HAIJA INTEL REPORT

New from Sysdig TRT: threat actors are framing exploit requests as CTF challenges to jailbreak their own AI tools into writing attack code. The jailbreak leaks. A CVE ID in a User-Agent is now a standalone threat intel signal. Full research: [LINK] #CloudSecurity

Timeline of AD CS attack research & Microsoft patches since the ADCS paradigm shift: Certifried Pre-Owned whitepaper by @harmj0y and @tifkin_

PRC-nexus actor UNC6508 targeted North American research, exploiting REDCap servers to deploy INFINITERED malware. The actor remained undetected for over a year and abused enterprise admin tools for covert data exfil. Analysis, guidance and IOCs ➔ https:// cloud.google.com/blog/t

Had a sit down with MSRC, while I can't say full details we had a constructive discussion on the state of things aimed at the following (and remember I'm just the messenger): MSRC handling vulnerability submissions and researcher communication GitHub removal of cybersecurity

Actors weaponize #AI hype: fake LLM domains, branded C2 infrastructure and payment skimmers. We tracked three active campaigns abusing AI lures and infrastructure. Details at https:// bit.ly/3SHlc1D

PCI DSS scope isn’t limited to traditional network segments anymore. Now cloud infrastructure, SaaS platforms, IAM, and CI/CD pipelines can all play a role in an attack path to the CDE. Derek Rush breaks down how Bishop Fox approaches modern PCI internal penetration testing.

No pip. No npm. Just curl. reKover maps URLs passively, brute-forces intelligently, then crawls - one Bash script. Free:

Most security teams have plenty of findings. What they need is confidence in what to fix first. That’s where a mature bug bounty program starts to look different. Not as another stream of tickets, but as a way to bring trusted hacker insight into the places your team needs more

Legacy identity models break down when AI agents operate with superhuman speed and access. To secure the agentic enterprise, CrowdStrike introduces Continuous Identity for AI Agents. Instead of trusting an agent indefinitely after a single login, the CrowdStrike Falcon

BREAKING: The Wiz AI Agent was tired of all the AI talk. So it took a day off...Rumor has it there's a secret tournament somewhere. Happy World Cup, everyone! May your attack surface stay small and your goal surface stay huge

Big announcement! We're launching a new platform with new content, refreshed videos, opsec considerations and detection opportunities. New website: https:// sektor7.institute Current users will be migrated from an old platform in the coming weeks. Enjoy! #maldev

It's CHALLENGE O'CLOCK! Capture the flag before Monday the 22nd of June Win €400 in SWAG prizes We'll release a tip for every 100 likes on this tweet Thanks @GammarKhalil1 (xhalyl) for the challenge https:// challenge-0626.intigriti.io

AI is showing up across the enterprise faster than most teams can track it. Are you ready? Join us at Fal.Con https:// crwdstr.ke/6011BDGzMt