Generated 06/07/2026, 09:36. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources1
Tweets / X14
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
14 items
_xpn_ @_xpn_
05 Jul, 14:03 · core
0.56
Us: "I can't believe CaviarLobsters group were caught by FBI by browing a ceased forum with their home IPs" GitHub: "FREE CD's, JUST GIVE YOUR NAME, ADDRESS, SOCIAL SECURITY NUMBER AND WE WILL SHIP YOUR C2 AGENT BY POST" I see you h4xx0rs, requesting CD's of your GitHub xD We hea
Hygiene findings surface conditions that attackers routinely take advantage of, such as: Large default groups with delegated privileges that make lateral movement much easier AS-REP roastable accounts Kerberoastable accounts. : 2/3
Good watch!! New full episode of 'whoami' podcast. I had the opportunity to talk with @C5pider , author of Havoc & Havoc Pro. I had a great time learning from one of the best c2/malware devs out there. Check it out for some awesome insights.
This is a great analysis. Narrowing the Response Queue Poisoning race-window is a worthwhile mitigation to make desync exploitation harder, but it's not patching a specific vulnerability. Also a great illustration of the blast-radius you get when trying to harden HTTP/1.1... Hey
A lot of malware campaigns use CloudFlare to mask their C2 infrastructure. They do this for a few reasons, but the primary reason is that it delays the inevitable of their C2 being taken down. The malware developers using CloudFlare isn't necessarily bad, and it isn't So basicall
Literally shaking, screaming, crying, THROWING UP. The .exe is bundled with BUN (some Javascript bullshit). I deobfuscated the main goop inside of it, found the C2 configuration (where it downloads cool malware from), and ... it's dead. @Cloudflare KILLED THEIR C2. THE MALWARE Ch
This Week on BRuteLogic One Bit, Full Decryption https:// x.com/BRuteLogic/sta tus/2071640472611668020 … ATO w/ Open Redirect https:// x.com/BRuteLogic/sta tus/2071963003537252659 … OAuth More oBroken Than You Think https:// x.com/BRuteLogic/sta tus/2072311376454791488 … 7 Easy J
These aren't necessarily attack paths on their own but present opportunities that become part of an attack path. Attack paths show how attackers reach their objective. Hygiene findings help eliminate the conditions that make those attack paths possible. : 3/3
We're back w/ another #BloodHoundBasics from Jacob Jackson! One of my favorite parts of BloodHound Enterprise is the Hygiene findings. Not every security issue shows up as an attack path but that doesn't make it any less important. : 1/3
Email #phishing scam capitalizing on the popularity of the 2026 FIFA World Cup ends in credit card theft, not free prizes. Auth-passing email → redirect → geo-cloaked redirector → fake "reward" checkout that steals name, address & card info. Details at https:// bit.ly/3SOcaA8
Want to learn AI / LLM Security Assessment? Don't have the money for a training? Here are SEVENTY ONE FREE LLM security labs that we have curated for you! Like and share! (Link Below) <3 from @arcanuminfosec
FREE THEM. THEY DID NOTHING WRONG The world's biggest anime piracy site HiAnime's suspected operators have been arrested in Vietnam. Vietnamese police say the group ran 100+ piracy sites since 2020, uploaded 26,000+ films, and pulled in roughly $12.85 million in ad revenue. Four
I only have one question though... This malware kills itself if it detects the following strings: - sandbox - sand box - malware - virus - maltest - peter wilson (??????) - paul jones (??????) who THE FUCK is peter wilson and paul jones???
Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system. The …