Generated 27/04/2026, 09:09. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources6
Tweets / X9
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
9 items
mrgretzky @mrgretzky
24 Apr, 11:35 · core
0.76
Last week we published three independent phishing research projects CDP, Passkey Phishing, and ConsentFix, alongside the internal @MalDevAcademy @mrd0x tools for each. It’s been great getting messages like this and seeing Red Team operators actually putting them to use. If
More talks for the @WEareTROOPERS #TROOPERS26 AD & Entra ID Security Track accepted, featuring @kidtronnix , @LeGuideDuSecOps , @_dirkjan , @DrAzureAD , @al3x_n3ff & others
"The scanner relies on an acquirer file containing targets and a lease file defining the exploit type. These files show the operator obtaining target feeds from ZIP archives hosted on cs2[.]ip[.]thc[.]org, assigning the cve_2025_55182 module, and deploying a payload intended to
Love Claude Code channels for push-events. Here I hooked up a GitHub Action to an example repo containing SwiftBelt. The aim was to test YARA rules during every build, but if any fired, task Claude to evade any detections, then submit a PR with updates. Seeing it play out is
This also impacts sites that rely on ad revenue to stay up. What's gonna happen when all the original sources dry up and no new content is being posted? This is what's happening to YouTube. This is one of my most popular videos. It's how to fix a UEFI bootloader. As you can see t
Shai-Hulud changed npm supply chain attacks. Adversaries now use wormable propagation, infrastructure persistence and multi-stage payloads. Coordinated campaigns weaponize dev tooling (Docker, GitHub, VS Code, npm). Read the full analysis for our insights. https:// bit.ly/4cwtCk3
V2 of the #Kali365 PhaaS toolkit has emerged with dedicated OAuth and AI-based lure generation, seeing widespread abuse. This kit is distributed via Telegram and has features like a domain marketplace, Cloudflare worker hosting and keyword searching: https:// bit.ly/3QupSXM
It’s #BloodHoundBasics day w/ @Jonas_B_K ! DYK BloodHound pathfinding can uncover hybrid attack paths? In this example, we trace a path from Domain Users in AD to a GitHub Secret, through Okta. Learn how OpenGraph extensions make this possible: https:// ghst.ly/4dmfACv
Our research reveals "Agent God Mode" in Amazon Bedrock AgentCore. Overly broad IAM permissions allow privilege escalation across AWS accounts. A compromised agent can access memories and extract sensitive data via a multi-stage attack. Read our analysis: https:// bit.ly/4mssGAM
bubblewrap CVE-2026-41163: Privilege escalation if setuid root, via ptrace
Posted by Simon McVittie on Apr 25 https://github.com/containers/bubblewrap/security/advisories/GHSA-xq78-7hw4-5jvp Vulnerable: bubblewrap >= 0.11.0 if installed setuid …
Posted by Alan Coopersmith on Apr 24 https://github.com/rust-openssl/rust-openssl/releases/tag/openssl-v0.10.78 https://github.com/rust-openssl/rust-openssl/security/adv…
Microsoft to roll out Entra passkeys on Windows in late April
Microsoft will roll out passkey support for phishing-resistant passwordless authentication to Microsoft Entra‑protected resources from Windows devices starting late Apri…
Indirect prompt injection is taking hold in the wild
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves hiding (m…
Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent …
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity security flaw in LMDeploy, an open-source toolkit for compressing, deploying, and serving large language models (LLMs), has come under active exploitatio…
