The Evolution of HTTPS Adoption in Firefox #HTTPSFirst #Firefox #WebPrivacy #UserSecurity #EncryptionEvolution https://attackanddefense.dev/2025/03/31/https-first-in-firefox-136.html
Attack & Defense
The Evolution of HTTPS Adoption in Firefox
We at Mozilla believe that people deserve privacy and one of the most important pieces of web privacy is provided through ubiquitous encryption. Because of this, we shipped HTTPS-First by default as of Firefox 136 (March 4th). The mechanism upgrades all page…
Bypassing Windows Defender antivirus in 2025: Evasion Techniques Using Direct Syscalls and XOR Encryption – Part 1 #WindowsDefender #AntivirusBypass #Cybersecurity #Syscalls #XOREncryption https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-1/
Hackmosphere
Windows Defender antivirus bypass in 2025 - part 1
Discover how antivirus works and how to setup a lab for (Windows Defender) antivirus bypass. Basic code is provided to start experimenting !
Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI #LangflowAI #CVE20253248 #RCE #NodeZero #VulnerabilityDetection https://horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/
Horizon3.ai
Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI
CVE-2025-3248 is a critical code injection vulnerability affecting Langflow, a popular tool used for building out agentic AI workflows. This vulnerability is easily exploitable and enables unauthenticated remote attackers to fully compromise Langflow servers.…
🔥1
TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign #TROXStealer #MalwareAsAService #UrgencyBasedAttacks #HackersAdvantage #DeepDiveAnalysis https://sublime.security/blog/trox-stealer-a-deep-dive-into-a-new-malware-as-a-service-maas-attack-campaign/
sublime.security
TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign · Blog · Sublime Security
Deep dive analysis of TROX Stealer, an urgency-based MaaS offering
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet #SuperNoteNomad #0ClickRCE #EInkTablet #SecurityResearch #CVE202532409 https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet
Prizm Labs Website
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet
Details of our SuperNote Nomad research which led to the disclosure of a 0-click RCE vulnerability
🔥2
Dashboard with cybersecurity metrics and statistics from the last 30 days #cyber #monitoring #technology #security #onlineprivacy https://cybermonit.com/
Cybermonit
Cybermonit is a modern platform for monitoring CVS vulnerabilities, data leaks, ransomware attacks and ongoing DDoS attacks, enabling rapid threat identification and effective response to cyber incidents.
We Have a Package for You! A Comprehensive Analysis of Package Hallucinations
by Code Generating LLMs #technical #security #PDF #text #document https://arxiv.org/pdf/2406.10279
by Code Generating LLMs #technical #security #PDF #text #document https://arxiv.org/pdf/2406.10279
Security Analysis: Potential AI Agent Hijacking via MCP and A2A Protocol Insights #SecurityAnalysis #AIAgentHijacking #MCPProtocol #A2AProtocol #SecurityFlaws https://medium.com/@foraisec/security-analysis-potential-ai-agent-hijacking-via-mcp-and-a2a-protocol-insights-cd1ec5e6045f
Medium
Security Analysis: Potential AI Agent Hijacking via MCP and A2A Protocol Insights
Communication protocols represent a core infrastructure accelerating the development and deployment of AI Agents. Anthropic’s Model Context…
Aiding reverse engineering with Rust and a local LLM #Rust #ReverseEngineering #LocalLLM #Security #Vulnerabilities https://security.humanativaspa.it/aiding-reverse-engineering-with-rust-and-a-local-llm/
HN Security
Aiding reverse engineering with Rust and a local LLM - HN Security
Offensive Rust series article that introduces a new AI tool (oneiromancer) to aid with reverse engineering.
SAP Emarsys SDK for Android Sensitive Data Leak (CVE-2023-6542) #SAPEmarsysSDK #AndroidVulnerability #DataLeak #RemoteCodeExecution #RCESecurity https://www.rcesecurity.com/2025/04/sap-emarsys-sdk-for-android-sensitive-data-leak-cve-2023-6542/
Everyone knows your location, Part 2: try it yourself and share the results #LocationData #PrivacyRights #TrafficAnalysis #AppData #Crowdsourcing https://timsh.org/everyone-knows-your-location-part-2-try-it-yourself/
tim.sh
Everyone knows your location, Part 2: try it yourself and share the results
Learn how to record and analyse your mobile device traffic, take an app from the list of "shady" apps and share the results.
