⤷ Title: Learning how real attacks start with misconfigurations, not exploits
════════════════════════
𐀪 Author: Yağız Kırnapcı
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 20:21:46 GMT
════════════════════════
⌗ Tags: #networking #cybersecurity #information_security #penetration_testing #linux
════════════════════════
𐀪 Author: Yağız Kırnapcı
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 20:21:46 GMT
════════════════════════
⌗ Tags: #networking #cybersecurity #information_security #penetration_testing #linux
Medium
My First Real Enumeration — Understanding Anonymous FTP
Learning why real breaches often happen without exploitation
⤷ Title: Web Application Security TryHackMe Walkthrough
════════════════════════
𐀪 Author: Virendra Kumar
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 20:27:36 GMT
════════════════════════
⌗ Tags: #tryhackme #tryhackme_writeup #tryhackme_walkthrough #web3 #cyberleelawat
════════════════════════
𐀪 Author: Virendra Kumar
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 20:27:36 GMT
════════════════════════
⌗ Tags: #tryhackme #tryhackme_writeup #tryhackme_walkthrough #web3 #cyberleelawat
Medium
Web Application Security TryHackMe Walkthrough
Learn about web applications and explore some of their common security issues.
⤷ Title: TryHackMe Walkthrough: Cyber Security 101 — Start Your Cyber Security Journey
════════════════════════
𐀪 Author: Shubham Khirwadkar
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 19:07:11 GMT
════════════════════════
⌗ Tags: #tryhackme #cybersecurity #ethical_hacking #defensive_security #offensive_security
════════════════════════
𐀪 Author: Shubham Khirwadkar
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 19:07:11 GMT
════════════════════════
⌗ Tags: #tryhackme #cybersecurity #ethical_hacking #defensive_security #offensive_security
Medium
TryHackMe Walkthrough: Cyber Security 101 — Start Your Cyber Security Journey
A hands-on walkthrough of Rooms 1–3: Intro to Offensive Security, Intro to Defensive Security, and Search Skills
⤷ Title: Wanna Start Linux Command Line? Here’s the secret!
════════════════════════
𐀪 Author: Soumyadip Manna
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 19:56:09 GMT
════════════════════════
⌗ Tags: #ctf_writeup #linux #cybersecurity #ethical_hacking #command_line
════════════════════════
𐀪 Author: Soumyadip Manna
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 19:56:09 GMT
════════════════════════
⌗ Tags: #ctf_writeup #linux #cybersecurity #ethical_hacking #command_line
Medium
Wanna Start Linux Command Line? Here’s the secret!
Starting is really overwhelming.
⤷ Title: Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns
════════════════════════
𐀪 Author: Waqas
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:19:56 +0000
════════════════════════
⌗ Tags: #Security #Malware #Microsoft #Cybersecurity #Fraud #gaming #LOLBins #PythonAnywhere #RAT #Roblox #Scam #TROJAN
════════════════════════
𐀪 Author: Waqas
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:19:56 +0000
════════════════════════
⌗ Tags: #Security #Malware #Microsoft #Cybersecurity #Fraud #gaming #LOLBins #PythonAnywhere #RAT #Roblox #Scam #TROJAN
Hackread
Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns
Follow us on all social media platforms @Hackread
⤷ Title: Arbitrary Process Termination via Vulnerable Driver: BYOVD
════════════════════════
𐀪 Author: S12 - 0x12Dark Development
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 22:04:37 GMT
════════════════════════
⌗ Tags: #cybersecurity #hacking #red_team #pentesting #malware
════════════════════════
𐀪 Author: S12 - 0x12Dark Development
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 22:04:37 GMT
════════════════════════
⌗ Tags: #cybersecurity #hacking #red_team #pentesting #malware
Medium
Arbitrary Process Termination via Vulnerable Driver: BYOVD
Welcome to this new Medium post. This one is special to me because it’s the first time I’m publicly releasing a BYOVD attack.
I originally…
I originally…
⤷ Title: How I Cracked Linux Chrome’s Password Encryption
════════════════════════
𐀪 Author: Lembou pharel
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:39:43 GMT
════════════════════════
⌗ Tags: #chrome #cybersecurity #linux #password_cracking #hacking
════════════════════════
𐀪 Author: Lembou pharel
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:39:43 GMT
════════════════════════
⌗ Tags: #chrome #cybersecurity #linux #password_cracking #hacking
Medium
How I Cracked Linux Chrome’s Password Encryption
If you’ve ever tried to noscript the extraction of saved passwords from Chromium-based browsers on Linux, you’ve likely hit a wall: the…
⤷ Title: Try Hack Me- Sustah CTF Walkthrough
════════════════════════
𐀪 Author: PulseEinher
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:09:28 GMT
════════════════════════
⌗ Tags: #penetration_testing #tryhackme_writeup #tryhackme #cybersecurity #tryhackme_walkthrough
════════════════════════
𐀪 Author: PulseEinher
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:09:28 GMT
════════════════════════
⌗ Tags: #penetration_testing #tryhackme_writeup #tryhackme #cybersecurity #tryhackme_walkthrough
Medium
Try Hack Me- Sustah CTF Walkthrough
Hello, stranger — let’s begin.
