HAIJA INTEL REPORT
Tweets / X
10 items














Regular sources
5 items⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part t…
Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments
Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web. The post Prompt Injectio…
Re: Wasm OCI Image Fetcher Bearer Realm SSRF Bypass
Posted by Eli Schwartz on Jul 05 OpenClaw is specifically designed such that, unlike, other mechanisms of operating an LLM, no human is involved at *any* stage whatsoeve…
Security Considerations for Statsd Clients
Posted by Robert Rothenberg on Jul 06 As part of a CPANSec project to scan Perl modules on CPAN for security vulnerabilities, we ran across common issues with 11 of the …
Announce: OpenSSH 10.4 released
Posted by Damien Miller on Jul 06 OpenSSH 10.4 has just been released. It will be available from the https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH pro…