Bruteforcing the phone number of any Google user #GoogleBruteforce #PhoneNumberRecovery #NoJSForm #BotGuardToken #VendorDisclosure https://brutecat.com/articles/leaking-google-phones
brutecat.com
Leaking the phone number of any Google user
From rate limits to no limits: How IPv6's massive address space and a crafty botguard bypass left every Google user's phone number vulnerable
🔥3
CVE-2025-47934 – Spoofing OpenPGP.js signature verification https://codeanlabs.com/blog/research/cve-2025-47934-spoofing-openpgp-js-signatures/
codeanlabs
CVE-2025-47934 - Spoofing OpenPGP.js signature verification - Codean Labs
CVE-2025-47934 allows attackers to spoof arbitrary signatures and encrypted emails that appear as valid in OpenPGP.js. The only requirement is access to a single valid signed message from the target author ("Alice"). Since this undermines the core principle…
Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091) #proofnet #KDE #Konsole #CVE202549091 #CodeExecution https://proofnet.de/publikationen/konsole_rce.html
proofnet.de
proofnet - Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091)
proofnet ist spezialisiert auf Security PenTests im Connected Car Umfeld.
A Look in the Mirror - The Reflective Kerberos Relay Attack #KerberosRelayAttack #ReflectiveAttack #CVE202533073 #PatchTuesday #SecurityDisclosure https://blog.redteam-pentesting.de/2025/reflective-kerberos-relay-attack/
RedTeam Pentesting - Blog
A Look in the Mirror - The Reflective Kerberos Relay Attack
It is a sad truth in IT security that some vulnerabilities never quite want to die and time and time again, vulnerabilities that have long been fixed get revived and come right back at you. While researching relay attacks, the bane of Active …
Les comptes machines dans Active Directory #ActiveDirectory #ComptesMachines #Sécurité #Pentest #Mobeta https://mobeta.fr/active-directory-machine-account/
Mobeta
Les comptes machines dans Active Directory | Mobeta
Découvrez le rôle des comptes machines dans Active Directory en pentest et les attaques possibles (Shadow Credentials, RBCD, Silver Ticket).
Getting RCE on Monero forums with wrapwrap #bugbounty #moneroforums #libmagic #wrapwrap #RCE https://swap.gs/posts/monero-forums/
swap.gs
Getting RCE on Monero forums with wrapwrap
breakpoint of no return
“Localhost tracking” explained. It could cost Meta 32 billion #LocalhostTracking #MetaFines #GDPRViolation #DMAViolation #PrivacyBreaches https://www.zeropartydata.es/p/localhost-tracking-explained-it-could
www.zeropartydata.es
“Localhost tracking” explained. It could cost Meta 32 billion.
You just can't finish off Zuckerberg.
Millions of Vulnerabilities: One Checklist to Kill The Noise #KillTheNoise #VulnerabilitiesManagement #CutTheNoise #FixCriticalIssues #ReduceBacklog https://securityautopsy.com/millions-of-vulnerabilities-one-checklist-to-kill-the-noise/
Security Autopsy
Millions of Vulnerabilities: One Checklist to Kill The Noise
One important subject to discuss when talking about vulnerability management is the day you open the valve on a code scanning tool that generates an enormous number of security findings. This has been a problem in information security since the early 2000s…
Introducing: GitHub Device Code Phishing https://www.praetorian.com/blog/introducing-github-device-code-phishing/
Praetorian
Introducing: GitHub Device Code Phishing
GitHub Device Code phishing: A new attack vector targeting developers. Learn how attackers abuse OAuth flows to compromise organizations and steal source code.
Influencing LLM Output using logprobs and Token Distribution #LLMOutput #logprobs #TokenDistribution #AIInfluence #SpamFilter https://blog.sicuranext.com/influencing-llm-output-using-logprobs-and-token-distribution/
Sicuranext Blog
Influencing LLM Output using logprobs and Token Distribution
What if you could influence an LLM's output not by breaking its rules, but by bending its probabilities? In this deep-dive, we explore how small changes in user input (down to a single token) can shift the balance between “true” and “false”, triggering radically…
Giving an LLM command line access to Nmap #LLM #Nmap #SecurityResearch #ToolIntegration #Automation https://hackertarget.com/llm-command-line-nmap/
HackerTarget.com
Giving an LLM Command Line Access to Nmap | HackerTarget.com
What would it look like giving LLM's command line access to Nmap. Explore the possibilities in the security tools space.
