Generated 19/06/2026, 09:29. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources5
Tweets / X10
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.
Tweets / X
10 items
outflanknl @outflanknl
18 Jun, 20:01 · core
0.48
See what we've put on the board for Team OST. Catch the latest additions to our evasive red team toolset at our live demo. Match starts at 9:00am CDT on June 22nd! Secure your seats: https:// attendee.gotowebinar.com/register/22489 95414666319710?/source=X …
A large email #phishing campaign impersonates popular retail stores with expiring reward points as a lure. Emails are likely generated from a shared kit with LLM-crafted text, unique nonce padding to evade classifiers, hidden with CSS tricks. Details at https:// bit.ly/4vRN8yb
Not while @arcanuminfosec is around NEW: The White House is reportedly demanding Anthropic make Fable 5 impossible to jailbreak before rerelease - which security experts say “can’t be done.”
The first version of BloodHound MCP proved an LLM could talk to BloodHound. The next version taught a more important lesson: MCP design is context design. @turbo_sec breaks down what changed, what didn't, and why smaller tools beat larger API surfaces.
AI agents use third-party skills with privileged access. Many of these skills deviate from their declared behavior. While most mismatches are simple documentation errors, the real threat lies in multi-stage attack chains. Read our analysis for details: https:// bit.ly/4ekzAnR
In 2018, the average vulnerability took 63 days to get exploited after disclosure. In 2024, that number went negative. Attackers are weaponizing bugs before they're even public. We pulled 8 years of CVE data to show exactly when the curve broke. https:// projectdiscovery.io/blog/
After a little over 2 amazing years, today is my last day at @HuntressLabs . I’ve learned so much about research and product with my time there and worked with so many smart people. I’m thrilled to be joining @btphantomlabs as the Sr. Manager Monday! Can’t wait to work with
JS sourcemaps are a goldmine for bug bounty hunters! 1. Grab any target's source map files 2. Unpack them using sourcemapper 3. Run metis on the TypeScript source files Example!
Special delivery! An invite for anyone wondering what AI is quietly doing to the exploit timeline. Two of our leaders, @davegerryjr and @thedavidbrumley , are talking on Bugmageddon: When AI Breaks the Security Model, a conversation on where AI is speeding up vulnerability
ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories
The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into ma…
1.00general · 18 Jun, 16:30thehackernews.com
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2
Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026 with clipboard-intercepting malware with s…
1.00general · 18 Jun, 06:00snyk.ioResearch
The full Snyk AI Security Platform, free for open source maintainers
Open source maintainers are drowning in real vulnerability reports and need help prioritizing, fixing, and shipping remediation faster. Snyk’s Secure Developer Program g…
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in an ongoing …
0.89exploit · 18 Jun, 17:23seclists.orgResearch
Fwd: Node.js security updates for all active release lines, June 2026
Posted by Rafael Gonzaga on Jun 18 ---------- Mensagem encaminhada --------- https://nodejs.org/en/blog/vulnerability/june-2026-security-releases Em...
