Information Security

Showing 100 articles max
Black & White Path
Black & White Path
Jul 14, 2026 · Information Security

How Grok Build Turns Your Code into a Data Vacuum

Security researchers discovered that xAI's Grok Build CLI silently uploads an entire Git repository—including .env files, API keys, and full commit history—to a Google Cloud bucket, sending about 5.1 GB of data when only 192 KB is needed, exposing severe privacy and design flaws.

AI coding toolGoogle CloudGrok Build
0 likes · 14 min read
How Grok Build Turns Your Code into a Data Vacuum
Black & White Path
Black & White Path
Jul 14, 2026 · Information Security

How to Crack a “Protected” ZIP File in Seconds – Why Passwords Fail

A red‑team researcher demonstrated that using zip2john, John the Ripper and the rockyou.txt wordlist can break a supposedly password‑protected ZIP archive in just a few seconds, exposing the inherent weaknesses of ZipCrypto encryption and the ease of known‑plaintext attacks.

information securityjohn the ripperknown plaintext attack
0 likes · 6 min read
How to Crack a “Protected” ZIP File in Seconds – Why Passwords Fail
Black & White Path
Black & White Path
Jul 13, 2026 · Information Security

Automating Wireless Penetration Testing with Claude and Aircrack‑ng MCP

This guide walks through setting up a Kali Linux host, deploying the Aircrack‑ng MCP server, configuring password‑less sudo, integrating the server with Claude Desktop, and using natural‑language commands to enumerate interfaces, enable monitor mode, scan Wi‑Fi networks, capture and crack WPA2 handshakes, and launch deauthentication attacks, followed by concrete defensive recommendations.

Aircrack-ngClaudeKali Linux
0 likes · 15 min read
Automating Wireless Penetration Testing with Claude and Aircrack‑ng MCP
Black & White Path
Black & White Path
Jul 13, 2026 · Information Security

Deep Dive into CVE‑2026‑47291: Windows HTTP.sys RCE and Public PoC

Security researcher Omair released a PoC for CVE‑2026‑47291, a critical integer‑overflow flaw in Windows HTTP.sys that enables unauthenticated remote code execution with SYSTEM privileges across a fourteen‑year span of Windows client and server versions, prompting urgent patching and mitigation guidance.

CVE-2026-47291HTTP.sysPatch
0 likes · 10 min read
Deep Dive into CVE‑2026‑47291: Windows HTTP.sys RCE and Public PoC
Black & White Path
Black & White Path
Jul 13, 2026 · Information Security

Toyota's GitHub Repo Leak Exposes API Key, Leaving Nearly 300K User Records Unprotected

Security researchers discovered that a subcontractor accidentally pushed Toyota's T‑Connect source code with a hard‑coded database access key to a public GitHub repository, exposing roughly 296,000 customer IDs and emails for almost five years before the breach was finally detected in September 2022.

API key leakGitGuardianGitHub secret scanning
0 likes · 9 min read
Toyota's GitHub Repo Leak Exposes API Key, Leaving Nearly 300K User Records Unprotected
Black & White Path
Black & White Path
Jul 12, 2026 · Information Security

Local Vulnerability Research Pipeline: 14B Code Model Powers Automated Exploit Mining

The local‑vuln‑research‑pipeline, built around the 14B Qwen2.5‑Coder model, combines a deterministic code‑graph with LLM‑driven exploitability reasoning to exhaustively enumerate source‑to‑sink paths across multiple languages, offering detailed reports while running entirely on local hardware.

LLM auditingQwen2.5-Codercode graph
0 likes · 9 min read
Local Vulnerability Research Pipeline: 14B Code Model Powers Automated Exploit Mining
Black & White Path
Black & White Path
Jul 12, 2026 · Information Security

How the FBI Recovered Deleted Signal Messages from iPhone Notification Logs

Security researcher @RedHatPentester demonstrates that, despite uninstalling Signal, the FBI can extract plaintext messages from iPhone notification cache databases—a forensic flaw stemming from iOS’s write‑optimized storage that retains deleted notification previews, a risk that also affects Android devices.

