Official intelligence summary

HAIJA INTEL REPORT

Generated 16/07/2026, 09:27. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources5
Tweets / X10
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

10 items
@Jhaddix avatar
Jhaddix @Jhaddix
15 Jul, 20:42 · core
0.70
SUPER Cool. There's only a handful of benchmarks for hackbots atm... Check it out! We just open-sourced EthiBench: a new evaluation protocol for AI pentesting agents. Ground truth and code available here: https:// github.com/ethiack/ethibe nch …
tweet media
@SpecterOps avatar
SpecterOps @SpecterOps
15 Jul, 18:35 · core
0.62
Need to do an NTLM relay over C2 but local priv-esc isn't possible? @_logangoins new post walks through relaying NTLM auth out of a network and back in through red team infra to bypass traditional relay controls, plus how defenders actually stop it.
tweet media
@Sysdig avatar
Sysdig @Sysdig
15 Jul, 16:00 · secondary
0.52
One leaked credential. One morning. Full Azure tenant ownership. 03:27: First login. 03:29: Global Administrator. Self-granted. Two and a half minutes. No malware. No exploits. Just permissions. Full research from Sysdig TRT: https:// okt.to/TKVDlu #CloudSecurity
tweet mediatweet media
@harmj0y avatar
harmj0y @harmj0y
15 Jul, 21:45 · core
0.46
Still deep in identity. Still breaking enterprise security. Still chasing weird Active Directory internals. Still publishing research. Still releasing tools. Still speaking at conferences. Still learning. Still giving back to the community. Still Microsoft MVP. #MVPBuzz
tweet mediatweet media
@brutelogic avatar
brutelogic @brutelogic
15 Jul, 03:29 · secondary
0.38
20% OFF in BRute Logic Bug products (above $10 USD) Coupon Code BRUTE20 - Valid until 31-Jul-2026 XSS, SSRF, JWT, OAuth, Cryptography. Actionable content. Bug Bounty. http:// brutelogic.net/ebooks
tweet media
@pdiscoveryio avatar
pdiscoveryio @pdiscoveryio
15 Jul, 19:03 · secondary
0.35
Exploitation speed has reached record highs, with the window between CVE announcement and attack shrinking from months to mere hours. Attackers are now reverse-engineering repositories to exploit vulnerabilities before they are even public, while AI agents are discovering and
tweet media
@Jhaddix avatar
Jhaddix @Jhaddix
15 Jul, 21:28 · core
0.34
Best watch out... @arcanuminfosec is coming ... From now until after @defcon we will be announcing: - CLASS GIVEAWAYS - New products - New open source resources - SWAG drops for the CON - and so. much. more.
tweet mediatweet media
@BishopFox avatar
BishopFox @BishopFox
15 Jul, 22:46 · secondary
0.32
New open-source tool: snowpick ServiceNow portals can expose backend data through public widgets and the Table REST API. snowpick helps security teams test for those exposures from an unauthenticated perspective and generates reproducible evidence for validation. Full writeup
tweet mediatweet media
@CrowdStrike avatar
CrowdStrike @CrowdStrike
15 Jul, 18:49 · secondary
0.32
Day Zero: The 2026 Threat Research Summit is gathering the sharpest minds in cybersecurity to dissect real-world adversary tradecraft. When: Aug. 30 - Sep. 1, 2026 Where: Virgin Hotel, Las Vegas Apply: https:// crwdstr.ke/6018BEkf5K
tweet mediatweet media
@TalosSecurity avatar
TalosSecurity @TalosSecurity
15 Jul, 15:02 · secondary
0.29
A password reset might not be enough to kick an attacker out. The latest Talos Takes breaks down the ARToken phishing-as-a-service platform and why MFA might not be the safety net you think it is: https:// cs.co/6019BEnP9L
tweet mediatweet media

Regular sources

5 items
1.00exploit · 15 Jul, 21:02seclists.org

Multiple vulnerabilities in ntfs-3g

Posted by Rostislav on Jul 15 Hello oss-security, https://github.com/tuxera/ntfs-3g The following vulnerabilities have been fixed: - (ntfscat) Fix heap memory corruption…

1.00general · 15 Jul, 07:30thehackernews.comWild exploit

Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited …

0.93general · 15 Jul, 20:33bleepingcomputer.com

Google Gemini CLI abused as a hacking agent, malware botnet operator

A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet. [...]

0.89exploit · 15 Jul, 16:54seclists.orgResearch

SELinux Userspace Utilities: Local Denial-of-Service Attack Vectors in seunshare in release 3.10

Posted by Matthias Gerstner on Jul 15 Hello list, this is a report about Denial-of-Service issues in the `seunshare` setuid-root program. We also offer a rendered HTML v…

0.84general · 15 Jul, 16:01bleepingcomputer.com

We built a vulnerability vending machine: AI tokens in, zero-days out

Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover complex software vulnerabilities. The company…