"The art of cyber war is knowing when to strike… and when to reboot." - The Art of Cyber War

📚 SecMisc #

TapTrap Android Tapjacking Attack – Announcing TapTrap, a new attack on Android enabling silent access to device functions like camera or location. It lures users into performing unintended actions without consent. Read More

Evaluating LLM Backend Security Generation – Introducing BaxBench, a benchmark testing state-of-the-art LLM performance in generating secure and correct backends. Includes a leaderboard showing results across different prompt types. Read More

📰 SecLinks #

NGINX Off-By-Slash RCE Misconfiguration – A blog post detailing a vulnerability discovered due to an NGINX misconfiguration. This eventually led to Remote Code Execution (RCE), granting full control over the affected server. Read More

Git Clone Recursive RCE CVE-2025-48384 – Learn about CVE-2025-48384, a vulnerability in Git that can lead to remote code execution if git clone --recursive is used on an untrusted repository on Unix-like platforms. Update Git and embedded software to fixed versions. Read More

Cross-Tenant Compromise via Bucket Squatting – A Google Bug Hunters report detailing a cross-tenant compromise of Application Design Center spaces. The attack vector involved bucket squatting. Read More

Dangers of CSV Injection – An article discussing the often underestimated dangers of CSV Injection. It uses example CSV snippets to illustrate how malicious formulas can be embedded. Read More

Tiki Wiki SSTI Vulnerabilities – Report on two Server-Side Template Injection (SSTI) vulnerabilities affecting Tiki Wiki CMS Groupware. These can be exploited by creating specially crafted wiki pages. Read More

Thoughts on Bug Bounty Hunting – A blog post sharing thoughts, experiences, and perspectives on bug bounty hunting. It aims to answer common questions about getting started and strategies. Read More

Application Attack Matrix for Modern Security – Introducing the Application Attack Matrix aimed at addressing unique threats targeting modern applications. It suggests traditional frameworks struggle with cloud-native, microservices, and API-driven architectures. Read More

Bypassing Google Anti-Adblock Update – A blog post describing a bug found in Chrome that allowed webRequestBlocking to work in MV3. This bug enabled adblockers to function despite Google's anti-adblock updates. Read More

Fortinet FortiWeb SQLi to RCE CVE-2025-25257 – Analysis of CVE-2025-25257, a pre-auth SQL injection vulnerability in Fortinet FortiWeb Fabric Connector. This flaw could potentially lead to RCE. Read More

Supabase MCP Can Leak SQL Database – Discusses how Supabase's Model Context Protocol (MCP) integration can be exploited. An attacker might be able to leak a developer's entire private SQL database. Read More

AI Hallucination Cases Database – A database tracking legal decisions in cases where generative AI produced hallucinated content. It focuses on instances like fake citations in court filings. Read More

The S in MCP Stands for Security – Investigating the security implications of the Model Context Protocol (MCP) integrations, specifically focusing on the reliance on OAuth 2.1 for the authorization layer. Part 2 covers MCP security. Read More

IDOR Leaked 64 Million McDonald's Applications – A writeup detailing how an IDOR vulnerability in the McHire chatbot platform could leak 64 million McDonald's job applications. The platform is used by many McDonald's franchisees. Read More

Bypassing Meta's Llama Firewall – A case study explores prompt injection vulnerabilities, detailing how a Meta Llama firewall was bypassed. This highlights the ongoing challenge of securing AI models against adversarial inputs. Read More

💻 SecGit #

Vulnerability Correlation & CVD Management Tool – A GitHub tool facilitating quick correlation of vulnerabilities from various sources and streamlining Coordinated Vulnerability Disclosure (CVD) management. It's a collaborative platform for security advisories and bundles. Explore on GitHub

Data Exfiltration via DNS OOB – A gist outlining a method for data exfiltration using DNS in Out-Of-Band (OOB) scenarios. It shows how to leverage DNS queries and encoding techniques like hex/base64 to transmit sensitive information when direct communication is unavailable. Explore on GitHub

Bluetooth Mesh Chat & AI Prompts – Explore Bluetooth mesh chat for IRC-like communication and prompts for the Grok chat assistant. Also, discover tools for remote browser session control, cloud drift detection, and policy-based access control on eBPF objects. Explore on GitHub

Go EUVD Library & Security Workflows – Access real-time vulnerability data with a Go library for the ENISA EU Vulnerability Database (EUVD) API. Additionally, find a flexible framework for security teams to build AI-powered workflows. Explore on GitHub

Tailscale for Red Team Ops – A lightweight binary facilitates joining a device to a Tailscale network and exposes a local SOCKS5 proxy. This is designed for red team operations and ephemeral access into restricted environments. Explore on GitHub

Weaponizing WaybackUrls & Container Linter – Discover a tool for weaponizing WaybackUrls for recon, bug bounties, and OSINT, targeting sensitive endpoints. Also, find a container image linter for security to help build best-practice Docker images. Explore on GitHub

← Back to Seclog