"In cyber warfare, deception is the strongest firewall." - The Art of Cyber War

📚 SecMisc #

HTTP/1.1 Insecure, New Desync Attacks – HTTP/1.1 is described as inherently insecure. James Kettle will reveal new classes of desync attack that compromised multiple CDNs. Read More

Django Celebrates 20th Birthday – The popular web framework, Django, celebrates its 20th birthday. The project began with its first public commit on July 13th, 2005, and has since seen over 400 releases. djangoproject.com

MITRE AADAPT™ for Digital Assets – MITRE AADAPT™ is a knowledge base outlining adversary tactics and techniques for digital asset management systems. Modeled after MITRE ATT&CK®, it complements existing frameworks with real-world attack data. mitre.org

📰 SecLinks #

XSS Persists in Frameworks Era – Despite robust defensive mechanisms in frameworks, XSS still persists. New developments like React v19 disabling javascript: scheme URLs aim to neutralize more attack vectors. Read More

Next.js Race-Condition Exploitation Research – A new research piece details the conditioned exploitation of an intended race-condition in the Next.js framework, aiming to bypass previous patches. Read More

Cloudflare 1.1.1.1 Outage Post-Mortem – Cloudflare explains the 1.1.1.1 incident on July 14, 2025, attributing the outage to a misconfiguration of legacy systems used for advertising its IP addresses. Read More

Homebrew Misused in macOS Malware Campaign – A recent incident reveals that Homebrew, a popular macOS package manager, was misused to deliver macOS malware, adding to cases where this trusted tool has been exploited. Read More

Weaponizing Windows Drivers for Exploitation – This guide explains how to analyze and exploit vulnerable drivers in Windows, detailing their role in interfacing with the kernel. Read More

Git Clone Recursive RCE Vulnerability – A new critical vulnerability, CVE-2025-48384, allows remote code execution on Unix-like platforms via git clone --recursive on untrusted repositories. Read More

XBOW: AI-Powered Security Pentester – XBOW is introduced as an AI-powered security pentester designed to automate and enhance web application security efforts. Read More

Phishing with Gemini Prompt Injection – A prompt-injection vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions in emails, which, when summarized, appends a fake phishing warning. Read More

Passkey Encryption with Typage (Age) – Typage is a TypeScript implementation of the age file encryption format, supporting native age recipients, passphrase encryption, and ASCII armoring. It runs across various JavaScript runtimes and browsers. filippo.io

OpenAI Bio Bug Bounty Program – OpenAI has launched a bio bug bounty to strengthen safeguards for advanced AI in biology, inviting researchers to find a "universal jailbreak" for its models. Read More

Critical RCE in MCP-Remote Project – JFrog Security discovered CVE-2025-6514, a critical (CVSS 9.6) RCE vulnerability in the mcp-remote project, posing a full system compromise risk. Read More

Understanding CodeQL for Vulnerability Analysis – This summary provides a flow chart detailing how CodeQL does its magic to unearth vulnerabilities. Read More

💻 SecGit #

Android RE Workbench for VS Code – APKLab integrates Android reverse-engineering tools directly into VS Code. Explore on GitHub

Chrome X-Browser-Validation Reversing – A toolkit for reverse-engineering Chrome's private x-browser-validation header used for integrity checks. Explore on GitHub

Docker Layer Exploration Tool – Dive inspects each layer in a Docker image for optimization and security analysis. Explore on GitHub

Playwright Captcha Automation Solution – Solves Cloudflare Turnstile/Interstitial and reCAPTCHA v2/v3 challenges via click or API. Explore on GitHub

BotBrowser Bypasses Anti-Bot Protections – A modified Chromium core designed to evade Cloudflare, Akamai, hCaptcha, and reCAPTCHA. Explore on GitHub

Zip Smuggling via LNK Files – Embeds hidden data in zip files that can be extracted via PowerShell using Windows shortcuts. Explore on GitHub

Detecting Copied Code Across Repos – Vendetect identifies vendored or copy-pasted code, with or without attribution. Explore on GitHub

Open-Source CVE Monitoring Platform – OpenCVE is a platform to track and receive alerts on new vulnerabilities. Explore on GitHub

← Back to Seclog