HAIJA INTEL REPORT

Testing an LLM once is easy. Testing it consistently is harder. Neeraj Gupta's latest GhostWorks research introduces Jailbreaker, an open-source platform built to make jailbreak, prompt injection, & agent behavior testing repeatable and easier to manage.

New Kongtuke #ClickFix campaign sideloads Havoc C2 using signed WinWrapIDE binary. The evasive loader uses window cloaking, sandbox sleep, and native callback evasion to run a memory-only #infostealer. Details at https:// bit.ly/4v3tles

New report out today by Jake, Dino, Ahmed Farouk, @MittenSec , @angelo_violetti , and @r3nzsec . From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira A user searching for ManageEngine OpManager was led to a fake download site and installed a trojanized

oh sorry if youre a threat intel nerd, or anti malware nerd, who is designated to track potential state sponsored activity in south america final payload: 5a979c309aff96456ba4482653fc213997387956c24e376645e4e0cfaa6b878a obfuscated js payload (fragmented utf16le):

We have been quiet, but we have not forgotten you. We're back, and with us we bring our flagship Hunting Zero-Days in Embedded Devices course... but this time, it's online and on-demand! More information below (& a massive launch discount code in the thread)

“What do you get when you hand a protocol fuzzer to Claude Code?” You’ll find out at #SummerCon. Shad Malloy is unveiling a new open-source Sparkplug B fuzzer and sharing what AI-assisted protocol research actually looks like: the wins, the frustrations, and a live demo on real

Can you build an AI security tool in a weekend? Yes. Can you run it for a year? That's the question we're unpacking. Join the conversation: Watch the breakdown: http:// projectdiscovery.io/webinars/build -vs-buy … Read the analysis: http:// projectdiscovery.io/whitepapers/bu ild-

In september @MCTTP_Con - we will reveal our latest research about USB Co-Installer and Driver vulnerability exploitation for Privilege Escalation. Super happy to work together with @KlezVirus on that research!

Thrilled to announce that @m4st3rspl1nt3r and I are bringing "CRLF-Powered Desync Attacks: Beheading HTTP Streams" to @defcon . These techniques are producing some truly horrific case studies and we can't wait to share them with you from the main stage!

> get dm > "government ppl in Colombia getting weird file" > lolwtf > send link > look inside > phishing page (looks good tho tbh) > image 1 > i dont speak spanish, idk wtf it says > look inside .html > .zip hidden inside it as base64 > lol ok > bonk with stick > "Oficio 2231"

On Tuesday I'm sitting down with @flaresystems showing the patterns I use in building Blue Team & CTI Agents with AI. 2-hour session. Free. June 30, 12 - 2 PM EDT. https:// flare.registration.goldcast.io/webinar/d268d6 30-4f35-4b20-9c36-537a047d956d?utm_campaign=46213466-WB%20-%…

Five years ago, we started a conference with a single conviction: the research should speak for itself. Five years later, we have our answer. A real research-led community. @labscon_io 2026 is the final chapter, with the strongest program yet. Researchers, defenders, and the

Chat, I don't want to jump to conclusions, but I have a sneaking suspicion this malware stager was vibe coded. Historically, malware hasn't left extremely descriptive comments in their stagers.