How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories #CodeRabbit #RCE #RepoHack #AIReviewTool #Cybersecurity https://kudelskisecurity.com/research/how-we-exploited-coderabbit-from-a-simple-pr-to-rce-and-write-access-on-1m-repositories
Kudelskisecurity
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories - Kudelski Security Research Center
Aug 19, 2025 - Nils Amiet -
Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer #AWSResourceExplorer #CloudTrail #StealthyEnumeration #APILogging #CloudSecurity https://securitylabs.datadoghq.com/articles/enumerating-aws-the-quiet-way-cloudtrail-free-discovery-with-resource-explorer/
Datadoghq
Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer
Discover how attackers could quietly enumerate AWS resources via Resource Explorer, and how Datadog and AWS worked together to close the visibility gap.
Copilot Broke Your Audit Log, but Microsoft Won’t Tell You #CopilotSecurityFlaw #MicrosoftAuditLog #DataIntegrityRisk #VendorTransparency #CybersecurityAlert https://pistachioapp.com/blog/copilot-broke-your-audit-log
Pistachio
Copilot Broke Your Audit Log, but Microsoft Won’t Tell You
Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault #Commvault #RCE #PreAuth #Vulnerabilities #DataProtection https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/?123
watchTowr Labs
Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault
We’re back, and we’ve finished telling everyone that our name was on the back of Phrack!!!!1111
Whatever, nerds.
Today, we're back to scheduled content. Like our friendly neighbourhood ransomware gangs and APT groups, we've continued to spend irrational…
Whatever, nerds.
Today, we're back to scheduled content. Like our friendly neighbourhood ransomware gangs and APT groups, we've continued to spend irrational…
Engineered to Fail: The DNA of Negligent Cyber Defenses https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Medium
Engineered to Fail: The DNA of Negligent Cyber Defenses
Intro
how i found a europa.eu compromise (thanks to cricket) #SEOPoisoning #EuropaEU #DevServerSecurity #IncidentResponse #BugReporting https://blog.himanshuanand.com/2025/11/how-i-found-a-europa.eu-compromise-thanks-to-cricket/
Himanshu Anand :: Threat Notes
how i found a europa.eu compromise (thanks to cricket)
TLDR
While looking for a way to stream the India vs Pakistan cricket match on 14th September 2025, I stumbled across a suspicious search result on a europa.eu dev subdomain. It was being abused for blackhat SEO and redirecting users to scam streaming sites.…
While looking for a way to stream the India vs Pakistan cricket match on 14th September 2025, I stumbled across a suspicious search result on a europa.eu dev subdomain. It was being abused for blackhat SEO and redirecting users to scam streaming sites.…
🔥2
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in Major Password Managers https://socket.dev/blog/password-manager-clickjacking
Socket
Researcher Exposes Zero-Day Clickjacking Vulnerabilities in ...
Hacker Demonstrates How Easy It Is To Steal Data From Popular Password Managers
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) #DockerEscape #CVE20259074 #SSRF #UnauthenticatedAPI #WindowsDocker https://blog.qwertysecurity.com/Articles/blog3.html
Silent Harvest: Extracting Windows Secrets Under the Radar #SilentHarvest #EDREvasion #WindowsSecrets #RegistryHacking #RedTeaming https://sud0ru.ghost.io/silent-harvest-extracting-windows-secrets-under-the-radar/
Sud0Ru
Silent Harvest: Extracting Windows Secrets Under the Radar
Once you gain a foothold on a Windows host, the next objective is often to compromise additional machines. The fastest way to achieve this is by harvesting credentials and other secrets for reuse. However, nowadays, most known techniques for collecting Windows…
A step by step guide how to hack webhooks #Webhooks #Security #Hacking #BugBounty #ThreatHunting https://blog.himanshuanand.com/2025/09/a-step-by-step-guide-how-to-hack-webhooks/
Himanshu Anand :: Threat Notes
A step by step guide how to hack webhooks
Practical guide for hunters and defenders: hunting webhooks, detection, PoC examples and mitigations.
Countering EDRs With The Backing Of Protected Process Light (PPL) #PPL #EDREvasion #DefenderBypass #ProcessProtection #RedTeaming https://www.zerosalarium.com/2025/08/countering-edrs-with-backing-of-ppl-protection.html
Zerosalarium
Countering EDRs With The Backing Of Protected Process Light (PPL)
Abusing the Clipup.exe program by using the CreateProcessAsPPL.exe tool to destroy the executable file of the EDRs, Antivirus.
