Предраг Цујановић � Ｐ𝗿𝐞ⅆｒ𝚊ⓖ Ⅽ𝗎𝐉ａｎ𝚘𝕧ⓘć

Here's the PoC for Nginx CVE-2026-42945 which works against vanilla Ubuntu (and any other distro?) + Nginx with ASLR enabled. I have included all iterations of the PoC the LLM was kicked to improve. TL;DR: We can use an LFI/file-read primitive to leak enough details from /proc/<nginx-worker>/mem to bypass ASLR and achieve reliable RCE, in most cases at first shot. There are still other ways to make it work, with even less subtle primitives. If you ask Geppetto nicely, he will help you ;) https://t.co/VawjqrMisN

Our security research team discovered a pre-authentication arbitrary file read as root in cPanel (CVE-2026-29205) — a path traversal in cpdavd that we made exploitable by abusing Dovecot's + alias handling to create attacker-controlled directory names on disk. We've updated cpanel2shell-scanner to cover both issues. Writeup and tool in replies. 👇

🚨 CVE-2026-44578 — Next.js WebSocket SSRF Built a scanner + interactive exploit shell. AWS credentials exfiltrated in 3 steps: [1/3] Cloud auto-detect → AWS confirmed [2/3] IAM role found: profile [3/3] 🎯 AccessKeyId + SecretKey + Token ✅ Pipeline ready: subfinder | httpx | nextssrf ✅ Zero dependencies (stdlib only) ✅ Interactive shell with auto IAM chain Affected: Next.js 13.4.13 → 15.5.15 Fixed: 15.5.16 / 16.2.5 (self-hosted only) 🔗 https://t.co/vLwbUYJ8Dz #BugBounty #InfoSec #RedTeam #AppSec #bugbountytip #bugbountytips #infosec #recon

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: https://t.co/9nqku4svkY

> be two researchers at wiz > download github enterprise server (same code as github but runs locally) > reverse-engineer the binaries with ai > find that git push -o strings go straight into an internal header > type a semicolon > inject a fake git hook > rce as the git service user > find an enterprise-mode flag gating hooks on github. it's also injectable > type another semicolon > rce on github itself > land on a shared node holding millions of private repos > read someone else's repo > get access to millions of private repos belonging to other users and orgs > github patches the same day, en urgence

🚨 According to sample data we received from the Vercel breach, Vercel's CEO Guillermo Rauch was last seen on March 3, 2026. Who is running the company? The threat actor told us Vercel's security was poor, and consistent with Vercel's own disclosure, a senior engineer authenticated with a fake third-party AI tool via its Google Workspace OAuth app. - The breach appears to have started or ended on April 12, 2026 - We were sent records of all employees...

To check if your Google Workspace has been compromised by the same tool that compromised Vercel: 1. Go to https://t.co/TpuIOW5Fwg - This is Google Admin Console > Security > Access and Data Control > API Controls > Manage app access > Accessed Apps 2. Filter by ID = https://t.co/uqJnCqp5Ah - This is the ID of the compromised OAuth app If you see an app after filtering, you have potentially been compromised

Everyone is looking for XSS in PDF generators and SSR bots, but they are missing the actual architectural nightmare: Headless Context Bleed (HCB). Opening a new "incognito" tab in Puppeteer doesn't isolate everything. A thread on how shared state in backend browsers is the next massive attack surface. 🧵👇

This week in security: - LiteLLM, backdoored release exfiltrating secrets - Axios, supply chain malware via dependency - Railway, CDN caching leaked user data - OpenAI Codex, command injection via GitHub branch names - Mercor 1TB data leak - Delve, data leak + compliance risk infra is the attack surface now

AI is playing a role in two ways: 1.Far more code is being written (1.5-2x by some estimates) and far more people are vibe coding without reviewing what their agents install. Every unreviewed dependency is an attack surface. 2.Attackers have woken up. We saw the first NPM worm last year. The recent TeamPCP attacks (against Trivy and LiteLLM) have stolen a massive number of credentials that most teams haven’t rotated yet. We’ll be dealing with the long tail of these compromises for 6-12 months. Not that developers were good at reviewing dependencies before. But AI has mass-produced the exact behavior attackers exploit.