By the grace of Allah Almighty i Got #OSEP certified
Thank you @offsectraining for providing such an Intense Training. Learnt alot and will definitely recommend this Certification
VICE
It crawls your site with a real browser, extracts secrets from JS bundles, tests your login for brute force and SQL injection, scans your VPS ports, checks your Supabase RLS, and more. Like an attacker would, but on your own systems.
Source: https://t.co/GxzoLITNdm
Every 3rd website you visit runs Nginx.
18,959,833 of them can be hijacked right now.
A bug from 2008 just got a working exploit.
CVE-2026-42945 (CVSS 9.2)
No login. No access. Just one HTTP request.
→ Heap overflow → Worker process → RCE
Patch ASAP to Nginx 1.31.0 or 1.30.1
PoC is already out:
https://t.co/O4556KGjqD
A fully local 26B MoE model was built for red teaming and bug hunting.
Trained on elite bug reports and real evasion tactics. DPO fine-tuned for hunter mindset.
Claude sees your payloads in logs; that's why BugTraceAI Apex 26B local MoE for real red teamers.
- executes WAF bypasses with internal thinking blocks.
- It enforces deep internal reasoning before generating any output.
- Delivers production-grade WAF/EDR evasion with AES-256-GCM obfuscation.
- Zero refusals, Trained on real-world elite reports and evasion techniques.
Fits in 16.7GB. Runs on RTX 3060.
- https://t.co/FfnGgGXoQy
I fine-tuned Gemma-4-31b on Claude Opus 4.6 thinking to improve the overall quality and personality of the model.
Download it here:
https://t.co/DFxrw2gDtO
Penelope - a powerful shell handler built as a modern netcat replacement for RCE exploitation, aiming to simplify, accelerate, and optimize post-exploitation workflows https://t.co/zJf2y1fGj0
Introducing RAPTOR, an Autonomous Offensive/Defensive Research Framework based on Anthropic's Claude Code, written by @dcuthbert, @halvarflake, @mbrg0, and myself.
Let's rock. Get it from GitHub, here: https://t.co/giBaCtIexB
knowing how to secure something is MUCH easier when you know all the attacks.
the vulnerablemcp[.]info is a fantastic resource for understanding all the ways that MCP servers can be vulnerable/malicious.
link below.
🛡️ 𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐄𝐧𝐠𝐢𝐧𝐞𝐞𝐫'𝐬 𝐆𝐮𝐢𝐝𝐞 𝐭𝐨 𝐌𝐂𝐏
If you need to learn how to test & secure MCPs in your org in a hurry...
Get up to speed in 10min + a free MCP security cheatsheet of exactly what to look for.