT0bpuz
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
IPVanish VPN macOS Privilege Escalation
The IPVanish VPN application for macOS contains a critical privilege escalation vulnerability that allows any unprivileged local process to execute arbitrary code as root without user interaction....
327 views
Netsec
Generate 45+ honeytokens with no sign-up required and no paywall
https://ift.tt/9l8aECX

Submitted March 3, 2026 at 10:47PM by nwqd
via reddit https://ift.tt/p18WThG
NeroSwarm - Deception-as-a-Service
Free Cyber Deception Lab Tools | NeroSwarm Lab
Use the Deception Lab to launch practical security utilities, including honeytoken creation, reputation analysis, and guided deception testing workflows.
347 views
Netsec
Phishing Lures Utilizing a Single Google Cloud Storage Bucket
https://ift.tt/7ptkufP

Submitted March 4, 2026 at 12:14AM by anuraggawande
via reddit https://ift.tt/Je832BH
Malware Analysis, Phishing, and Email Scams
Analysis of an Integrated Phishing Campaign Utilizing Google Cloud Infrastructure
In recent weeks, a highly organized phishing campaign has surfaced, characterized by its use of legitimate Google infrastructure to bypass standard security filters. I have identified more than 25 …
384 views
Netsec
Free Exploit Development CTFs + Walkthroughs Based On Real CVEs
https://ift.tt/AH52VxZ

Submitted March 4, 2026 at 03:04AM by Prior-Penalty
via reddit https://ift.tt/OTsEnJM
Zeropath
ZeroPath Exploit Development CTFs - ZeroPath Blog
Learn to exploit complex real-world vulnerabilities with zeropath-ctf, a set of self-contained exploit development exercises based on CVEs from the CISA Known Exploited Vulnerabilities list, powered by ZeroPath's shapeshifter vulnerability generation suite.
383 views
Netsec
How we built high speed threat hunting for email security
https://ift.tt/n439OJ1

Submitted March 4, 2026 at 08:35AM by jkamdjou
via reddit https://ift.tt/Slx89ia
sublime.security
How we built high speed threat hunting for email security · Blog · Sublime Security
Technical deep dive into how we boosted speeds for historical threat hunting and detection backtesting
334 views
Netsec
Intent-Based Access Control (IBAC) – FGA for AI Agent Permissions
https://ibac.dev

Submitted March 4, 2026 at 10:16AM by ok_bye_now_
via reddit https://ift.tt/BjEsFx8
Reddit
From the netsec community on Reddit: Intent-Based Access Control (IBAC) – FGA for AI Agent Permissions
Posted by ok_bye_now_ - 0 votes and 1 comment
378 views
Netsec
7-day intensive for security professionals looking to upskill on securing frontier AI systems (Apr 20-26 | Singapore)
https://aisb.dev

Submitted March 4, 2026 at 01:06PM by POPTARTdoesTAEKWONDO
via reddit https://ift.tt/sujIX6W
aisb.dev
AI Security Bootcamp
A 7-day intensive program for security professionals shaping how we secure emerging AI systems.
382 views
Netsec
Using Zeek with AWS Traffic Mirroring and Kafka
https://ift.tt/nwb5RXz

Submitted March 4, 2026 at 03:14PM by awlzl
via reddit https://ift.tt/xm2yfBY
389 views
Netsec
A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate devices across 55 countries. No zero-days. Just weak passwords and an AI copilot. Full breakdown of CyberStrikeAI, the developer's MSS ties, and all 21 server IOCs.
https://ift.tt/E1RP4Ls

Submitted March 4, 2026 at 06:47PM by LostPrune2143
via reddit https://ift.tt/CHRsn5D
blog.barrack.ai
CyberStrikeAI: the AI Attack Platform Behind the 600+ FortiGate Breach | Barrack.ai
An open-source AI offensive security platform, built by a developer with ties to China's MSS, was used in a campaign that compromised 600+ FortiGate devices across 55 countries. Full technical breakdown.
417 views
Netsec
Built a header echo + TLS interception detector to score ISP-level surveillance — looking for feedback on the methodology
https://ift.tt/bKjISwl

Submitted March 5, 2026 at 04:47AM by Beneficial-Jelly3365
via reddit https://ift.tt/0WP9iVE
ismyispspying.com
Is My ISP Spying? — Free Privacy Test
Test for supercookies, header injection, DNS hijacking, and TLS interception in seconds.
394 views