AI Assisted Development - FAFO #AIAssistedDev #Vibecoding #WireguardVPN #MultiCloudDeployment #ClaudeAI https://blog.zsec.uk/ai-assisted-dev/
ZephrSec - Adventures In Information Security
AI Assisted Dev aka Vibecoding
I used Claude to build ProxyGen, a multi-cloud WireGuard VPN tool. It needed tweaks but showed how far AI vibecoding can go, flaws and all.
Malware Analysis, Phishing, and Email Scams #PhishingEvolution #AIEvasion #PromptInjection #AIDefenses #EmailSecurity https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/
Malware Analysis, Phishing, and Email Scams
Phishing Emails Are Now Aimed at Users and AI Defenses
Phishing has always been about deceiving people. But in this campaign, I discovered something new. The attackers weren’t only targeting users, they also attempted to manipulate AI-based defences. T…
🔥1
Security Alert | NX Compromised to Steal Wallets and Credentials #NXCompromise #CredentialTheft #SupplyChainAttack #SecurityAdvisory #Semgrep https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/
Semgrep
Security Alert | NX Compromised to Steal Wallets and Credentials
What is s1ngularity-repository? Nx is compromised and the malware steals wallets and API keys using Claude CLI or Gemini.
Magecart Skimmer Analysis: From One Tweet to a Campaign #Magecart #WebSkimming #JavaScriptMalware #ThreatHunting #ECommerceSecurity https://blog.himanshuanand.com/2025/09/magecart-skimmer-analysis-from-one-tweet-to-a-campaign/
Himanshu Anand :: Threat Notes
Magecart Skimmer Analysis: From One Tweet to a Campaign
Starting Point It all began with a tweet:
sdcyberresearch on X
This tweet hinted at a Magecart-style campaign involving malicious JavaScript injection to skim payment data.
Initial Sample The noscript was hosted at:
https://www.cc-analytics[.]com/app.js
The…
sdcyberresearch on X
This tweet hinted at a Magecart-style campaign involving malicious JavaScript injection to skim payment data.
Initial Sample The noscript was hosted at:
https://www.cc-analytics[.]com/app.js
The…
🔥1
IPv4/IPv6 Packet Fragmentation: Detection & Reassembly #IPFragmentation #PacketReassembly #PacketSmith #IPv4IPv6 #NetworkAnalysis https://packetsmith.ca/ip_frag_reassembly/
PacketSmith
IP Fragmentation Detection & Reassembly - PacketSmith
IPv4/IPv6 Packet Fragmentation: Detection & Reassembly Introduction A packet can be broken into smaller pieces, or fragments, at the network layer (by the IPv4 and IPv6 protocols) to fit within a specific Maximum Transmission Unit (MTU). For IPv4, a packet’s…
This House is Haunted: a decade old RCE in the AION client #AIONRCE #LuaExploit #HousingSystem #LegacyVulnerability #PrivateServers https://appsec.space/posts/aion-housing-exploit/
appsec & stuff
This House is Haunted: a decade old RCE in the AION client
TL;DR I found a RCE in the AION client starting from 3.0 (not confirmed the latest version vulnerable) using the built-in housing system. Private servers are still vulnerable. Important Note In the initial version of this post I wrote that the housing system…
The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) #CrushFTP #CVE202554309 #RaceCondition #AdminBypass #ExploitedInWild https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/
watchTowr Labs
The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309)
On July 18, 2025, users of CrushFTP woke up to an announcement:
As we’ve all experienced in 2025, 2025 has been the year of vendors burying their heads in the sand with regard to in-the-wild exploitation, even in the face of impressively indisputable evidence…
As we’ve all experienced in 2025, 2025 has been the year of vendors burying their heads in the sand with regard to in-the-wild exploitation, even in the face of impressively indisputable evidence…
Referral Beware, Your Rewards are Mine (Part 1) #ReferralPrograms #SecurityVulnerabilities #BusinessLogicFlaws #ReferralHijacking #WebExploits https://rhinosecuritylabs.com/research/referral-beware-your-rewards-are-mine-part-1/
Rhino Security Labs
Referral Beware, Your Rewards are Mine (Part 1)
Referral rewards programs are nearly ubiquitous today, from consumer tech to SaaS companies, but are rarely given much security oversight.