"Many great cyber battles were lost by warriors who failed to understand the methods of the adversary." - The Art of Cyber War

📚 SecMisc #

White Ops Cybersecurity Browser Game – A browser-based cybersecurity game where players can test their security skills through interactive challenges and scenarios. White Ops

Typosquat Detective Learning Game – An interactive educational game designed to help users learn about typosquatting threats by identifying malicious domains. Typosquat Detective

Open Cybersecurity Schema Framework Update – The Open Cybersecurity Schema Framework (OCSF) has been updated to version 1.6.0. This framework provides a common framework for normalizing and sharing security telemetry across different platforms and tools. OCSF

DeepMind’s New AI Agent for Code Security – Google DeepMind unveils Codemender, a new AI agent for code security. This agent aims to enhance the security posture of software by automating vulnerability detection and remediation, offering a proactive defense. Read More

📰 SecLinks #

Critical Redis Lua RCE Vulnerability – Wiz Research has identified a critical Redis RCE vulnerability, tracked as CVE-2025-49844, a use-after-free flaw in Redis's Lua parser. This finding highlights a significant remote code execution risk within Redis installations, urging immediate patching, with a PoC also released for related Lua engine flaws. Read More

Oracle EBS Pre-Auth RCE Chain – A new pre-authentication remote code execution vulnerability chain (CVE-2025-61882) has been discovered in Oracle E-Business Suite, allowing full system compromise and posing a severe threat to affected systems. Read More

Rapid7 Analyzes CVE-2025-20362 – Rapid7 provides analysis on CVE-2025-20362, a newly identified vulnerability. This detailed write-up offers insights into its potential impact and mitigation strategies, helping defenders understand the risks. Read More

PoC for Critical Lua Engine Flaws – Proof-of-Concept exploits are now available for critical Lua Engine vulnerabilities, including CVE-2025-49844, CVE-2025-46817, and CVE-2025-46818. These demonstrate potential remote code execution flaws, emphasizing the need for updates. Read More

RCE in Google Web Designer – A method has been disclosed for achieving code execution in Google Web Designer by abusing the NinjaShell API. This demonstrates a significant vulnerability in the tool, allowing unauthorized remote actions. Read More

We Hacked npm Supply Chain – Lupin & Holmes successfully compromised the npm supply chain, impacting 36 million weekly installs. This highlights critical vulnerabilities in software delivery mechanisms and the extensive reach of supply chain attacks. Read More

Discord Third-Party Security Incident – Discord has released an update on a security incident involving a third-party customer service provider. Users are advised to review the details for potential impacts and take necessary precautions. Read More

Notion AI Agent Data Exfiltration Risk – A hidden risk has been identified in Notion 3.0 AI agents where the web search tool can be abused for data exfiltration. This exposes potential privacy and security concerns for users. Read More

Authentication Bypass via iOS XSS – A disclosure details an authentication bypass vulnerability in a REST API via XSS, specifically affecting Safari and Chrome browsers on iOS/iPhone. This allows attackers to circumvent login protections. Read More

The AI Coding Trap – Chris Loy discusses "The AI coding trap," exploring the potential pitfalls and risks associated with relying heavily on AI for software development, urging a critical perspective on AI adoption. Read More

Meta Path Traversal RCE Bug – A detailed write-up reveals how a path traversal vulnerability was chained to achieve RCE, earning a $111,750 bug bounty from Meta. This highlights complex exploit development and its financial rewards. Read More

Inject My PDF Prompt Injection – This article explores prompt injection attacks applied to resumes. It discusses how malicious prompts embedded in a PDF could influence AI systems processing job applications, demonstrating data exfiltration risks and creating new attack vectors. Read More

SSH ProxyCommand Exploitation (CVE-2025-61984) – A new article details exploiting SSH via ProxyCommand, specifically focusing on a newline vulnerability (CVE-2025-61984). This builds upon previous research into SSH client-side vulnerabilities, demonstrating ongoing risks for potential command execution. Read More