Make Self-XSS Great Again #MakeSelfXSSGreatAgain #StoredSelfXSS #CSRF #Clickjacking #XFrameOptionsDeny https://blog.slonser.info/posts/make-self-xss-great-again/
blog.slonser.info
Make Self-XSS Great Again
Disclaimer: This article is intended for security professionals conducting authorized testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious…
🔥1
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035) #GIMP #HeapOverflow #VulnerabilityExploitation #Security #IntegerOverflow https://medium.com/@cy1337/malloc-overflow-deep-dive-9357eeef416b
Medium
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
Back in April, I shared a walkthrough on how to make a Ghidra script for spotting suspicious malloc calls. I then put that script to the…
🔥1
She Won. They Didn't Just Change the Machines. They Rewired the Election. #ElectionRewired #TechGiants #DigitalOccupation #VoteFlippingAlgorithm #CrimeoftheCentury https://thiswillhold.substack.com/p/she-won-they-didnt-just-change-the
Substack
She Won. They Didn't Just Change the Machines. They Rewired the Election.
How Leonard Leo's 2021 sale of an electronics firm enabled tech giants to subvert the 2024 election.
New blog post! We present RAMPAGE, our open-source framework for reproducible evaluation of AGD detection models. Bye-bye black-box results! #PlanDeRecuperación #NextGenerationEU #ProyectosCiber #AICybersecurity #Reproducibility Read it here: https://reversea.me/index.php/rampage-reproducible-evaluation-of-agd-detection-models/
🔥2
Expanding on ChunkyIngress - Clippy Goes Rogue (GoClipC2) https://blog.zsec.uk/clippy-goes-rogue/
ZephrSec - Adventures In Information Security
Clippy Goes Rogue (GoClipC2)
GoClipC2: A covert Windows clipboard-based C2 channel for VDI/RDP environments. Bypasses network monitoring with encrypted Base64 messaging.
Two posters, one mission: improve cyber threat detection.
* KeyReaper: Recovering leaked cryptographic keys from memory snapshots
* Zero-Shot AGD Detection: Using LLMs to spot malicious domains without training
#PlanDeRecuperación #NextGenerationEU #ProyectosCiber
You can read more about these contributions in our recent blog posts:
* https://reversea.me/index.php/extracting-cryptographic-keys-from-windows-live-processes-with-keyreaper/
* https://reversea.me/index.php/detecting-algorithmically-generated-domains-with-large-language-models-a-zero-shot-study/
Come find us at the poster session this week at #DIMVA2025
and say hi 👋👋!
* KeyReaper: Recovering leaked cryptographic keys from memory snapshots
* Zero-Shot AGD Detection: Using LLMs to spot malicious domains without training
#PlanDeRecuperación #NextGenerationEU #ProyectosCiber
You can read more about these contributions in our recent blog posts:
* https://reversea.me/index.php/extracting-cryptographic-keys-from-windows-live-processes-with-keyreaper/
* https://reversea.me/index.php/detecting-algorithmically-generated-domains-with-large-language-models-a-zero-shot-study/
Come find us at the poster session this week at #DIMVA2025
and say hi 👋👋!
dnsimg - storing images in txt records https://asherfalcon.com/blog/posts/2
Asherfalcon
Asher Falcon
Asher Falcon's personal website - Software engineer and student
Is your AI safe? Threat analysis of MCP (Model Context Protocol) https://www.cyberark.com/resources/threat-research-blog/is-your-ai-safe-threat-analysis-of-mcp-model-context-protocol
Cyberark
Is your AI safe? Threat analysis of MCP (Model Context Protocol)
Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/
watchTowr Labs
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
Welcome to June! We’re back—this time, we're exploring Sitecore’s Experience Platform (XP), demonstrating a pre-auth RCE chain that we reported to Sitecore in February 2025.
We’ve spent a bit of time recently looking at CMS’s given the basic fact that they…
We’ve spent a bit of time recently looking at CMS’s given the basic fact that they…
CVE-2025-34508: Another File Sharing Application, Another Path Traversal https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/
Horizon3.ai
Path Traversal Vulnerability Discovered in ZendTo
Learn how Horizon3.ai uncovered CVE-2025-34508 in ZendTo, allowing attackers to access sensitive files through a path traversal flaw.