Infosec.Pub

4,788 readers
113 users here now

To support infosec.pub, please consider donating through one of the following services:

Paypal: jerry@infosec.exchange

Ko-Fi: https://ko-fi.com/infosecexchange

Patreon: https://www.patreon.com/infosecexchange

founded 2 years ago
ADMINS
jerry
shellsharks
modbot
listing: all - local
76
1
Watering Hole Attack Targets EmEditor Users With Information-Stealing Malware (www.trendmicro.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
77
1
Defender Timeline Downloader: Extending Data Retention for Incident Response (www.binaryanalys.is)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
78
1
timeline-downloader: A CLI tool for downloading device timeline events from Microsoft Defender XDR using the unofficial apiproxy feature. (github.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
79
1
VulnLLM-R: Specialized Reasoning LLM for Vulnerability Detection (github.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
80
1
BGP Vortex: Internet Routing Vortices Create Outages by Preventing Convergence (pulse.internetsociety.org)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
81
1
Ransomware: Tactical Evolution Fuels Extortion Epidemic (www.security.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
82
3
A Shared Arsenal: Identifying Common TTPs Across RATs (www.splunk.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
83
1
CTO at NCSC Summary: week ending January 25th (ctoatncsc.substack.com)
submitted 2 days ago by digicat to c/blueteamsec
0 comments fedilink
84
7
AGENTS.md as a dark signal (joshmock.com)
submitted 4 days ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Comments

85
3
Microsoft livre les clés de chiffrement BitLocker au FBI : la confidentialité de Windows pointée du doigt (kulturegeek.fr)
submitted 3 days ago by decio to c/cyberveille
0 comments fedilink
 
 

Microsoft a transmis au FBI les clés de récupération nécessaires pour déverrouiller les supports de stockage chiffrés de trois ordinateurs portables dans le cadre d’une enquête fédérale. Cette coopération, révélée par une affaire de fraude à Guam, met en lumière une faille potentielle dans la protection des données par défaut de Windows 11, où les clés BitLocker sont stockées sur le cloud de l’entreprise et accessibles sur réquisition judiciaire.

86
3
Inside Iran’s APT Network: Profiling the Most Active Iranian State‑Linked Threat Actors (falconfeeds.io)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
87
3
Break LLM Workflows with Claude's Refusal Magic String (hackingthe.cloud)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
88
3
Cyberattack Targeting Poland’s Energy Grid Used a Wiper (www.zetter-zeroday.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
89
5
Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why? (www.malwarebytes.com)
submitted 4 days ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Spammers are abusing Zendesk to flood inboxes with emails from trusted brands. There’s no phishing or malware—just noise.

90
4
Phishing kits adapt to the script of callers (www.okta.com)
submitted 4 days ago by digicat to c/blueteamsec
0 comments fedilink
91
10
Ireland proposes new law allowing police to use spyware (techcrunch.com)
submitted 5 days ago by lemmydev2 to c/pulse_of_truth
1 comments fedilink
 
 

The Irish government announced that it wants to pass a law that would grant police more surveillance powers, such as using spyware to fight serious crime, while aiming to protect the privacy rights of its citizens.

92
5
GNU Guix 1.5.0 released — 2026 — Blog — GNU Guix (guix.gnu.org)
submitted 4 days ago by cm0002@libretechni.ca to c/guix
0 comments fedilink
93
3
Hackers exploit critical telnetd auth bypass flaw to get root (www.bleepingcomputer.com)
submitted 4 days ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. [...]

94
23
Curl shutters bug bounty program to remove incentive for submitting AI slop (www.theregister.com)
submitted 6 days ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Maintainer hopes hackers send bug reports anyway, will keep shaming ‘silly ones’ The maintainer of popular open-source data transfer tool cURL has ended the project’s bug bounty program after maintainers struggled to assess a flood of AI-generated contributions.…

95
2
Swipe, Plug-in, Pwned: Researchers Find New Ways to Hack Vehicles (www.darkreading.com)
submitted 4 days ago by lemmydev2 to c/pulse_of_truth
0 comments fedilink
 
 

Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.

96
1
LNKファイルを介して実行されるマルウェアMoonPeak – MoonPeak malware executed via LNK files (sect.iij.ad.jp)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
97
1
Oracle RCE Vulnerability CVSS 10.0 - affecting Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS (www.oracle.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
 
 
98
1
Scattered Spider Attacks | Infrastructure and TTP Analysis (www.team-cymru.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
99
1
IDA_Plugin_IID_to_String: A plugin for IDA that converts IID/GUID data structures to string and adds comments where the IID is referenced (github.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
100
1
Analysis of Single Sign-On Abuse on FortiOS (www.fortinet.com)
submitted 3 days ago by digicat to c/blueteamsec
0 comments fedilink
view more: ‹ prev next ›