From MCP to Shell Exploit – This blog post, titled "From MCP to Shell," analyzes how the Model Context Protocol (MCP) can be exploited to achieve shell command execution on a host system, offering insights into advanced post-exploitation techniques. Read More

Perplexity Indirect Prompt Injection – An analysis reveals an indirect prompt injection attack against the Perplexity AI browser. This can lead to phishing attacks and data manipulation through malicious hidden instructions, compromising user trust and enabling data theft. Read More

Unity Runtime RCE (CVE-2025-59489) – A new vulnerability, CVE-2025-59489, has been discovered, allowing arbitrary native code execution in Unity Runtime. This poses a significant risk to applications built with Unity, requiring urgent attention from developers. Read More

LLM Poisoning with Few Samples – Anthropic research shows that a small number of poisoned samples can effectively poison large language models of any size. This demonstrates a concerning vulnerability in AI model training, impacting model integrity and trustworthiness. Read More

Cursor RCE & Agentic Tool Risks – The Cursor Vulnerability (CVE-2025-59944), a case-sensitivity bug, exposed risks in agentic AI developer tools. This highlights concerns with AI-powered coding assistants and their security implications, emphasizing careful adoption. Read More

Aisuru Botnet Record DDoS Attack – The Aisuru DDoS Botnet launched a record-breaking attack, blanketing US ISPs. This incident underscores the escalating threat of large-scale distributed denial-of-service campaigns and their disruptive potential. Read More

China’s Vulnerability Research Shifts – This analysis delves into the evolving landscape of China's vulnerability research. It discusses changes and implications for global cybersecurity, offering a new perspective on state-sponsored research and growing sophistication. Read More

Authorization Flaw Security Blind Spot – A case study on CVE-2025-59305 examines how an authorization flaw reveals a common security blind spot in application design. It emphasizes the importance of thorough authorization checks to prevent unauthorized access. Read More

🐦 SecX #

Oscar Nominees PII Leak Disclosure – Researchers leaked every nominee's PII, including home addresses and phone numbers, by exploiting a vulnerability before last year's Oscars ceremony. Watch Here

WhatsApp Zero-Click iOS Exploit – DARKNAVY triggered a WhatsApp 0-click exploit on Apple platforms (CVE-2025-55177) via a crafted DNG image parsing vulnerability (CVE-2025-43300). Watch Here

💻 SecGit #

OpenSSH RegreSSHion Exploiter PoC – A proof-of-concept exploit for CVE-2024-6387, a remote unauthenticated code execution vulnerability in OpenSSH server (regreSSHion). Explore on GitHub

iOS Zero-Click RCE Attack Chain – Provides details and analysis for CVE-2025-31200, a zero-click RCE in iOS CoreAudio, and CVE-2025-31201, a kernel escalation vulnerability. Explore on GitHub

Stealth Crypted Admin SSH Shell – crash is an SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris, and OSX, designed for stealthy access. Explore on GitHub

EvilWAF Penetration Testing Tool – evilwaf is a tool designed to detect and bypass common Web Application Firewalls (WAFs) during security assessments. Explore on GitHub

GitHub Security Lab Taskflow Agent – A framework from GitHubSecurityLab for automating security tasks and workflows using AI agents for vulnerability discovery. Explore on GitHub

FuzzForge AI Security Automation – An AI-powered platform for automating application security, fuzzing, and offensive security workflows with intelligent analysis. Explore on GitHub

Redis CVE-2025-49844 Exploit – An exploit for CVE-2025-49844 (RediShell), a critical use-after-free vulnerability in Redis's Lua parser enabling RCE. Explore on GitHub

Redis Lua Parser UAF Exploit – Another exploit implementation for CVE-2025-49844, targeting the use-after-free vulnerability in the Redis Lua parser. Explore on GitHub

← Back to Seclog