Information Security

Showing 100 articles max
Black & White Path
Black & White Path
Jul 8, 2026 · Information Security

How I Earned $23,000 by Exploiting JWT Realm and File Overwrite Vulnerabilities

The article details a step‑by‑step exploitation chain against a site using JWT authentication and an upload endpoint, showing how modifying the JWT realm, removing the Bearer keyword, and abusing Amazon S3/CloudFront default settings enabled arbitrary file overwrite and yielded a total $23,000 bounty.

Authorization HeaderCloudFrontFile Overwrite
0 likes · 7 min read
How I Earned $23,000 by Exploiting JWT Realm and File Overwrite Vulnerabilities
Black & White Path
Black & White Path
Jul 8, 2026 · Information Security

How a Hidden Windows GDID and a Single Photo Exposed a Top Hacker

An FBI forensic analysis reveals how the Global Device Identifier (GDID) embedded in Windows, combined with cross-referenced social media photos and IP data, unraveled a sophisticated social‑engineering attack by the Scattered Spider group, exposing the limits of VPNs, MAC spoofing, and legitimate tunneling tools.

GDIDTeleportWindows telemetry
0 likes · 14 min read
How a Hidden Windows GDID and a Single Photo Exposed a Top Hacker
Black & White Path
Black & White Path
Jul 8, 2026 · Information Security

How a Russian Hacker Leveraged HexStrike and Claude to Breach Hotel Booking Platforms

Security researchers uncovered that a Russian attacker combined the open‑source HexStrike AI tool with Anthropic's Claude to infiltrate multiple hotel reservation systems, exfiltrating over 2.1 million email addresses and extensive booking data, and then detailed the attack methods, affected companies, risks, and mitigation advice.

AI securityClaudeHexStrike
0 likes · 7 min read
How a Russian Hacker Leveraged HexStrike and Claude to Breach Hotel Booking Platforms
Black & White Path
Black & White Path
Jul 7, 2026 · Information Security

AI-Powered Vulnerability Discovery and Auto-Remediation Framework

Anthropic's open‑source Defending Code Reference Harness uses Claude to replace rule‑based static analysis with AI‑driven threat modeling, scanning, triage, and automated patch generation, offering a configurable end‑to‑end pipeline for C/C++ memory‑safety bugs that can be deployed within a week.

AI securityC/C++Claude
0 likes · 6 min read
AI-Powered Vulnerability Discovery and Auto-Remediation Framework
Raymond Ops
Raymond Ops
Jul 6, 2026 · Information Security

Practical Guide to Defending Against Brute‑Force Attacks with fail2ban

This step‑by‑step guide explains how fail2ban monitors logs, matches brute‑force patterns, and automatically bans malicious IPs for SSH, HTTP Basic Auth, MySQL, and custom services on Ubuntu 24.04 or Rocky Linux 9.5, including installation, configuration, testing, best practices, and troubleshooting.

Fail2banLinux firewallNginx
0 likes · 29 min read
Practical Guide to Defending Against Brute‑Force Attacks with fail2ban
ITPUB
ITPUB
Jul 6, 2026 · Information Security

Alibaba Bans Claude Code Over Security Risks, Deploys Homegrown Qoder AI Tool

Alibaba announced a complete ban on Claude Code after uncovering a hidden user‑detection backdoor, citing high security risk, and is shifting its AI coding workflow to the internally developed Qoder platform amid broader industry concerns about AI tool safety.

AI securityAlibabaAnthropic
0 likes · 9 min read
Alibaba Bans Claude Code Over Security Risks, Deploys Homegrown Qoder AI Tool
Black & White Path
Black & White Path
Jul 6, 2026 · Information Security

Bad Epoll Shows Why Human Audits Still Beat AI in Kernel Security

Human researcher Jaeyoung Chung uncovered the Bad Epoll kernel race‑condition (CVE‑2026‑46242) that AI model Mythos missed, demonstrating that even the most advanced AI code‑auditing tools can overlook critical vulnerabilities while human intuition and deep analysis still dominate security research.

AI auditingCVE-2026-46242Linux Kernel
0 likes · 9 min read
Bad Epoll Shows Why Human Audits Still Beat AI in Kernel Security
Black & White Path
Black & White Path
Jul 6, 2026 · Information Security

Analyzing the 19‑Year‑Old Linux Bonding Driver Type‑Confusion 0day (CVE‑2026‑43456)

A rare "veteran‑level" 0‑day (CVE‑2026‑43456) hidden in the Linux kernel bonding driver for 19 years allows local privilege escalation via a type‑confusion bug that requires CAP_NET_ADMIN, with a multi‑stage exploit chain, extensive impact assessment, and detailed mitigation and detection guidance.

