Official intelligence summary

HAIJA INTEL REPORT

Generated 05/05/2026, 09:11. Pipeline: Europe/Belgrade. Regular sources favor exploit, blog, red-team, and attack-path content. CVE items only stay with exploit signal.
Total items15
Regular sources9
Tweets / X6
Threshold0.62
You can save this report in your browser with the favorite button. If you need a shared favorite list, use the CLI helper.

Tweets / X

6 items
@nahamsec avatar
nahamsec @nahamsec
04 May, 14:54 · core
0.56
Plug in Gmail, Calendar, Notion, your whole life, and one phishing email can hijack the agent and walk out with your password resets, 2FA codes, and crypto wallet recovery. @TakSec broke down a real POC he got paid for https:// youtu.be/_3TfHEfVvCQ
tweet media
open on X
@nahamsec avatar
nahamsec @nahamsec
04 May, 17:43 · core
0.50
Learn how to hijack an AI agent with a single email. Join me and @nahamsec as we dive into hacking 3rd-party connectors in AI agents Plug in Gmail, Calendar, Notion, your whole life, and one phishing email can hijack the agent and walk out with your password resets, 2FA codes, an
tweet media
open on X
@h4x0r_dz avatar
h4x0r_dz @h4x0r_dz
04 May, 11:53 · core
0.42
1 months ago I've discovered a critical vulnerability in @MezoNetwork 's AssetsBridge precompile which could have led to a direct theft of $1,753,958.4 ($40m if no ratelimit). happy to share the security advisory (includes full report + PoC) and mezo post-mortem write-up.
tweet media
open on X
@taviso avatar
taviso @taviso
04 May, 16:54 · secondary
0.39
I wrote a quick exploit PoC and sent it to the developers, but I really think the correct solution is in the browsers
tweet media
open on X
@Bugcrowd avatar
Bugcrowd @Bugcrowd
04 May, 16:46 · secondary
0.39
A long time ago, in a shell far, far away… A red teamer decided it was time to prove they were ready. CrowdForce is Bugcrowd’s elite red team, and we’re looking for hackers with the skills to execute the greatest attack simulations, adapt under pressure, and collaborate
tweet media
open on X
@_dirkjan avatar
_dirkjan @_dirkjan
04 May, 22:22 · core
0.34
Today is a good day! #AADGraphActivityLogs are finally there! @_dirkjan : We finally get the opportunity to hunt you down Schema: https:// learn.microsoft.com/en-us/azure/az ure-monitor/reference/tables/aadgraphactivitylogs …
tweet media
open on X

Regular sources

9 items
1.00exploit · 04 May, 18:58seclists.orgPoC

Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation)

Posted by Emily Shepherd on May 04 Was the PoC of the exploit / some description of its severity not made available by the reporter to the security team / maintainer whe…

primary
1.00general · 04 May, 17:00microsoft.comAttack pathResearch

Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise

Microsoft Defender Research observed a large-scale credential theft campaign that exemplifies this trend, using code of conduct-themed lures, a multi-step attack chain, …

primary
1.00general · 04 May, 16:23thehackernews.comRCEAttack path

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill swi…

primary
1.00general · 04 May, 13:28bleepingcomputer.comPoCWild exploit

CISA says ‘Copy Fail’ flaw now exploited to root Linux systems

CISA has warned that threat actors have started exploiting the "Copy Fail" Linux security vulnerability in the wild, one day after Theori researchers disclosed it and sh…

primary
0.92general · 04 May, 13:57thehackernews.comAttack path

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The…

primary
0.89exploit · 04 May, 19:03seclists.org

Re: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16

Posted by Sam James on May 04 Sam James writes: I am interested in feedback on whether using my own judgement is acceptable for bringing these to oss-security, where I b…

primary
0.89exploit · 04 May, 19:00seclists.org

Fwd: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16

Posted by Sam James on May 04 The most significant one here seems to be the first entry under "Fixed in Postfix 3.8, 3.9, 3.10:". -------------------- Start of forwarded…

primary
0.89exploit · 04 May, 03:12seclists.org

Fwd: mutt 2.3.2 released

Posted by Sam James on May 03 In the ChangeLog [0], all of these are listed as security fixes. """ 2026-04-26 10:45:26 +0800 Kevin J. McCarthy (4a9c9248) * Update UPDATI…

primary
0.84general · 04 May, 06:30helpnetsecurity.com

What researchers learned about building an LLM security workflow

Security operations centers are running into the same wall everywhere. Detection tools generate more alerts than analysts can work through, and the early stages of any i…

primary