0.46
Very cool. Unwind data means we can stomp PIC over a DLL and get nice call stacks. https:// aff-wg.org/2026/06/01/rel ax-and-unwind-in-the-tradecraft-garden/ …
Official intelligence summary
HAIJA INTEL REPORT
Generated 03/06/2026, 09:19. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources7
Tweets / X8
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
8 items0.46
Rasta Mouse @_RastaMouse · 14h Relax and unwind in the Tradecraft Garden From aff-wg.org 1 20 61 10K
0.42
Gamaredon is one of the most active espionage actors targeting Ukraine. The group relies on relentless spearphishing and fast operational tempo to compromise military and government organizations. That access is what Turla exploited. The research also examines Kazuar v2 and v3 -
0.42
An update to our Threat Brief on npm supply chain attacks discusses the latest compromise, pushing a payload named Miasma. The tradecraft used substantially matches Mini Shai-Hulud malware used by TeamPCP. Read now: https:// bit.ly/4cwtCk3
0.41
The newest episode of Initial Access is all about Red Teaming! Our consultants share stories about some of the wildest engagements they've ever been on, like this:
0.39
Yeah, so pretty much this guy is releasing an exploit in solidarity with Nightmare Eclipse guy. He said he notified GitHub about the exploit 60 minutes before releasing this paper. I don't do web stuff, and I'm not a VSCode nerd, so I'm confused by the underlying technologies.
0.38
Broken Token - JWT New ebook, the first of the series. Master every way to break JSON Web Tokens: • Algorithm confusion • Key injection • Claim manipulation • Format attacks + Original research Essential for bug bounty hunters & pentesters.
0.32
This month's list of upcoming CFP deadlines is our longest ever! Check out @SAINTCON , @HackRedCon , and other security conferences looking for speakers. Take a look: https:// redcanary.com/blog/news-even ts/red-canary-cfp-tracker-june-2026/?utm_source=twitter&utm_medium=social …
Regular sources
7 itemsAI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. …
China Uses Dual-Method Cyberattack on Czech Orgs
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in…
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster…
Protestware by open source maintainer to hinder agentic coding: The jqwik 1.10.0 Prompt Injection
jqwik 1.10.0 added a hidden prompt injection aimed at AI coding agents, using terminal escape codes to conceal destructive instructions from humans while leaving them re…
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry o…
Linux kernel TLS ULP use-after-free in tls_sk_proto_close()
Posted by Oleg Sevostyanov on Jun 02 Hello oss-security, I am disclosing a Linux kernel vulnerability in the TLS ULP subsystem. Affected component: Linux kernel TLS ULP …