SSD Advisory – extract() double-free(5.X)/use-after-free(7.X/8.X) #SSDAdvisory #PHPVulnerability #DoubleFree #UseAfterFree #ArbitraryCodeExecution https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/
SSD Secure Disclosure
SSD Advisory - extract() double-free(5.X)/use-after-free(7.X/8.X) - SSD Secure Disclosure
Summary A vulnerability in PHP’s extract() function allows attackers to trigger a double-free in version 5.x or a user-after-free in versions 7.x, 8.x, which in turn allows arbitrary code execution (native code). Credit An independent security researcher…
AES & ChaCha — A Case for Simplicity in Cryptography #AES #ChaCha #Cryptography #Simplicity #Comparison https://phase.dev/blog/chacha-and-aes-simplicity-in-cryptography/
phase
AES & ChaCha — A Case for Simplicity in Cryptography | Phase Blog
A technical deep dive into how the ChaCha20 cipher is taking on AES as the gold standard for symmetric encryption, and a lesson about the power of simplicity in cryptographic design.
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation #SuperCardX #NFCRelayFraud #ChineseMaaS #AndroidMalware #LowDetectionRate https://www.cleafy.com/cleafy-labs/supercardx-exposing-chinese-speaker-maas-for-nfc-relay-fraud-operation
Cleafy
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation | Cleafy
A new fraud campaign based on the Android malware "SuperCard X" and innovative NFC relay techniques is impacting Italian's banking. Read our latest report to learn more.
CVE-2025-25364: Speedify VPN MacOS privilege Escalation #CVE-2025-25364 #SpeedifyVPN #MacOS #PrivilegeEscalation #Patch https://blog.securelayer7.net/cve-2025-25364-speedify-vpn-macos-escalation/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
CVE-2025-25364: Speedify VPN MacOS privilege Escalation
SecureLayer7 discovered CVE-2025-25364, which is a critical command injection vulnerability discovered in the me.connectify.SMJobBlessHelper XPC service, a privileged helper tool...
New Bug Bounty Programs #BugBountyRadar #PublicPrograms #LatestPrograms #Scope #Rewards https://bbradar.io/
bbradar.io
The Bug Bounty Radar - The Latest Public Bug Bounty Programs | The Bug Bounty Radar
The Bug Bounty Radar - Discover and explore the latest public bug bounty programs from top platforms. Find security research opportunities, compare rewards, and access the most comprehensive bug bounty database. 8 new programs added recently.
IoT Network Security: Analyzing Decrypted Zigbee Traffic Data #IoTNetworkSecurity #DecryptedZigbeeTraffic #DataAnalysis #NetworkEncryption #DeviceCommunicationBehaviors https://rackenzik.com/enhancing-iot-network-security-and-performance-insights-from-decrypted-zigbee-traffic-data/
Compilation Parser And AST #ParserWorkflow #V8internals #LazyParsing #ParserBug #ScopesInJavascript https://w1redch4d.github.io/post/parser-workflow/
Jumping the line: How MCP servers can attack you before you ever use them #MCP #Vulnerabilities #PromptInjection #SecurityThreats #LineJumpingAttacks https://blog.trailofbits.com/2025/04/21/jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them/?hss_channel=lcp-912286
The Trail of Bits Blog
Jumping the line: How MCP servers can attack you before you ever use them
MCP’s ’line jumping’ vulnerability lets malicious servers inject prompts through tool descriptions to manipulate AI behavior before tools are ever invoked.
New Pacu Module: Secret Enumeration in Elastic Beanstalk #NewPacuModule #SecretEnumeration #ElasticBeanstalk #RhinoSecurityLabs #PenetrationTesting https://rhinosecuritylabs.com/tools/new-pacu-module-enumerating-elastic-beanstalk/
Rhino Security Labs
New Pacu Module: Secret Enumeration in Elastic Beanstalk
Pacu's newest scenario, enumerating Elastic Beanstalk for Secrets, was built to save users hours of testing during an AWS penetration test.