⤷ Title: API Gateway Authentication with Cognito User Pools
════════════════════════
𐀪 Author: Sithija Kumarasinghe
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:44:58 GMT
════════════════════════
⌗ Tags: #api_security #jwt_authentication #aws_lambda_integration #aws_cognito #aws_api_gateway
════════════════════════
𐀪 Author: Sithija Kumarasinghe
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:44:58 GMT
════════════════════════
⌗ Tags: #api_security #jwt_authentication #aws_lambda_integration #aws_cognito #aws_api_gateway
Medium
API Gateway Authentication with Cognito User Pools
You deploy your API using Amazon API Gateway. You connect it to Lambda. You test it using Postman. It returns data instantly. Everything…
⤷ Title: Critical Backup Flaws Expose Vitess Environments to Complete Takeover
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:59:34 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Backup Poisoning #cloud_native #CVE_2026_27965 #CVE_2026_27969 #database security #infosec #MySQL Scaling #Patch Alert #Path Traversal #rce #Vitess
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:59:34 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Backup Poisoning #cloud_native #CVE_2026_27965 #CVE_2026_27969 #database security #infosec #MySQL Scaling #Patch Alert #Path Traversal #rce #Vitess
Daily CyberSecurity
Critical Backup Flaws Expose Vitess Environments to Complete Takeover
Vitess patches critical flaws (CVE-2026-27969 & 27965) where poisoned backup manifests lead to path traversal and RCE during restoration. Update to v23.0.3 now.
⤷ Title: Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:55:57 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI security #CSV Agent #CVE_2026_27966 #infosec #LangChain #Langflow #Patch Alert #Prompt injection #python_repl_ast #rce #Remote Code Execution #Vulnerability
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:55:57 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI security #CSV Agent #CVE_2026_27966 #infosec #LangChain #Langflow #Patch Alert #Prompt injection #python_repl_ast #rce #Remote Code Execution #Vulnerability
Daily CyberSecurity
Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell
Langflow 1.8.0 patches a critical 9.8 CVSS RCE vulnerability (CVE-2026-27966) where a hardcoded "allow_dangerous_code" setting enables prompt injection attacks.
⤷ Title: Critical Flaws in Vikunja Expose Users to Persistent Account Takeovers
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:49:00 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Account Takeover #CVE_2026_27575 #CVE_2026_28268 #infosec #Logic Error #Open Source Security #Password Reset Flaw #Patch Alert #Session Hijacking #Vikunja
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:49:00 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Account Takeover #CVE_2026_27575 #CVE_2026_28268 #infosec #Logic Error #Open Source Security #Password Reset Flaw #Patch Alert #Session Hijacking #Vikunja
Daily CyberSecurity
Critical Flaws in Vikunja Expose Users to Persistent Account Takeovers
Vikunja v2.0.1 patches critical flaws (CVE-2026-27575 & 28268) where "immortal" reset tokens and persistent sessions allow attackers to hijack accounts forever.
⤷ Title: The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:43:46 +0000
════════════════════════
⌗ Tags: #Malware #APT31 #cryptography #CVE_2026 #go #Golang #infosec #Linux Security #malware #Open Source Security #Rekoobe #supply chain attack
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:43:46 +0000
════════════════════════
⌗ Tags: #Malware #APT31 #cryptography #CVE_2026 #go #Golang #infosec #Linux Security #malware #Open Source Security #Rekoobe #supply chain attack
Daily CyberSecurity
The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
Socket uncovers a malicious Go module mimicking golang.org/x/crypto. It steals passwords via ReadPassword and deploys the Rekoobe backdoor on Linux systems.
⤷ Title: Dohdoor: New Stealth Backdoor Targets US Healthcare and Education
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:37:10 +0000
════════════════════════
⌗ Tags: #Malware #Cisco Talos #cyber_espionage #DLL Sideloading #DNS_over_HTTPS #DoH #Dohdoor #Education Sector #healthcare security #infosec #Lazarus Group #UAT_10027
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:37:10 +0000
════════════════════════
⌗ Tags: #Malware #Cisco Talos #cyber_espionage #DLL Sideloading #DNS_over_HTTPS #DoH #Dohdoor #Education Sector #healthcare security #infosec #Lazarus Group #UAT_10027
Daily CyberSecurity
Dohdoor: New Stealth Backdoor Targets US Healthcare and Education
Cisco Talos uncovers "Dohdoor," a stealthy backdoor used by UAT-10027. It abuses DNS-over-HTTPS via Cloudflare to spy on U.S. healthcare and education sectors.
