0.74
Arrived at OrangeCon? Come find us on the floor! We'll be happy to talk about offensive trends, tradecraft, and getting your daily dose of vitamin C (C for cybersecurity, of course) with our evasive #redteaming toolset, OST.
Official intelligence summary
HAIJA INTEL REPORT
Generated 05/06/2026, 09:16. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources5
Tweets / X10
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
10 items
0.66
We helped FFmpeg find and fix 21 security vulnerabilities. In a 1.5M-line codebase, we spent just $1K in API costs. Some of these bugs had been hiding for decades. We also developed a PoC demonstrating an RCE primitive when FFmpeg processes RTSP streams. Full write-up:
0.54
#BHUSA will be here before we know it. This year our team will share the tradecraft, research, & attack path insights shaping modern offensive & defensive security. 5 hands-on trainings 3 technical briefings 5 Arsenal sessions Learn more: https:// specterops.io/black-hat/
0.54
Have been spending quite a good amount of time on the BRC4 2.6 release. So many new techniques, new smaller implant, new evasion methods, better QOL etc.. Whats funny is that the hard part wasn't the research, its the integration and testing. Might finally get some peace time
MR
0.52
As someone who reported CVE-2026-27914 I can tell you its not related to MMC console at all. Maybe its new Microsoft tactic to confuse LLM's with incorrect advisories? One researcher. ~$300 in API tokens. A working PoC …
0.42
Sharing a sneak peek of a new feature exclusive to the upcoming Evilginx Phishlets 2.0 format. Here is how chained rewrites allow you to downgrade FIDO MFA when phishing M365 accounts. The power of Phishlets 2.0 will hopefully blow you away!
0.41
Do red teamers need to know how to code? Leron Gray tackles that question in the latest Red Team episode of Initial Access. And in the age of AI-assisted development, the answer may be changing.
0.40
New achievement unlocked - #BloodHoundUnleashed has officially reached its 100th signup! It’s a new record for us, thank you so much for your hype and enthusiasm throughout the Attack Path Championship. Here’s a snapshot of our leaderboard top 10 as it currently stands!
0.39
Hi People asked me if I'd setup a Git thingy for researchers because Microsoft keeps banning researchers from GitHub I do have the infrastructure for it, yes. I'd have to consult with my stinky nerds though because I'm a malware guy, not a give people hosting guy
0.39
In other news, MalwareTechBlog released a Comodo Internet Security exploit. It's a remote DoS I love all these silly shenanigans
Regular sources
5 items4 Critical Threats Where Attackers Have the Advantage
Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.
OAuth marketplace apps keep access after publishers vanish
Installing an app from the Google Workspace Marketplace or GitHub Marketplace can grant a third party access to company email, files, calendars, code repositories, CI wo…
VS Code Vulnerability Allows One-Click GitHub Token Theft
A researcher has disclosed the full details of the vulnerability and released a PoC without notifying Microsoft in advance. The post VS Code Vulnerability Allows One-Cli…
Chinese Cybercrime Group in Spotlight for Record Campaign Pace
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. The post Chinese Cybercrime Group in Spotlig…
Re: Linux kernel TLS ULP use-after-free in tls_sk_proto_close()
Posted by Jacob Bachmeyer on Jun 03 The pattern of deferring a lock that will be unconditionally acquired would be a good target for a broader locking audit. Having the …