Generated 08/06/2026, 09:17. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources5
Tweets / X10
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
10 items
pdiscoveryio @pdiscoveryio
06 Jun, 20:02 · secondary
0.46
Neo uncovered 22 confirmed CVEs across 13 popular open-source projects, including critical issues such as authentication bypasses and remote code execution. It addresses the biggest pain point in AI security: moving beyond noisy false positives to actually prove vulnerabilities
Law enforcement dismantled massive cryptocurrency fraud rings, a Chinese cybercrime group expanded its global phishing footprint, and attackers exploited a critical authentication bypass in Palo Alto VPN portals. This is the Good, Bad & Ugly. GOOD - Spanish National
> Microsoft GitHub repos banned > "Terms of Service violation" > ??? > Look inside > Was compromised ... was Microsoft going to become a victim of a supply chain attack on their own platform via their own product? More fallout from the Mini Shai-Hulud campaign 49 Microsoft, Azure
Implementing a 22-step WebAuthn validation flow is hard - even for co-authors of the spec. At #BHUSA, I'll be presenting "Pass-the-Passkey": a new family of attacks bypassing phishing-resistant MFA. Replay. Relay. Tamper. Spoof. 3 new vulns. 20 attacks. 5 OSS tools. #BHUSA will b
And the winner is... foobar! At the close of #InfoSecEurope, foobar was crowned the #BloodHoundUnleashed Attack Path Champion! Thank you to all of our competitors for your enthusiasm and participation throughout the challenge. We will see you for the next one...
PS PS PS, http:// OnlyLANs.ai launched yesterday during our first-week-of-the-month livestream, where we also released Dahvid's Schloss latest training: Windows Malware Development 6: Building Post Exploitation Tools! https:// justhacking.com/course/wmd-6-b uilding-post-exploitat
Favorite queries! Log in, heart the queries you use most, sort for Most Favorites, and use Show Favorites to filter your list. For now, this applies to the BloodHound Query Library source. 5/6
Happy #BloodHoundBasics Day! This week, @martinsohndk walks through: http:// queries.specterops.io helps you find & run the queries you need. Caught up on the latest features? - Multi-source loading - Multi-server management - Favorites - Cypher cheat sheet Quick glance in 1/6
New Release Havoc Professional 0.7: K-Noir - Linux Implant for x86_64 and AArch64 - Stack Spoofing: Callstack Function Rule System - Stack Spoofing: CET Compliance and evasion improvements. - New Registry manipulation extension with anti-forensic features - TCP based
Securing CI/CD in an agentic world: Claude Code Github action case
Microsoft Threat Intelligence identified a prompt injection pathway in Claude Code GitHub Action that allowed access to workflow secrets under specific conditions. This …
1.00critical · 05 Jun, 14:00cisa.govWild exploit
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-28318 SolarWinds Serv-U Unc…
Posted by Alan Coopersmith on Jun 04 Additional patches have since been released by envoy & h2o. https://github.com/envoyproxy/envoy/security/advisories/GHSA-22m2-hvr2-x…
What 2026 DBIR Confirms: Attacks Are Living in the Browser
Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveals about brow…
Posted by Matteo Beccati on Jun 04 ======================================================================== https://www.revive-adserver.com/security/revive-sa-2026-002 -…