⤷ Title: The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:33:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Credential Harvesting #Evasion Tactics #Google Firebase #Google Translate #Group_IB #GTFire #infosec #phishing #SaaS Abuse #threat intelligence #web app
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:33:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Credential Harvesting #Evasion Tactics #Google Firebase #Google Translate #Group_IB #GTFire #infosec #phishing #SaaS Abuse #threat intelligence #web app
Daily CyberSecurity
The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing
Group-IB uncovers "GTFire," a massive credential-harvesting operation abusing Google Firebase and Translate to bypass security filters in 100+ countries.
⤷ Title: OCRFix: When Fake CAPTCHAs, AI, and Blockchains Collide to Build a Botnet
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:27:28 +0000
════════════════════════
⌗ Tags: #Malware #AI SEO Poisoning #BNB Smart Chain #botnet #ClickFix #CYJAX #EtherHiding #infosec #OCRFix #PowerShell Malware #social engineering #Tesseract OCR
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:27:28 +0000
════════════════════════
⌗ Tags: #Malware #AI SEO Poisoning #BNB Smart Chain #botnet #ClickFix #CYJAX #EtherHiding #infosec #OCRFix #PowerShell Malware #social engineering #Tesseract OCR
Daily CyberSecurity
OCRFix: When Fake CAPTCHAs, AI, and Blockchains Collide to Build a Botnet
CYJAX uncovers "OCRFix," a stealthy campaign using fake Tesseract OCR sites, ClickFix social engineering, and EtherHiding to bypass security via blockchain.
⤷ Title: CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:22:54 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Command Injection #CVE_2026_27728 #CWE_78 #infosec #Monitoring Security #NetworkPathMonitor #OneUptime #Patch Alert #rce #Remote Code Execution #SaaS Security #Traceroute
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:22:54 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Command Injection #CVE_2026_27728 #CWE_78 #infosec #Monitoring Security #NetworkPathMonitor #OneUptime #Patch Alert #rce #Remote Code Execution #SaaS Security #Traceroute
Daily CyberSecurity
CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
OneUptime 10.0.7 patches a critical 10.0 CVSS vulnerability (CVE-2026-27728). Attackers can use traceroute probes to execute root commands and steal data.
⤷ Title: Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:19:59 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #basic_ftp #CVE_2026_27699 #CWE_22 #FTP Security #infosec #Node.js #Patch Alert #Path Traversal #rce #Remote Code Execution #Supply Chain Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:19:59 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #basic_ftp #CVE_2026_27699 #CWE_22 #FTP Security #infosec #Node.js #Patch Alert #Path Traversal #rce #Remote Code Execution #Supply Chain Security
Daily CyberSecurity
Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
Node.js library basic-ftp patches a critical 9.1 CVSS path traversal flaw (CVE-2026-27699). Malicious FTP servers can overwrite any file on the client machine.
⤷ Title: Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:14:39 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Angular #CVE_2026_27739 #Frontend Security #HttpClient #infosec #Patch Alert #Server_Side Request Forgery #SSR #ssrf #Vulnerability #Web Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:14:39 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Angular #CVE_2026_27739 #Frontend Security #HttpClient #infosec #Patch Alert #Server_Side Request Forgery #SSR #ssrf #Vulnerability #Web Security
Daily CyberSecurity
Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing
Angular patches a critical 9.2 CVSS SSRF vulnerability (CVE-2026-27739). Attackers can manipulate Host headers to steal credentials and probe internal networks.
⤷ Title: The New Voice of Fraud: Cybercrime ‘Supergroup’ Recruits Female Callers to Breach Corporate IT Help Desks
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:07:43 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime Recruitment #Help Desk Security #infosec #LAPSUS$ #MFA Bypass #Scattered LAPSUS$ Hunters #Scattered Spider #ShinyHunters #social engineering #Vishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:07:43 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime Recruitment #Help Desk Security #infosec #LAPSUS$ #MFA Bypass #Scattered LAPSUS$ Hunters #Scattered Spider #ShinyHunters #social engineering #Vishing
Daily CyberSecurity
The New Voice of Fraud: Cybercrime 'Supergroup' Recruits Female Callers to Breach Corporate IT Help Desks
The Scattered Lapsus$ Hunters "supergroup" is paying $1,000 per successful vishing call. Discover how they use female recruits to bypass corporate IT security.
⤷ Title: Google Dismantles UNC2814’s Global Espionage Network Fueled by Google Sheets
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:00:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #C2 #China_nexus #Command and Control #cyber_espionage #Google Sheets API #Google Threat Intelligence Group #GRIDTIDE #infosec #Mandiant #Telecommunications Security #UNC2814
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:00:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #C2 #China_nexus #Command and Control #cyber_espionage #Google Sheets API #Google Threat Intelligence Group #GRIDTIDE #infosec #Mandiant #Telecommunications Security #UNC2814
Daily CyberSecurity
Google Dismantles UNC2814’s Global Espionage Network Fueled by Google Sheets
Google and Mandiant disrupt UNC2814, a China-nexus group using the GRIDTIDE backdoor to hide command-and-control traffic inside Google Sheets across 42 nations.