Official intelligence summary

HAIJA INTEL REPORT

Generated 13/07/2026, 09:23. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources3
Tweets / X12
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

12 items
@_xpn_ avatar
_xpn_ @_xpn_
10 Jul, 11:49 · core
0.66
Cloudflare Drop just launched, temporary static site hosting (expires after 60 minutes) without an account, just drop your assets and go. Red Teamers... GO GO GO GO!!! https:// cloudflare.com/drop/ Example: … https://dro p-4638acd5-ef1.aback-arch.workers.dev
tweet mediatweet media
@_xpn_ avatar
_xpn_ @_xpn_
10 Jul, 03:15 · core
0.66
Detection Engineers, time to increase the suspicious score for all the cloudflare workers URLs Cloudflare Drop just launched, temporary static site hosting (expires after 60 minutes) without an account, just drop your assets and go. Red Teamers... GO GO GO GO!!! https:// cloudfla
tweet media
@brutelogic avatar
brutelogic @brutelogic
11 Jul, 13:37 · secondary
0.43
This Week on BRute Logic LLMi PoC - 2nd Order Injection https:// x.com/BRuteLogic/sta tus/2074149381675110792 … OBroken - OAuth Authorization Bypass Scanner https:// x.com/BRuteLogic/sta tus/2074274003649171852 … AI Slop Has No Place in Security https:// x.com/BRuteLogic/sta tus/
tweet media
@SpecterOps avatar
SpecterOps @SpecterOps
10 Jul, 02:46 · core
0.40
Just a few weeks until #BHUSA. If you've been thinking about sharpening your detection strategy, now's the time. Join our Tradecraft Analysis training to learn how Windows attack techniques work under the hood and build stronger detection coverage. https:// ghst.ly/43eLw5s
tweet mediatweet media
@SentinelOne avatar
SentinelOne @SentinelOne
11 Jul, 00:08 · secondary
0.35
Law enforcement executed a massive global crackdown on financial fraud, a new phishing service targeted Microsoft 365 with device-code tactics, and rival state-sponsored actors converged on Pakistani police networks. This is the Good, Bad & Ugly. GOOD - Spanish
tweet mediatweet media
@_RastaMouse avatar
_RastaMouse @_RastaMouse
12 Jul, 21:18 · core
0.34
10 years at @Steel_Con this year and it was a blast as ever, great to see many folks as per. @myexploit2600 and @_RastaMouse always great to catch you both!
tweet mediatweet media
@_RastaMouse avatar
_RastaMouse @_RastaMouse
12 Jul, 16:33 · core
0.34
Now UK Gov wants to force platforms like YouTube to give priority to state-owned broadcasters when serving recommended content.
tweet media
@_RastaMouse avatar
_RastaMouse @_RastaMouse
11 Jul, 13:28 · core
0.28
I’m actually learning cloud stuff from @myexploit2600 !
tweet mediatweet media
@SpecterOps avatar
SpecterOps @SpecterOps
10 Jul, 19:42 · core
0.28
This week's #BloodHoundBasics post comes courtesy of @_wald0 BloodHound has been free and open source software for nearly 10 years! Our latest version, BloodHound CE v9.4.0, is free and open source under the Apache 2.0 license: https:// ghst.ly/3SR9CRS
tweet media
@vxunderground avatar
vxunderground @vxunderground
12 Jul, 18:26 · secondary
0.24
God I love Microsoft so much This is yet another thing we can abuse for malware. Imagine someone mounts their phone with this and we have a payload that steals data from their phone Thank you so much Microsoft, this is awesome NEW: Microsoft is planning to integrate your smartpho
tweet media
@nahamsec avatar
nahamsec @nahamsec
12 Jul, 21:01 · core
0.20
Ben Sadeghipour @NahamSec · 12h 6 2 89 9.2K
tweet media
@_RastaMouse avatar
_RastaMouse @_RastaMouse
12 Jul, 15:58 · core
0.20
New video: App Execution Aliases. Type notepad, get the Store one, not the System32 one. Why? App Execution Aliases.
tweet media

Regular sources

3 items
1.00general · 10 Jul, 16:19thehackernews.comTradecraftAttack path

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws

Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable…

1.00general · 10 Jul, 06:30helpnetsecurity.comAttack path

Only 28% of financial workforce MFA is phishing-resistant

Passwords remain part of many workforce authentication flows in financial organizations, making phishing and credential theft major identity security risks, according to…

0.98exploit · 12 Jul, 18:552 mentionsseclists.org

Re: Skillable SCORM launch: userId parameter not validated against session token allows allocation bypass and cross-user DoS

Posted by Solar Designer on Jul 12 Hi, I'm sorry I let this message through (as a moderator). It shouldn't be in here since it's about a hosted service and lacks open so… | Posted by gregdurys . security on Jul 12 Skillable (formerly Learn on Demand Systems) is a hosted lab- provisioning service integrated into learning management systems o…