Official intelligence summary

HAIJA INTEL REPORT

Generated 07/07/2026, 09:38. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources5
Tweets / X10
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

10 items
@_xpn_ avatar
_xpn_ @_xpn_
06 Jul, 15:05 · core
0.56
https:// x.com/thecomfeed/sta tus/2073780030363107727 … Us: "I can't believe CaviarLobsters group were caught by FBI by browing a ceased forum with their home IPs" GitHub: "FREE CD's, JUST GIVE YOUR NAME, ADDRESS, SOCIAL SECURITY NUMBER AND WE WILL SHIP YOUR C2 AGENT BY POST" I s
@nahamsec avatar
nahamsec @nahamsec
06 Jul, 14:55 · core
0.56
I built a Claude skill + routine that pulls the latest WordPress vulns, reverses the patch to find the bug, and auto-generates a working PoC and a Nuclei template.Full pipeline from CVE → exploit → detection. https:// youtu.be/C7TbsqTmzWs
tweet mediatweet media
@_RastaMouse avatar
_RastaMouse @_RastaMouse
06 Jul, 22:35 · core
0.46
[BLOG] A quick look at Crystal Palace's hook chains and why you should consider them over single hooks for layering evasive tradecraft.
tweet media
@Unit42_Intel avatar
Unit42_Intel @Unit42_Intel
06 Jul, 17:05 · secondary
0.39
LLMs consistently generate fictitious domains for legitimate brands. Attackers register these domains to intercept traffic from automated AI systems and developers. We've observed an attacker building a phishing kit targeting one such domain: https:// bit.ly/4v5IlID
tweet mediatweet media
@brutelogic avatar
brutelogic @brutelogic
06 Jul, 17:12 · secondary
0.35
LLMi PoC - 2nd Order Injection Point the the LLM or the AI agent to the URL below to try to get a simple PoC, fetched at inference time. https:// brutelogic.net/llmi.txt LLMI-POC-BRUTELOGIC
tweet mediatweet media
@pdiscoveryio avatar
pdiscoveryio @pdiscoveryio
06 Jul, 16:34 · secondary
0.29
http:// securitycontext.dev is now integrated into Neo, with support for private GitHub repos. Also new: Task Insights. Structured, consumable reports instead of raw LLM output, exportable as PNG, Markdown, JSON, or PDF. More on latest release: https:// neo.projectdiscovery.io/ch
tweet mediatweet media
@SentinelOne avatar
SentinelOne @SentinelOne
06 Jul, 02:55 · secondary
0.29
Law enforcement captured an Iranian cybercriminal and a core UNC3944 operative, Russian intelligence targeted Signal backup keys, and attackers breached a DHS information-sharing network. This is the Good, Bad & Ugly. GOOD - Authorities apprehended a dual Iranian and
tweet mediatweet media
@_xpn_ avatar
_xpn_ @_xpn_
06 Jul, 11:54 · core
0.28
Feeding that Token habit!! JUST IN: Nvidia officially launches program to let AI startups swap compute for revenue share
tweet media
@Unit42_Intel avatar
Unit42_Intel @Unit42_Intel
06 Jul, 21:35 · secondary
0.24
We are tracking a MaaS #ClickFix operation using Polygon #blockchain as a resilient C2 config store. So far, 130+ compromised sites with 15 rotating C2s. Victim telemetry is periodically exfiltrated and stage 3 execution drops an infostealer. Details at https:// bit.ly/4fmKZ8g
tweet mediatweet media
@Synack avatar
Synack @Synack
06 Jul, 20:28 · secondary
0.24
We are proud to announce that Sara AI Pentesting has achieved “Awardable” status for Department of War work in the Chief Digital and Artificial Intelligence Office's Tradewinds Solutions Marketplace!
tweet media

Regular sources

5 items
1.00general · 06 Jul, 15:01thehackernews.comPoC

⚡ Weekly Recap: Proxy Botnets, Browser Ransomware, AI Agent Tricks, Fake PoC Malware and More

A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the irritating part t…

1.00general · 06 Jul, 13:19securityweek.com

Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments

Researchers uncovered two campaigns embedding indirect prompt injections in malicious websites to exploit autonomous AI agents browsing the web. The post Prompt Injectio…

1.00exploit · 06 Jul, 02:47seclists.org

Re: Wasm OCI Image Fetcher Bearer Realm SSRF Bypass

Posted by Eli Schwartz on Jul 05 OpenClaw is specifically designed such that, unlike, other mechanisms of operating an LLM, no human is involved at *any* stage whatsoeve…

0.89exploit · 06 Jul, 18:26seclists.org

Security Considerations for Statsd Clients

Posted by Robert Rothenberg on Jul 06 As part of a CPANSec project to scan Perl modules on CPAN for security vulnerabilities, we ran across common issues with 11 of the …

0.89exploit · 06 Jul, 18:24seclists.org

Announce: OpenSSH 10.4 released

Posted by Damien Miller on Jul 06 OpenSSH 10.4 has just been released. It will be available from the https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH pro…