Giving an LLM Command Line Access to Nmap
https://ift.tt/Wu1J6w8
Submitted June 14, 2025 at 03:49AM by thewanderer1999
via reddit https://ift.tt/DJP1KLH
https://ift.tt/Wu1J6w8
Submitted June 14, 2025 at 03:49AM by thewanderer1999
via reddit https://ift.tt/DJP1KLH
HackerTarget.com
Giving an LLM Command Line Access to Nmap | HackerTarget.com
What would it look like giving LLM's command line access to Nmap. Explore the possibilities in the security tools space.
Make Self-XSS Great Again
https://ift.tt/Ne1MTt0
Submitted June 14, 2025 at 02:06PM by AlmondOffSec
via reddit https://ift.tt/7tVduyS
https://ift.tt/Ne1MTt0
Submitted June 14, 2025 at 02:06PM by AlmondOffSec
via reddit https://ift.tt/7tVduyS
blog.slonser.info
Make Self-XSS Great Again
Disclaimer: This article is intended for security professionals conducting authorized testing within the scope of a contract. The author is not responsible for any damage caused by the application of the provided information. The distribution of malicious…
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
https://ift.tt/axQgb2G
Submitted June 14, 2025 at 09:39PM by cy1337
via reddit https://ift.tt/btPhV4j
https://ift.tt/axQgb2G
Submitted June 14, 2025 at 09:39PM by cy1337
via reddit https://ift.tt/btPhV4j
Medium
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
Back in April, I shared a walkthrough on how to make a Ghidra noscript for spotting suspicious malloc calls. I then put that noscript to the…
Input on using the ROT and network connection to hack voting and tabulating software and hardware.
https://ift.tt/aGB516u
Submitted June 15, 2025 at 10:14AM by RobbyRock75
via reddit https://ift.tt/LP1X6MQ
https://ift.tt/aGB516u
Submitted June 15, 2025 at 10:14AM by RobbyRock75
via reddit https://ift.tt/LP1X6MQ
Substack
She Won. They Didn't Just Change the Machines. They Rewired the Election.
How Leonard Leo's 2021 sale of an electronics firm enabled tech giants to subvert the 2024 election.
GoClipC2 - Clipboard for C2 on Windows in Go
https://ift.tt/eoPcHyg
Submitted June 15, 2025 at 04:43PM by Fit-Cut9562
via reddit https://ift.tt/NutUkZQ
https://ift.tt/eoPcHyg
Submitted June 15, 2025 at 04:43PM by Fit-Cut9562
via reddit https://ift.tt/NutUkZQ
ZephrSec - Adventures In Information Security
Clippy Goes Rogue (GoClipC2)
GoClipC2: A covert Windows clipboard-based C2 channel for VDI/RDP environments. Bypasses network monitoring with encrypted Base64 messaging.
Hosting images inside dns records using TXT.
https://ift.tt/BmXVxN2
Submitted June 16, 2025 at 01:57AM by Ok-Mushroom-8245
via reddit https://ift.tt/n3uSKtW
https://ift.tt/BmXVxN2
Submitted June 16, 2025 at 01:57AM by Ok-Mushroom-8245
via reddit https://ift.tt/n3uSKtW
Asherfalcon
Asher Falcon
Asher Falcon's personal website - Software engineer and student
How to run ADB and fastboot in Termux without root
https://ift.tt/tjHqsN9
Submitted June 16, 2025 at 01:51PM by barakadua131
via reddit https://ift.tt/vwS9ATc
https://ift.tt/tjHqsN9
Submitted June 16, 2025 at 01:51PM by barakadua131
via reddit https://ift.tt/vwS9ATc
Mobile Hacker
How to Run ADB and Fastboot on a Non-Rooted Android Smartphone Using Termux
Thanks to Termux and the clever termux-adb project, you can run ADB and Fastboot directly from your phone — no computer needed. This guide breaks down how to install it, how it works, and practical use cases.
Telegram messenger's ties to Russia's FSB revealed in new report
https://ift.tt/8eP91lS
Submitted June 16, 2025 at 11:17PM by darkhorn
via reddit https://ift.tt/xynh0BH
https://ift.tt/8eP91lS
Submitted June 16, 2025 at 11:17PM by darkhorn
via reddit https://ift.tt/xynh0BH
Newsweek
Telegram messenger's ties to Russia's FSB revealed in new report
A cybersecurity expert warned Telegram could become "a tool for global surveillance of messenger users."
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://ift.tt/5YXo9Jt
Submitted June 17, 2025 at 02:46PM by ES_CY
via reddit https://ift.tt/dK30jag
https://ift.tt/5YXo9Jt
Submitted June 17, 2025 at 02:46PM by ES_CY
via reddit https://ift.tt/dK30jag
Cyberark
Is your AI safe? Threat analysis of MCP (Model Context Protocol)
Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform - watchTowr Labs
https://ift.tt/6tsHRXj
Submitted June 17, 2025 at 03:43PM by dx7r__
via reddit https://ift.tt/oLfMNds
https://ift.tt/6tsHRXj
Submitted June 17, 2025 at 03:43PM by dx7r__
via reddit https://ift.tt/oLfMNds
watchTowr Labs
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
Welcome to June! We’re back—this time, we're exploring Sitecore’s Experience Platform (XP), demonstrating a pre-auth RCE chain that we reported to Sitecore in February 2025.
