someone built an entire AI RED TEAM - multiple agents that coordinate HACKING ATTACKS together, ZERO human input PentAGI, open source, one agent does recon, another scans, another exploits, another writes the report. they talk to each other and adapt based on what they find it

my professor gave me a C on my EE assignment today but hey, here we go, a little artifact i coded this morning! it's a ray tracer

Inside the takedown of RaccoonO365: How Phishing-as-a-Service fuels ransomware’s engine microsoft.com/en-us/corporat…

Kerberos remains one of the most targeted authentication mechanisms. Understanding its weaknesses is still essential. labs.lares.com/fear-kerberos-…

The article(securelist.com/keenadu-androi…) highlights how firmware-level threats undermine Android's security model and expose interconnections among large-scale Android botnet operations.Keenadu is a sophisticated Android backdoor embedded directly into device firmware, primarily

Need a SYSTEM shell? Just ask your EDR! CVE-2025-13176: ESET Inspect Connector looks for an OpenSSL config in a user-writable path. It’s an easy LPE that loads your payload directly into the EDR process. by Manuel labs.infoguard.ch/advisories/cve…

DumpBrowserSecrets v1.2 is out: • Custom SQLite file format parser, replacing sqlite-amalgamation. • Encrypted output packs for offline decryption. • Configurable extraction limits per category. • Bug fixes. github.com/Maldev-Academy…

Random things which could be helpful - conditional breakpoint for if a particular module is present in a stack - e.g., "break on X function if Y module is in the stack" bp /w "@$curthread.Stack.Frames.Any(f => …ributes.SourceInformation.Module.Name.Contains(\"MODULENAME\"))" TARGETFUNCTION

GatewayToHeaven: 在 GCP 的 Apigee 中发现跨租户漏洞 | Omer Amiad 的博客 --- GatewayToHeaven: Finding a Cross-Tenant Vulnerability in GCP's Apigee | Omer Amiad's Blog omeramiad.com/posts/gatewayt…

Every Entra ID assessment ends here: “How do I get a token without triggering Conditional Access controls?” 🤔 Lee Robinson built CAPSlock, an offline ROADrecon-based Conditional Access engine that simulates sign-ins & flags gaps without touching the tenant. ghst.ly/4aKIk64

Who’s using nmap, metasploit, sqlmap, hydra in their red teams? 😅

many such cases, for every audit we get, if we see claude.md/agents.md we know its a gold mine.

CVE-2025-13176: Local Privilege Escalation in ESET Inspect EDR LPE vulnerability in the ESET Inspect Connector for Windows (versions prior to 3.0.5765) due to the ElConnector.exe process (running as SYSTEM) attempting to load an OpenSSL configuration file from a non-existent

New in the Knowledge Library: Looking Into Windows Access Masks Pavel Yosifovich Where they show up (handles + ACEs), how to inspect them (Process Explorer, security UI, debugger), and why “ALL_ACCESS” is often the wrong default. trainsec.net/library/window…

SCOUT: An Obsidian-Based Second Brain for CyberSecurity Analysts and Professionals github.com/kcyerrid/SCOUT

CVE-2026-2441 PoC Chrome CSSFontFeatureValuesMap Use-After-Free github.com/huseyinstif/CV…

Process Preluding: Child Process Injection Before The Story Begins originhq.com/blog/process-p…

🚨 In conducting 0 day research against #Grandstream GXP1600 VoIP phones, Rapid7 Labs discovered CVE-2026-2329. The unauthenticated stack-based buffer overflow vuln ultimately allows an attacker to intercept phone calls and eavesdrop on audio. Read on: r-7.co/4tIzope

Today we are disclosing CVE-2026-2329, a critical unauthenticated stack-based buffer overflow vulnerability affecting the Grandstream GXP1600 series of VoIP phones. Check out our disclosure over on the Rapid7 blog, including technical details for unauthenticated RCE, and

CPR has discovered that certain AI assistants that support web browsing or URL fetching can be abused as covert command-and-control relays (“AI as a proxy”), allowing attacker traffic to blend seamlessly into legitimate, commonly permitted enterprise communications.