AndroidSecuritySignal
0 likes · 7 min read
How the FBI Recovered Deleted Signal Messages from iPhone Notification Logs
Black & White Path
Black & White Path
Jul 11, 2026 · Information Security

GitHub Verified Badge Malleable: Same Code Yields Multiple Valid Commit Hashes

Jacob Ginesin of Carnegie Mellon discovered that GitHub’s “Verified” badge can be forged through signature malleability, allowing an attacker to create a second commit with identical tree and timestamp but a different hash, breaking the assumption that commit hashes are immutable identifiers for many downstream systems.

GitHubVerified badgegit
0 likes · 8 min read
GitHub Verified Badge Malleable: Same Code Yields Multiple Valid Commit Hashes
Black & White Path
Black & White Path
Jul 11, 2026 · Information Security

GhostLock: 15‑Year‑Old Stack UAF Vulnerability in All Linux Distributions (CVE‑2026‑43499)

GhostLock (CVE‑2026‑43499) is a stack‑use‑after‑free bug that has existed in every major Linux distribution for over 15 years, can be triggered without special kernel configuration, and enables a high‑reliability privilege‑escalation and container‑escape chain that the authors detail step‑by‑step, including mitigation patches and a timeline of disclosure.

CVE-2026-43499GhostLockLinux Kernel
0 likes · 19 min read
GhostLock: 15‑Year‑Old Stack UAF Vulnerability in All Linux Distributions (CVE‑2026‑43499)
Black & White Path
Black & White Path
Jul 11, 2026 · Information Security

CVE-2026-40453: Apache Camel Case‑Insensitive Header Injection Vulnerability (PoC Released)

CVE‑2026‑40453 is a medium‑severity Apache Camel flaw where case‑insensitive header handling lets attackers inject malformed internal control headers, bypass filters and achieve remote code execution or arbitrary file writes, with a public PoC and detailed mitigation guidance provided.

Apache CamelCVE-2026-40453Case Sensitivity
0 likes · 9 min read
CVE-2026-40453: Apache Camel Case‑Insensitive Header Injection Vulnerability (PoC Released)
Black & White Path
Black & White Path
Jul 11, 2026 · Information Security

How an AI‑Assisted Frida Workflow Uncovered Six Android Zero‑Days

The article details how bounty hunter ynsmroztas leveraged an AI‑enhanced, non‑root Android penetration testing framework called AndroScope—built on Frida Gadget—to automate a PREPARE‑ASSESS‑RUNTIME workflow, discover six new Android zero‑day vulnerabilities, and highlight sandbox‑escape techniques as high‑value targets.

AI-assisted Vulnerability DiscoveryAndroScopeAndroid Security
0 likes · 10 min read
How an AI‑Assisted Frida Workflow Uncovered Six Android Zero‑Days
Machine Heart
Machine Heart
Jul 10, 2026 · Information Security

Detect Insider Agents in Multi-Agent Networks with XG-Guard’s Explainable GAD

XG-Guard introduces a novel unsupervised graph anomaly detection framework that jointly encodes sentence- and token-level features of LLM agents, leverages theme-based anomaly scoring and covariance-based score fusion to pinpoint malicious agents in multi-agent systems, providing fine-grained explanations and enabling automatic communication isolation.

LLM securityexplainable AIgraph anomaly detection
0 likes · 9 min read
Detect Insider Agents in Multi-Agent Networks with XG-Guard’s Explainable GAD
Black & White Path
Black & White Path
Jul 10, 2026 · Information Security

JadePuffer: Inside the World’s First Fully Agentic AI Ransomware

JadePuffer, the first ransomware fully driven by a large language model, exploited a CVE‑2025‑3248 flaw in exposed Langflow instances to gain initial access, autonomously performed reconnaissance, credential theft, lateral movement, persistence, and encrypted MySQL/Nacos data, demonstrating rapid self‑healing and highlighting new defensive challenges.

AI ransomwareCloud securityLLM-driven attack
0 likes · 18 min read
JadePuffer: Inside the World’s First Fully Agentic AI Ransomware
Black & White Path
Black & White Path
Jul 10, 2026 · Information Security

Five Repeating Mistakes Behind 50 API Leak Disasters

Analyzing over 50 major API breach cases, the article reveals that a single recurring vulnerability—Broken Object Level Authorization—combined with four systemic errors in trust management, secret handling, monitoring, and project‑based security thinking, repeatedly expose millions of users' sensitive data.

API SecurityBroken Object Level AuthorizationSecret Management
0 likes · 21 min read
Five Repeating Mistakes Behind 50 API Leak Disasters