Generated 01/06/2026, 09:15. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources5
Tweets / X10
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
10 items
SpecterOps @SpecterOps
30 May, 00:37 · core
0.54
To defend Azure & Entra ID, you first need to understand how attackers see them. Join our Azure training at #BHUSA & learn the misconfigurations adversaries look for through hands-on labs built around real-world attack paths. https:// ghst.ly/4uii3Ua
Escalating SQLi to RCE! Found a SQL injection? Here's how you can quickly escalate it to remote code execution across different database engines! Open this thread! Here's how you can quickly escalate your SQL injections to RCE on different databases! A small thread!
Latest Bug Bytes is live! This month's issue is as usual packed with bug bounty tips: Earning $148K via RCE in Google Cloud How public Google API keys became Gemini credentials Our first official Burp Suite extension Two new bypasses for Chrome's Sanitizer API
We detected indirect prompt injection on a fake Excel template store. Hidden via white text, the prompt uses social engineering to manipulate AI agents into boosting SEO, aiming to funnel users to a malicious Chrome extension. Details at https:// bit.ly/3RCl2s2
Meet with Synack during Infosecurity Europe 2026 just outside the show for relaxed, one-to-one conversations. Drinks are on us. Learn how Sara AI pentesting combines AI-driven testing with human expertise to validate real exploitable risk faster. Register here:
It’s a long one , but I had a great time yapping with Kirk about how I stumbled into offensive security, and the latest Twitter drama Full new episode of whoami w/ @0xTriboulet. We talk about his journey into offensive security, AI, recent disclosures, and research/life balance.
Law enforcement took down a Russian-linked hosting network, a ransomware group escalated to dispatching physical operatives for data extortion, and a massive supply chain campaign targets developer environments and AI tools. This is the Good, Bad & Ugly. GOOD - Dutch
Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Coinflow CISO on crypto payments security under AI pressure Crypto paym…
1.00general · 30 May, 08:41thehackernews.comWild exploit
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. …
1.00general · 29 May, 14:59securityweek.comRCE
Gogs Zero-Day Exposes Servers to Remote Code Execution
The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with maliciou…
0.91general · 29 May, 20:07thehackernews.comAttack path
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant's implicit trust in Markd…
0.89exploit · 29 May, 08:59seclists.org
Re: Linux: DMA-after-unmap race in ZCRX via netif_rxq_cleanup_unlease() ordering inversion (netkit + page_pool)
Posted by Solar Designer on May 28 Hi Ahmed, https://oss-security.openwall.org/wiki/mailing-lists/oss-security#list-content-guidelines "Please don't cross-post messages …
