⤷ Title: How I Cracked Linux Chrome’s Password Encryption
════════════════════════
𐀪 Author: Lembou pharel
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:39:43 GMT
════════════════════════
⌗ Tags: #chrome #cybersecurity #linux #password_cracking #hacking
════════════════════════
𐀪 Author: Lembou pharel
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:39:43 GMT
════════════════════════
⌗ Tags: #chrome #cybersecurity #linux #password_cracking #hacking
Medium
How I Cracked Linux Chrome’s Password Encryption
If you’ve ever tried to noscript the extraction of saved passwords from Chromium-based browsers on Linux, you’ve likely hit a wall: the…
⤷ Title: Try Hack Me- Sustah CTF Walkthrough
════════════════════════
𐀪 Author: PulseEinher
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:09:28 GMT
════════════════════════
⌗ Tags: #penetration_testing #tryhackme_writeup #tryhackme #cybersecurity #tryhackme_walkthrough
════════════════════════
𐀪 Author: PulseEinher
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:09:28 GMT
════════════════════════
⌗ Tags: #penetration_testing #tryhackme_writeup #tryhackme #cybersecurity #tryhackme_walkthrough
Medium
Try Hack Me- Sustah CTF Walkthrough
Hello, stranger — let’s begin.
⤷ Title: API Gateway Authentication with Cognito User Pools
════════════════════════
𐀪 Author: Sithija Kumarasinghe
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:44:58 GMT
════════════════════════
⌗ Tags: #api_security #jwt_authentication #aws_lambda_integration #aws_cognito #aws_api_gateway
════════════════════════
𐀪 Author: Sithija Kumarasinghe
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 21:44:58 GMT
════════════════════════
⌗ Tags: #api_security #jwt_authentication #aws_lambda_integration #aws_cognito #aws_api_gateway
Medium
API Gateway Authentication with Cognito User Pools
You deploy your API using Amazon API Gateway. You connect it to Lambda. You test it using Postman. It returns data instantly. Everything…
⤷ Title: Critical Backup Flaws Expose Vitess Environments to Complete Takeover
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:59:34 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Backup Poisoning #cloud_native #CVE_2026_27965 #CVE_2026_27969 #database security #infosec #MySQL Scaling #Patch Alert #Path Traversal #rce #Vitess
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:59:34 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Backup Poisoning #cloud_native #CVE_2026_27965 #CVE_2026_27969 #database security #infosec #MySQL Scaling #Patch Alert #Path Traversal #rce #Vitess
Daily CyberSecurity
Critical Backup Flaws Expose Vitess Environments to Complete Takeover
Vitess patches critical flaws (CVE-2026-27969 & 27965) where poisoned backup manifests lead to path traversal and RCE during restoration. Update to v23.0.3 now.
⤷ Title: Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:55:57 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI security #CSV Agent #CVE_2026_27966 #infosec #LangChain #Langflow #Patch Alert #Prompt injection #python_repl_ast #rce #Remote Code Execution #Vulnerability
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:55:57 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI security #CSV Agent #CVE_2026_27966 #infosec #LangChain #Langflow #Patch Alert #Prompt injection #python_repl_ast #rce #Remote Code Execution #Vulnerability
Daily CyberSecurity
Critical 9.8 Flaw in Langflow’s AI CSV Agent Opens a Direct Path to Root Shell
Langflow 1.8.0 patches a critical 9.8 CVSS RCE vulnerability (CVE-2026-27966) where a hardcoded "allow_dangerous_code" setting enables prompt injection attacks.
⤷ Title: Critical Flaws in Vikunja Expose Users to Persistent Account Takeovers
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:49:00 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Account Takeover #CVE_2026_27575 #CVE_2026_28268 #infosec #Logic Error #Open Source Security #Password Reset Flaw #Patch Alert #Session Hijacking #Vikunja
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:49:00 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Account Takeover #CVE_2026_27575 #CVE_2026_28268 #infosec #Logic Error #Open Source Security #Password Reset Flaw #Patch Alert #Session Hijacking #Vikunja
Daily CyberSecurity
Critical Flaws in Vikunja Expose Users to Persistent Account Takeovers
Vikunja v2.0.1 patches critical flaws (CVE-2026-27575 & 28268) where "immortal" reset tokens and persistent sessions allow attackers to hijack accounts forever.
⤷ Title: The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:43:46 +0000
════════════════════════
⌗ Tags: #Malware #APT31 #cryptography #CVE_2026 #go #Golang #infosec #Linux Security #malware #Open Source Security #Rekoobe #supply chain attack
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:43:46 +0000
════════════════════════
⌗ Tags: #Malware #APT31 #cryptography #CVE_2026 #go #Golang #infosec #Linux Security #malware #Open Source Security #Rekoobe #supply chain attack
Daily CyberSecurity
The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
Socket uncovers a malicious Go module mimicking golang.org/x/crypto. It steals passwords via ReadPassword and deploys the Rekoobe backdoor on Linux systems.
