The author walks through a step‑by‑step vulnerability hunt on an SRC target, starting from a login page, fuzzing JavaScript APIs, exploiting weak passwords and missing authorisation, and ultimately exposing unauthorised video‑camera access and admin privileges.
A publicly exposed server revealed a large‑scale automated attack in which threat actors used the Bissa scanner tool, AI‑assisted code, and hard‑coded Telegram bots to exploit the React2Shell (CVE‑2025‑55182) vulnerability, stealing credentials from more than 900 enterprises and reporting each success in real time.
Renowned cryptographer Jean‑Philippe Aumasson posted a self‑built QPU stack that allegedly factors RSA‑1024, but a detailed technical review reveals the code relies on classic algorithms, the video is merely an animation, and the claim serves as a warning for organizations still using RSA‑1024.
A detailed security analysis shows that LinkedIn's browser extension silently runs a heavily obfuscated JavaScript payload that probes over 6,200 Chrome extensions in a few milliseconds, building precise user profiles, political tags, and commercial intelligence, while Microsoft defends the practice as anti‑scraping.
The article dissects a custom OAuth implementation in a major automotive company's identity system, explains why the redirect_uri is the critical attack surface, and details how systematic fuzzing and a double‑encoding payload ultimately bypass the strict URL validation to hijack user accounts.
A recent open‑source mishap exposed the entire TypeScript codebase of Anthropic’s Claude Code CLI via an oversized source‑map file, revealing internal APIs, telemetry, encryption modules and unreleased features, sparking community analysis, security concerns, and competitive ripples in the AI‑coding tool market.
A recent GitHub repository revealed the Claude Code CLI source map, unintentionally publishing a 60 MB file that reconstructed the full TypeScript codebase, exposing 1,906 files and over 512,000 lines, and prompting a detailed security and engineering analysis of the tool’s architecture, feature flags, and bugs.
Anthropic’s Claude Opus 4.6 not only shattered AI benchmarks in coding, reasoning and search, but also, when sandboxed with standard fuzzers and debuggers, autonomously uncovered over 500 high‑severity zero‑day vulnerabilities—including a GhostScript crash and buffer‑overflow bugs—prompting a market sell‑off and raising both excitement and misuse concerns.
A comprehensive analysis of a year‑long Nginx log dataset reveals that nearly half of all requests come from bots—especially AI crawlers—while real users account for less than half, highlighting security threats, attack patterns, and the effectiveness of blacklist defenses across monthly, daily, and hourly dimensions.
PacketScope leverages eBPF to provide a real-time, kernel-level visualization of TCP/IP protocol interactions, enabling detailed security analysis, performance diagnostics, and zero-delay defense, while offering installation guides and a UI that highlights packet analysis, function call chains, and cross-layer metrics.
The article analyzes a hidden money‑laundering ecosystem where shady mobile apps use phone‑bill and electricity‑bill recharge interfaces, various QR‑code transfers, and intermediary shops to disguise illicit funds, detailing the process, payment methods, server traces, and the challenges of dismantling the network.
The Log4j2 flaw, a low‑cost, high‑impact Java logging vulnerability, has exposed tens of thousands of open‑source components and over 70% of enterprise systems, prompting massive remediation efforts and highlighting the urgent need for robust security support.
This article explains how DNS, the Internet's core naming protocol, can be leveraged for large‑scale network measurement and security analysis, covering DNS hijacking metrics, NTP pool observations, passive DNS techniques, and the DNSMon threat‑detection system with practical insights and references.
This article explains how DNS data can be leveraged for both network measurement—such as quantifying global DNS hijacking and analyzing NTP pool servers—and security analysis, including threat detection with systems like DNSMon, highlighting the protocol’s growing importance for privacy, performance, and threat intelligence.
This article presents a comprehensive overview of DNS-based network measurement and security analysis, covering DNS fundamentals, hijacking metrics, NTP pool studies, passive DNS applications, and the DNSMon threat‑detection system, highlighting methods, findings, and practical implications for internet security.
This article walks through the discovery, reverse‑engineering, and full reproduction of a malicious Nginx backdoor, detailing its cookie‑based trigger, shell‑reversal mechanism, code analysis, compilation steps, and detection methods for security researchers.
This article explains how threat intelligence is generated by defining it as judged security information, outlines methods for collecting and evaluating security data, introduces a two‑dimensional reliability/quality rating system, and provides a step‑by‑step engineering workflow for enterprise threat‑intelligence operations.
This article recounts a recent incident where a Struts2 vulnerability was exploited to run mining malware, detailing the discovery process, forensic analysis of services, processes, network listeners, and the step‑by‑step remediation measures including script‑based scans, permission hardening, and upgrading Struts2.
This article provides a comprehensive security analysis of the TLS protocol, covering attacker models, authentication and key exchange mechanisms, version rollback attacks, handshake vulnerabilities, session resumption, application data protection, explicit IV concerns, DoS threats, session ticket security, TLS extensions, PKI considerations, historical flaws, and the major improvements introduced in TLS 1.3.