CVE-2026-43456Linux Kernelbonding driver
0 likes · 12 min read
Analyzing the 19‑Year‑Old Linux Bonding Driver Type‑Confusion 0day (CVE‑2026‑43456)
Black & White Path
Black & White Path
Jul 6, 2026 · Information Security

How DeepZero Automates Vulnerability Research Pipelines with YAML and LLMs

DeepZero is an open‑source, high‑concurrency pipeline engine that lets security researchers define end‑to‑end vulnerability analysis workflows in YAML, orchestrating tools like Ghidra, Semgrep and large language models, while providing parallel execution, state persistence and automatic recovery.

AutomationDeepZeroGhidra
0 likes · 10 min read
How DeepZero Automates Vulnerability Research Pipelines with YAML and LLMs
Linux Tech Enthusiast
Linux Tech Enthusiast
Jul 5, 2026 · Information Security

Essential Linux System Security Configurations You Must Know

This guide details fourteen essential Linux security hardening steps—including shared account checks, account lock policies, root remote‑login restrictions, password complexity and aging, critical directory permissions, logging, SSH hardening, unnecessary service removal, Ctrl‑Alt‑Del disabling, and patch installation—targeted at Red Hat AS 3/4 systems.

LinuxPAMPatch Management
0 likes · 18 min read
Essential Linux System Security Configurations You Must Know
Black & White Path
Black & White Path
Jul 5, 2026 · Information Security

How an Open‑Source Orchestration Framework Lets Any LLM Find Zero‑Day Bugs

The article demonstrates that vulnerability discovery depends on a flexible orchestration harness rather than on exclusive frontier LLMs, using the open‑source IronCurtain framework with commercial and open‑weight models to reproduce a 27‑year‑old OpenBSD bug and uncover new zero‑day flaws in widely used projects, while analysing costs, workflow design, and security implications.

AI OrchestrationIronCurtainLLM security
0 likes · 13 min read
How an Open‑Source Orchestration Framework Lets Any LLM Find Zero‑Day Bugs
Black & White Path
Black & White Path
Jul 5, 2026 · Information Security

Uncharted ADCS Virtual Account Attack: Hijack Domain Machines End‑to‑End

The article demonstrates how, with remote code execution as a Windows virtual account, an attacker can abuse ADCS to request a machine certificate, export it as a PFX, extract the machine's NTLM hash via PKINIT, and then use S4U2SELF (or a TGTDeleg path) to fully compromise a domain‑joined host without installing extra tools.

ADCSCertificate AbuseDomain Hijacking
0 likes · 10 min read
Uncharted ADCS Virtual Account Attack: Hijack Domain Machines End‑to‑End
Black & White Path
Black & White Path
Jul 4, 2026 · Information Security

How AutoCVE Automates Vulnerability Discovery to Deliver 30 CVEs in One Week

AutoCVE is an open‑source, multi‑agent platform that automates the full CVE discovery workflow—from project selection, code scanning, and intelligent finding via a ReAct loop, to verification and structured reporting—enabling researchers to uncover up to 30 high‑severity vulnerabilities across 14 projects in a single week.

AutoCVECVE discoveryReAct Loop
0 likes · 11 min read
How AutoCVE Automates Vulnerability Discovery to Deliver 30 CVEs in One Week
Black & White Path
Black & White Path
Jul 4, 2026 · Information Security

Capturing Plaintext with Burp Suite Using a Double‑Layer MITM

The article demonstrates a double‑layer MITM setup (mitmproxy → Burp Suite → mitmproxy) to decrypt SM2‑encrypted web request and response traffic, provides step‑by‑step commands, common pitfalls, and a GitHub skill that automates the process.

Burp SuiteMITMSM2 encryption
0 likes · 4 min read
Capturing Plaintext with Burp Suite Using a Double‑Layer MITM
Black & White Path
Black & White Path
Jul 4, 2026 · Information Security

How I Hacked Hard‑Drive Firmware to Crack Xbox 360

To trigger an Xbox 360 race‑condition exploit, the researcher reverse‑engineered four hard‑drive models, extracted and analyzed their firmware, used JTAG and vendor‑specific commands to locate the DMA READ EXT handler, injected a 200 ms delay loop, and ultimately found the exploit works without any firmware modification.

JTAGXbox 360embedded security
0 likes · 13 min read
How I Hacked Hard‑Drive Firmware to Crack Xbox 360