Official intelligence summary

HAIJA INTEL REPORT

Generated 03/07/2026, 09:34. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources9
Tweets / X6
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

6 items
@SpecterOps avatar
SpecterOps @SpecterOps
02 Jul, 22:45 · core
0.60
To defend Azure & Entra ID, you first need to understand how attackers see them. Join our Azure training at #BHUSA & learn the misconfigs adversaries look for through hands-on labs built around real-world attack paths. https:// ghst.ly/4y15ZZv
tweet mediatweet media
@Unit42_Intel avatar
Unit42_Intel @Unit42_Intel
02 Jul, 01:36 · secondary
0.49
Impersonated "System Administrator" #phishing abuses Teams to seize remote control of victim's machine to deploy #EtherRAT via a malicious MSI/PowerShell, with its C2 hidden in an Ethereum smart contract. An open dir exposes the actor's malware. Details at https:// bit.ly/4v6cfN6
tweet mediatweet media
@SpecterOps avatar
SpecterOps @SpecterOps
02 Jul, 23:02 · core
0.42
ICYMI: @hdmoore joined #KnowYourAdversary to discuss why defenders need to think beyond vulnerabilities. From RunZeroHound & BloodHound OpenGraph to OT security, hidden exposure, & AI, this episode explores the relationships attackers exploit. : http:// ghst.ly/4g9XtkB
tweet media
@Jhaddix avatar
Jhaddix @Jhaddix
02 Jul, 19:22 · core
0.42
Spent some time in @flaresystems 's new CTI Intelligence Browser today. One thing I liked: I could start with a threat actor and pivot through campaigns, malware, IOCs, and dark web activity without bouncing between four different tools or losing context. That's the gap I see
tweet media
@_xpn_ avatar
_xpn_ @_xpn_
02 Jul, 13:15 · core
0.42
We gave GPT-5.5-Cyber a single /goal: find a specific class of bugs in zlib, the compression library used by Linux, macOS, iOS, and Git. It built a fuzzing lab in less than a day, a task that takes a skilled researcher weeks. Patch the Planet field report by Benjamin Samuels:
tweet media
@Rapid7 avatar
Rapid7 @Rapid7
02 Jul, 15:54 · secondary
0.39
Threat actors are integrating AI into their exploit chains. Rapid7's Red Team is doing the same. A newly formalized multi-agent system follows our pen testing methodology end-to-end - from scoping an engagement to validating findings & generating reports:
tweet media

Regular sources

9 items
1.00general · 02 Jul, 17:04securityweek.comPoC

New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure

Hackers are targeting NetScaler appliances using public PoC code to retrieve arbitrary memory content in the HTTP response. The post New CitrixBleed Vulnerability Exploi…

1.00general · 02 Jul, 15:32rapid7.comResearch

Formalizing Red Teaming Offensive Methodology as a Multi-Agent AI Architecture

Threat actors are integrating AI into their exploit chains, accelerating reconnaissance, automating vulnerability discovery, and scaling social engineering in ways that …

1.00general · 02 Jul, 12:52bleepingcomputer.comRCE

CISA: Microsoft SharePoint RCE flaw now actively exploited

CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability patched in May. [...]

1.00general · 02 Jul, 11:13thehackernews.comRCEResearch

AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operat…