0.42
Dirty Frag: A New Universal Linux LPE https:// github.com/V4bel/dirtyfrag
Official intelligence summary
HAIJA INTEL REPORT
Generated 08/05/2026, 09:11. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources9
Tweets / X6
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
6 items
0.39
It's the end of the era of binary trust. Hear Amy and researcher Diana Brown discuss how threat actors are abusing GitHub and Jira to send phishing emails through legitimate infrastructure: https:// cs.co/6013BBcBcV
0.34
Create a folder called (calc). Shift+Right click « Open PowerShell Window here » and boom you have a command injection. @podalirius_ found two command injection vulnerabilities in Windows Explorer's context menus, both exploitable since 9 years.
0.34
I had a few people tag me saying this is novel malware. This is not novel malware. This is like ... malware spearphishing, or something, I don't know a good way to describe it. Regardless, this isn't new. This malware idea of luring in nerds and using mods to deploy malware So a
0.32
Threat actors leverage LLMs to accelerate development of malicious browser extensions. These extensions masquerade as AI tools, exploiting privileges to steal sensitive data. Understand this evolving threat. Read our analysis: https:// bit.ly/3P4J2TB
0.32
Huge Happy 40th to my wife and partner in crime @Emma_Chester . It’s easy to forget that the fun we get to have on the trips, hackathons, publications and research is often supported by someone who looks after the kids during the weeks of travel, listens during the late night
Regular sources
9 itemsWhen prompts become shells: RCE vulnerabilities in AI agent frameworks
New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these vulnerabilities work, what’s impacted, and how to sec…
Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild. The high-severity vulnerability, CV…
Ivanti warns of new EPMM flaw exploited in zero-day attacks
Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks. [...]
Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking
Mitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS platforms. The p…
Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes
Cisco’s AI security researchers have analyzed ways to target vision-language models (VLMs) using pixel-level perturbation. The post Attackers Could Exploit AI Vision Mod…
Nutanix and Palo Alto Networks Integrate for Robust Model Trust
Secure your AI models. The Nutanix and Palo Alto Networks Prisma AIRS integration provides advanced AI Model Security and AI Red Teaming for a secure-by-design AI pipeli…
Otto Support - SSRF and Token Passthrough with MCP
SSRF and token passthrough are not new, but MCP servers are reintroducing them at scale. From a chained SSRF-to-RCE in mcp-atlassian to Microsoft's MarkItDown and OpenCl…
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute ar…
Dirty Frag: Universal Linux LPE
Posted by Hyunwoo Kim on May 07 Hi, This is a report on "Dirty Frag", a universal LPE that allows obtaining root privileges on all major distributions. This vulnerabilit…