CVE-2026-1749 There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission. https://t.co/hWnpEkU1kc
Introducing Project Glasswing: an urgent initiative to help secure the world’s most critical software.
It’s powered by our newest frontier model, Claude Mythos Preview, which can find software vulnerabilities better than all but the most skilled humans.
https://t.co/NQ7IfEtYk7
Super cool work by @s3bsrt
HTTP trailers can be a blind spot. Proxies usually ignore them, but backend servers will happily merge them into the main headers, letting you sneak payloads right past security filters.
Blog link 👇
https://t.co/gpLb4G2Ksm
A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets.
A step-by-step guide to exploiting a 20-year-old bug in the Linux kernel to achieve full privilege escalation and container escape, plus a cool bug-hunting heuristic.
https://t.co/IxURrHpBT0
Today we are disclosing CVE-2026-2329, a critical unauthenticated stack-based buffer overflow vulnerability affecting the Grandstream GXP1600 series of VoIP phones. Check out our disclosure over on the @rapid7 blog, including technical details for unauthenticated RCE, and accompanying @metasploit modules: https://t.co/BqIcxVKv7x
Graham Helton has just published a disclosure of a Kubernetes vulnerability that allows running arbitrary commands in any pod in a cluster using a common "read-only" RBAC permission. And this vulnerability won't be assigned a CVE, meaning Kubernetes won't receive a fix 🤷♂️
https://t.co/vQsbf8U3wR
But there is a silver lining. Graham prepared a short auxiliary post that focuses specifically on the reproduction, and it's an iximiuz Labs tutorial: https://t.co/Zze2ybpkXP 💙
We definitely need more security researchers publishing exploit reproductions as code labs anyone can run and verify!
Cross-Site ETag Length Leak
https://t.co/RYofmHVh6T
I just posted the author writeup for impossible-leak in SECCON CTF 14 Quals. As far as I know, this is a new XS-Leak technique! The ETag header can become a side channel :)
I’ve updated my blog post about CVE-2025-9501 and included bypasses for all W3 Total Cache versions up to and including the latest 2.8.15. #wordpress#security
https://t.co/PVBnKi0rO8
My very first blog post is live: https://t.co/tQgJZpuDos
During research, I've run into and documented a simple universal SQLite Injection RCE trick. Enjoy!
N-day Analysis about Synology Beestation RCE (CVE-2024-50629~50631) by legendary DEVCORE 🎃 🍊
Thanks to @u1f383@orange_8361 for original finding and allowing to post, and to @the_emmons for the invaluable references 🔥
Enjoy the Demo!
PoC: https://t.co/rM1CEfhkjr
Great blog from @elttam's team diving into the ORM leak vulnerability class! I don't see many other writeups about this, but it's super interesting and worth remembering/looking for next time you're looking at code with no manually concatenated SQL - https://t.co/p2CmWXG7et
Our Security Research team at @SLCyberSec just published a high-fidelity detection mechanism for the Next.js/RSC RCE (CVE-2025-55182 & CVE-2025-66478) - https://t.co/aa62OKXpK2. There are a lot of PoCs on GitHub that are adding noise to the problem; I hope this helps people!
The watchTowr Labs team is back, providing our full analysis of the Oracle E-Business Suite Pre-Auth RCE exploit chain (CVE-2025-61882).
Enjoy with us (or cry, your choice..)
https://t.co/ffDKb723N6
Happy Friday! Enjoy our analysis of CVE-2025-36604, a pre-auth Command Inj in Dell's UnityVSA that we discovered and reported in March.
https://t.co/kawjpEH94m
We've just published a novel technique to bypass the __Host and __Secure cookie flags, to achieve maximum impact for your cookie injection findings: https://t.co/JsnRwhKXnW
@GoogleVRP disclosed my most impactful client-side report to date:
https://t.co/yGZJrSZEbe
TL;DR An attacker could've gained access to Gemini Code Assist Tools (GitLab, GitHub etc.) configured by the victim
At @defcon, I presented my research on client-side deanonymization attacks in @Google's Privacy Sandbox! Privacy research doesn't get as much attention, but ad-tech is increasingly embedded in everything - it's all about your attention and data. https://t.co/VKgMB0tqMO