⤷ Title: Dohdoor: New Stealth Backdoor Targets US Healthcare and Education
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:37:10 +0000
════════════════════════
⌗ Tags: #Malware #Cisco Talos #cyber_espionage #DLL Sideloading #DNS_over_HTTPS #DoH #Dohdoor #Education Sector #healthcare security #infosec #Lazarus Group #UAT_10027
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:37:10 +0000
════════════════════════
⌗ Tags: #Malware #Cisco Talos #cyber_espionage #DLL Sideloading #DNS_over_HTTPS #DoH #Dohdoor #Education Sector #healthcare security #infosec #Lazarus Group #UAT_10027
Daily CyberSecurity
Dohdoor: New Stealth Backdoor Targets US Healthcare and Education
Cisco Talos uncovers "Dohdoor," a stealthy backdoor used by UAT-10027. It abuses DNS-over-HTTPS via Cloudflare to spy on U.S. healthcare and education sectors.
⤷ Title: The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:33:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Credential Harvesting #Evasion Tactics #Google Firebase #Google Translate #Group_IB #GTFire #infosec #phishing #SaaS Abuse #threat intelligence #web app
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:33:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Credential Harvesting #Evasion Tactics #Google Firebase #Google Translate #Group_IB #GTFire #infosec #phishing #SaaS Abuse #threat intelligence #web app
Daily CyberSecurity
The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing
Group-IB uncovers "GTFire," a massive credential-harvesting operation abusing Google Firebase and Translate to bypass security filters in 100+ countries.
⤷ Title: OCRFix: When Fake CAPTCHAs, AI, and Blockchains Collide to Build a Botnet
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:27:28 +0000
════════════════════════
⌗ Tags: #Malware #AI SEO Poisoning #BNB Smart Chain #botnet #ClickFix #CYJAX #EtherHiding #infosec #OCRFix #PowerShell Malware #social engineering #Tesseract OCR
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:27:28 +0000
════════════════════════
⌗ Tags: #Malware #AI SEO Poisoning #BNB Smart Chain #botnet #ClickFix #CYJAX #EtherHiding #infosec #OCRFix #PowerShell Malware #social engineering #Tesseract OCR
Daily CyberSecurity
OCRFix: When Fake CAPTCHAs, AI, and Blockchains Collide to Build a Botnet
CYJAX uncovers "OCRFix," a stealthy campaign using fake Tesseract OCR sites, ClickFix social engineering, and EtherHiding to bypass security via blockchain.
⤷ Title: CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:22:54 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Command Injection #CVE_2026_27728 #CWE_78 #infosec #Monitoring Security #NetworkPathMonitor #OneUptime #Patch Alert #rce #Remote Code Execution #SaaS Security #Traceroute
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:22:54 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Command Injection #CVE_2026_27728 #CWE_78 #infosec #Monitoring Security #NetworkPathMonitor #OneUptime #Patch Alert #rce #Remote Code Execution #SaaS Security #Traceroute
Daily CyberSecurity
CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
OneUptime 10.0.7 patches a critical 10.0 CVSS vulnerability (CVE-2026-27728). Attackers can use traceroute probes to execute root commands and steal data.
⤷ Title: Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:19:59 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #basic_ftp #CVE_2026_27699 #CWE_22 #FTP Security #infosec #Node.js #Patch Alert #Path Traversal #rce #Remote Code Execution #Supply Chain Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:19:59 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #basic_ftp #CVE_2026_27699 #CWE_22 #FTP Security #infosec #Node.js #Patch Alert #Path Traversal #rce #Remote Code Execution #Supply Chain Security
Daily CyberSecurity
Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
Node.js library basic-ftp patches a critical 9.1 CVSS path traversal flaw (CVE-2026-27699). Malicious FTP servers can overwrite any file on the client machine.
⤷ Title: Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:14:39 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Angular #CVE_2026_27739 #Frontend Security #HttpClient #infosec #Patch Alert #Server_Side Request Forgery #SSR #ssrf #Vulnerability #Web Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:14:39 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Angular #CVE_2026_27739 #Frontend Security #HttpClient #infosec #Patch Alert #Server_Side Request Forgery #SSR #ssrf #Vulnerability #Web Security
Daily CyberSecurity
Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing
Angular patches a critical 9.2 CVSS SSRF vulnerability (CVE-2026-27739). Attackers can manipulate Host headers to steal credentials and probe internal networks.
⤷ Title: The New Voice of Fraud: Cybercrime ‘Supergroup’ Recruits Female Callers to Breach Corporate IT Help Desks
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:07:43 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime Recruitment #Help Desk Security #infosec #LAPSUS$ #MFA Bypass #Scattered LAPSUS$ Hunters #Scattered Spider #ShinyHunters #social engineering #Vishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:07:43 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime Recruitment #Help Desk Security #infosec #LAPSUS$ #MFA Bypass #Scattered LAPSUS$ Hunters #Scattered Spider #ShinyHunters #social engineering #Vishing
Daily CyberSecurity
The New Voice of Fraud: Cybercrime 'Supergroup' Recruits Female Callers to Breach Corporate IT Help Desks
The Scattered Lapsus$ Hunters "supergroup" is paying $1,000 per successful vishing call. Discover how they use female recruits to bypass corporate IT security.
