📚 SecMisc #

HEX.DANCE - Cybersecurity visualization and analysis platform. More

📰 SecLinks #

Node.js Privilege Escalation - Permissions can be bypassed via arbitrary code execution through abusing libuv signal pipes. Read More

New VPN Backdoor - Analysis of a newly discovered VPN backdoor affecting multiple networks. Read More

Smartphone Security for Protesters - A guide for activists on securing their smartphones against surveillance. Read More

Docker 1-Click RCE Chain - Developing an exploit chain for remote code execution in Docker environments. Read More

BLAST AI-powered SAST Scanner - Whitepaper on BLAST, a new AI-powered static analysis security testing scanner. Read More

Enhancing OWASP Noir with AI - Leveraging large language models (LLMs) to improve OWASP Noir. Read More

🐦 SecX #

DeepSeek Data Leak - DeepSeek's internal ClickHouse database was publicly exposed, leaking sensitive information. Read More

DeepSeek Database Breach - Wiz Research reports a massive security issue exposing secret keys and private logs. Read More

Malicious Web Injects - Analysis of new web inject malware campaigns, including #KongTuke and #SocGholish. Read More

2FA QR Code Security Flaw - A vulnerability exposing customer emails in plaintext due to a flawed QR code implementation. Read More

💻 SecGit #

iOS Shortcuts Exploits - A collection of exploits and unknown tricks within the iOS Shortcuts app. Explore on GitHub

gitC2 - Simple GitHub C2 - Proof-of-concept of a GitHub-based command-and-control system written in Rust. Explore on GitHub

Physical Bitcoin Attacks - A comprehensive repository on physical security threats to Bitcoin holders. Explore on GitHub

OSV Scanner Action - A GitHub action to scan dependencies for known vulnerabilities using OSV. Explore on GitHub

Tweet Machine - A tool to retrieve deleted tweets, old bios, and timestamped posts even if an account is suspended. Explore on GitHub

← Back to Seclog