How I Scanned all of GitHub’s "Oops Commits" for Leaked Secrets
https://ift.tt/tE6Dx2I

Submitted July 02, 2025 at 12:28AM by sh0n1z
via reddit https://ift.tt/RWczrnB

Critical RCE in Anthropic MCP Inspector (CVE-2025-49596) Enables Browser-Based Exploits | Oligo Security
https://ift.tt/anNGjcm

Submitted July 02, 2025 at 05:52AM by cov_id19
via reddit https://ift.tt/qmNfBvi

Google Warns: Critical Chrome Flaw Letting Hackers Take Over PCs Is Already Being Exploited
https://ift.tt/Otmxjl9

Submitted July 02, 2025 at 12:46PM by Fabulous_Bluebird931
via reddit https://ift.tt/szpLEx8

"schizophrenic" zip files. Different contents depending on your archive reader.
https://ift.tt/Z3Du19c

Submitted July 02, 2025 at 06:08PM by 2FalseSteps
via reddit https://ift.tt/IC0DQ3g

Azure API vulnerability and built-in roles misconfiguration enable corporate network takeover
https://ift.tt/iUf6pR3

Submitted July 02, 2025 at 07:34PM by Apprehensive-Side840
via reddit https://ift.tt/TK3QUGj

EscapeRoute: How we found 2 vulnerabilities in Anthropic’s Filesystem MCP Server (CVE-2025-53109 & CVE-2025-53110)
https://ift.tt/1tcwZb4

Submitted July 02, 2025 at 11:12PM by Fun_Preference1113
via reddit https://ift.tt/Ubdz86P

GitPhish: Automating Enterprise GitHub Device Code Phishing
https://ift.tt/16H2hRt

Submitted July 03, 2025 at 01:04AM by IrohsLotusTile
via reddit https://ift.tt/kGPudtT

/r/netsec's Q3 2025 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted July 03, 2025 at 01:02AM by netsec_burn
via reddit https://ift.tt/hPr2e4I

How Coinbase's $400M Problem Started in an Indian Call Center
https://ift.tt/BOlTmgR

Submitted July 03, 2025 at 01:48PM by vowskigin
via reddit https://ift.tt/MKUdVBt

Applocker bypass on Lenovo machines – The curious case of MFGSTAT.zip
https://ift.tt/pskXUvo

Submitted July 03, 2025 at 07:39PM by oddvarmoe
via reddit https://ift.tt/uELDThW

Instagram uses expiring certificates as single day TLS certificates
https://ift.tt/2LeCsqN

Submitted July 04, 2025 at 02:43AM by tootac
via reddit https://ift.tt/6kKnGHw

Feedback Requested: DevSecOps Standard RFP from OMG
https://ift.tt/SrWF3Gz

Submitted July 04, 2025 at 05:45AM by DidoSolutionsSocial
via reddit https://ift.tt/naKM7Zr

Web Metadata search - search for headers, web apps, CMSs, and their versions
https://ift.tt/bJyIVKE?

Submitted July 04, 2025 at 09:33AM by rmddos
via reddit https://ift.tt/WidFERG

CVE-2025-32462: sudo: LPE via host option
https://ift.tt/iMKuPxB

Submitted July 04, 2025 at 02:07PM by ljulolsen
via reddit https://ift.tt/6MEo4WH

Tokyo Ghoul — TryHackMe CTF Walkthrough | Web Exploitation & Privilege Escalation
https://ift.tt/s3LWuyN

Submitted July 04, 2025 at 07:21PM by insidemango_
via reddit https://ift.tt/Z9PesUh

How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) - watchTowr Labs
https://ift.tt/iQv7OCg

Submitted July 05, 2025 at 12:50AM by dx7r__
via reddit https://ift.tt/hFuJo48

Schizophrenic ZIP file - Yet Another ZIP Trick Writeup
https://ift.tt/e2qGNVy

Submitted July 06, 2025 at 09:15PM by Beneficial_Cattle_98
via reddit https://ift.tt/IjGnzox

This Linux boot flaw bypasses Secure Boot and full disk encryption but the fix is easy
https://ift.tt/NXSEaC5

Submitted July 07, 2025 at 01:04AM by brianfagioli
via reddit https://ift.tt/u2q6vMZ

État de l’art sur le phishing Azure en 2025 (partie 2) – Étendre l’accès
https://ift.tt/8KBrGY6

Submitted July 07, 2025 at 03:10AM by MobetaSec
via reddit https://ift.tt/n5cbQag

CVE-2025-5777, aka CitrixBleed 2, Deep-Dive and Indicators of Compromise
https://ift.tt/y3n57la

Submitted July 07, 2025 at 07:03PM by scopedsecurity
via reddit https://ift.tt/SuO3NW5

How I Discovered a Libpng Vulnerability 11 Years After It Was Patched
https://ift.tt/uhlpCzS

Submitted July 07, 2025 at 08:02PM by unknownhad
via reddit https://ift.tt/NVUfXFK