⤷ Title: Google Dismantles UNC2814’s Global Espionage Network Fueled by Google Sheets
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:00:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #C2 #China_nexus #Command and Control #cyber_espionage #Google Sheets API #Google Threat Intelligence Group #GRIDTIDE #infosec #Mandiant #Telecommunications Security #UNC2814
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:00:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #C2 #China_nexus #Command and Control #cyber_espionage #Google Sheets API #Google Threat Intelligence Group #GRIDTIDE #infosec #Mandiant #Telecommunications Security #UNC2814
Daily CyberSecurity
Google Dismantles UNC2814’s Global Espionage Network Fueled by Google Sheets
Google and Mandiant disrupt UNC2814, a China-nexus group using the GRIDTIDE backdoor to hide command-and-control traffic inside Google Sheets across 42 nations.
⤷ Title: Understanding Torch Dark Web Search and Its Role in Onion Discovery
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:12:57 GMT
════════════════════════
⌗ Tags: #osint #darkweb #infosec #cybersecurity
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:12:57 GMT
════════════════════════
⌗ Tags: #osint #darkweb #infosec #cybersecurity
Medium
Understanding Torch Dark Web Search and Its Role in Onion Discovery
Search on the Tor network works very differently from traditional engines like Google. Indexing is partial, uptime is unstable, and…
⤷ Title: Sensitive Data Exposure Attack Lab: A Hands-On Journey Through Information Leakage and File…
════════════════════════
𐀪 Author: Mohamed Mostafa Sayed Saber Ali
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:52:07 GMT
════════════════════════
⌗ Tags: #python #cybersecurity #ethical_hacking #penetration_testing #web_development
════════════════════════
𐀪 Author: Mohamed Mostafa Sayed Saber Ali
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:52:07 GMT
════════════════════════
⌗ Tags: #python #cybersecurity #ethical_hacking #penetration_testing #web_development
Medium
Sensitive Data Exposure Attack Lab: A Hands-On Journey Through Information Leakage and File Enumeration
Comprehensive walkthrough of sensitive data exposure techniques, from decompiling Python bytecode to null byte injection
⤷ Title: Steel Mountain -TryHackMe Writeup
════════════════════════
𐀪 Author: Hemantha Krishna Challa
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:15:01 GMT
════════════════════════
⌗ Tags: #ethical_hacking #tryhackme #cybersecurity #tryhackme_walkthrough #tryhackme_writeup
════════════════════════
𐀪 Author: Hemantha Krishna Challa
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:15:01 GMT
════════════════════════
⌗ Tags: #ethical_hacking #tryhackme #cybersecurity #tryhackme_walkthrough #tryhackme_writeup
Medium
Steel Mountain -TryHackMe Writeup
Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation…
⤷ Title: TryHackMe: Monday Monitor Challenge Room Walkthrough
════════════════════════
𐀪 Author: Drew Arpino
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #cybersecurity #wazuh #tryhackme #tryhackme_writeup #tryhackme_walkthrough
════════════════════════
𐀪 Author: Drew Arpino
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #cybersecurity #wazuh #tryhackme #tryhackme_writeup #tryhackme_walkthrough
Medium
TryHackMe: Monday Monitor Challenge Room Walkthrough
Wazuh SIEM Forensics: Investigating Persistence, Credential Dumping, and Exfiltration with Atomic Red Team.
⤷ Title: Rate Limiting Your Rails API with Rack::Attack gem
════════════════════════
𐀪 Author: Talha Khalid
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:52:59 GMT
════════════════════════
⌗ Tags: #api_rate_limiting #api_security #ruby_on_rails #web_development #rubygems
════════════════════════
𐀪 Author: Talha Khalid
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:52:59 GMT
════════════════════════
⌗ Tags: #api_rate_limiting #api_security #ruby_on_rails #web_development #rubygems
Medium
Rate Limiting Your Rails API with Rack::Attack gem
Rate limiting is a fundamental aspect of API security and stability. Without it, endpoints are vulnerable to brute force attacks…
⤷ Title: How I Found a Broken Object Level Authorization (BOLA) in a Real Production App
════════════════════════
𐀪 Author: 77r4sed
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:56:04 GMT
════════════════════════
⌗ Tags: #bugbounty_writeup #idor_vulnerability #bug_bounty #bug_bounty_hunter #bug_bounty_tips
════════════════════════
𐀪 Author: 77r4sed
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:56:04 GMT
════════════════════════
⌗ Tags: #bugbounty_writeup #idor_vulnerability #bug_bounty #bug_bounty_hunter #bug_bounty_tips
Medium
How I Found a Broken Object Level Authorization (BOLA) in a Real Production App
This is the write-up of how I found a Broken Object Level Authorization (BOLA) vulnerability that allowed cross-account cart manipulation…