We’ve spent a bit of time recently looking at CMS’s given the basic fact that they…
We’ve spent a bit of time recently looking at CMS’s given the basic fact that they…
CVE-2025-34508: Another File Sharing Application, Another Path Traversal
https://ift.tt/9N451Fl
Submitted June 17, 2025 at 08:40PM by dinobyt3s
via reddit https://ift.tt/Emxzo4u
https://ift.tt/9N451Fl
Submitted June 17, 2025 at 08:40PM by dinobyt3s
via reddit https://ift.tt/Emxzo4u
Horizon3.ai
Path Traversal Vulnerability Discovered in ZendTo
Learn how Horizon3.ai uncovered CVE-2025-34508 in ZendTo, allowing attackers to access sensitive files through a path traversal flaw.
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://ift.tt/HVJyNez
Submitted June 18, 2025 at 03:48AM by alexlash
via reddit https://ift.tt/Dkufv6c
https://ift.tt/HVJyNez
Submitted June 18, 2025 at 03:48AM by alexlash
via reddit https://ift.tt/Dkufv6c
Substack
Yes, Wallets Can Be Hacked Too
Wallets solved the card problem. But they created new ones.
Fault Injection - Follow the White Rabbit
https://ift.tt/NPnFpfd
Submitted June 18, 2025 at 01:56PM by 0xdea
via reddit https://ift.tt/jTE4zsA
https://ift.tt/NPnFpfd
Submitted June 18, 2025 at 01:56PM by 0xdea
via reddit https://ift.tt/jTE4zsA
HN Security
Fault Injection - Follow the White Rabbit - HN Security
Intro A few months ago, I read the work of Jeroen Delvaux, Cristofaro Mune, Mario Romero, and Niek Timmers on […]
The Jitter-Trap: How Randomness Betrays the Evasive
https://ift.tt/GQFId8M
Submitted June 19, 2025 at 01:04AM by Varonis-Dan
via reddit https://ift.tt/DnyC4hA
https://ift.tt/GQFId8M
Submitted June 19, 2025 at 01:04AM by Varonis-Dan
via reddit https://ift.tt/DnyC4hA
Varonis
The Jitter-Trap: How Randomness Betrays the Evasive
Discover how Varonis researchers detect stealthy beacon traffic by analyzing jitter patterns, turning evasion tactics into powerful behavioral detection signals.
Sleepless Strings - Template Injection in Insomnia
https://ift.tt/Gv75gRY
Submitted June 19, 2025 at 12:14PM by _pimps
via reddit https://ift.tt/pAwRdIq
https://ift.tt/Gv75gRY
Submitted June 19, 2025 at 12:14PM by _pimps
via reddit https://ift.tt/pAwRdIq
Tanto Security
Sleepless Strings - Template Injection in Insomnia
A Template Injection vulnerability in the latest version of Kong's Insomnia API Client leads to Remote Code Execution.
AntiDot Android Malware Analysis
https://ift.tt/gQjVsZD
Submitted June 20, 2025 at 12:41AM by small_talk101
via reddit https://ift.tt/Gw5OtJy
https://ift.tt/gQjVsZD
Submitted June 20, 2025 at 12:41AM by small_talk101
via reddit https://ift.tt/Gw5OtJy
Frida 17.2.0 Released
https://ift.tt/F2E5dQ4
Submitted June 20, 2025 at 03:55AM by oleavr
via reddit https://ift.tt/VHr9PG5
https://ift.tt/F2E5dQ4
Submitted June 20, 2025 at 03:55AM by oleavr
via reddit https://ift.tt/VHr9PG5
Frida • A world-class dynamic instrumentation toolkit
Frida 17.2.0 Released
Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX
CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
https://ift.tt/yHNfhZS
Submitted June 21, 2025 at 04:42PM by unknownhad
via reddit https://ift.tt/MNBD2pU
https://ift.tt/yHNfhZS
Submitted June 21, 2025 at 04:42PM by unknownhad
via reddit https://ift.tt/MNBD2pU
Unexpected security footguns in Go's parsers
https://ift.tt/QEARouj
Submitted June 21, 2025 at 06:26PM by albinowax
via reddit https://ift.tt/jV1TCZ3
https://ift.tt/QEARouj
Submitted June 21, 2025 at 06:26PM by albinowax
via reddit https://ift.tt/jV1TCZ3
The Trail of Bits Blog
Unexpected security footguns in Go's parsers
File parsers in Go contain unexpected behaviors that can lead to serious security vulnerabilities. This post examines how JSON, XML, and YAML parsers in Go handle edge cases in ways that have repeatedly resulted in high-impact security issues in production…
🚨 Hack Our Smart Contract, Keep the ETH – $500K Open-Source Heist Challenge Is Live
https://foom.cash/hack
Submitted June 21, 2025 at 11:43PM by RideEatSleepRepeat
via reddit https://ift.tt/GHdWRS5
https://foom.cash/hack
Submitted June 21, 2025 at 11:43PM by RideEatSleepRepeat
via reddit https://ift.tt/GHdWRS5
Series 2: Implementing the WPA in RAWPA - Part 2
https://ift.tt/KXpEmPu
Submitted June 22, 2025 at 04:47AM by Dark-stash
via reddit https://ift.tt/Rj9wFHV
https://ift.tt/KXpEmPu
Submitted June 22, 2025 at 04:47AM by Dark-stash
via reddit https://ift.tt/Rj9wFHV
Rodney’s Intuition
Series 2: Implementing the WPA in RAWPA - Part 2
What’s up, everyone? I’m back with Part 2 on implementing the Web Penetration Assistant (WPA) logic in RAWPA. Last time, we talked about the initial steps, and now, I’ve got some major updates to share.