Attackers Worldwide are Zeroing In on React2Shell Vulnerability
Bad actors that include nation-state groups to financially-motivated cybercriminals from across the globe are targeting the maximum-severity but easily exploitable React2Shell flaw, with threatβ¦
βFrom an attacker perspective, #React2Shell is the kind of vulnerability that affords massive opportunity for crime, but that also has a narrow window for exploitation, partly because of public awareness leading to patching, and partly because of competition.β
securityboulevard.com/2025/12/atta...
13.12.2025 00:27
π 1
π 1
π¬ 0
π 0
What do pentesters think of aws security agent pentesting capabilities?
13.12.2025 00:27
π 0
π 0
π¬ 0
π 0
At defcon today if anyone wants to chat
09.08.2025 22:14
π 0
π 0
π¬ 0
π 0
Same desert as Hellβs Kitchen I think which makes sense!
09.08.2025 22:13
π 0
π 0
π¬ 0
π 0
Hellβs Kitchen?
09.08.2025 22:12
π 0
π 0
π¬ 1
π 0
About 75% done with a new pack for Sectemplates.com focusing on appsec 'Security Partnerships'. How many of you have leveraged such as program and how did it go for you?
09.03.2025 07:18
π 1
π 0
π¬ 0
π 0
I wonder how long it will take for AI interfaces into your brain to
1. read your βdatabaseβ of memories to help with memory recovery
2. Read your thoughts on current tasks and help you optimize it
3. Write access to your memory or βramβ to aid with tasks
5-10 years?
07.03.2025 21:01
π 0
π 0
π¬ 0
π 0
I have a bunch of solid security domain names I'm thinking of finally selling. What would be the best way to sell them to security vendors?
01.03.2025 05:43
π 0
π 0
π¬ 0
π 0
Random rant: If security teams understood how to represent their work as dollar savings, how much more funding and support they'd receive?
28.02.2025 07:08
π 0
π 0
π¬ 0
π 0
Announcement - Incident Response Program Pack v1.5
This release is to provide you with everything you need to establish a functioning security incident response program at your company.
Announcement: www.sectemplates.com/2025/02/anno...
GitHub: github.com/securitytemp...
17.02.2025 23:45
π 2
π 0
π¬ 0
π 0
It was nice knowing you ;)
15.02.2025 22:36
π 0
π 0
π¬ 0
π 0
It gets worse
10.02.2025 02:27
π 11
π 0
π¬ 0
π 0
I need to spend more time here, Twitter is just political yelling and screaming
09.02.2025 05:35
π 1
π 0
π¬ 0
π 0
POTUS can do whatever he wants now that heβs king
05.02.2025 01:48
π 0
π 0
π¬ 0
π 0
I imagine people using botnets to train AI models in the near future.
29.01.2025 07:48
π 0
π 0
π¬ 0
π 0
Silicon Valley Is Raving About a Made-in-China AI Model
DeepSeek is called βamazing and impressiveβ despite working with less-advanced chips.
Chinese AI models will be cheaper at the cost of censoring certain topics and people will eat it up... Ask it about Tank man or Xi and you'll see some obvious examples. www.wsj.com/tech/ai/chin...
26.01.2025 23:32
π 1
π 0
π¬ 0
π 0
Feels like the future for automating exploitation is training llms and using agents to perform these attacks. Agree? Disagree?
24.01.2025 20:11
π 0
π 0
π¬ 0
π 0
18.01.2025 20:57
π 4
π 0
π¬ 0
π 0
BREAKING: Chinese hackers accessed Yellen's computer in US Treasury breach, per Bloomberg.
17.01.2025 01:25
π 153
π 26
π¬ 8
π 7
100%, 2025 likely not going to be much better on the world stage. Letβs hope Iβm wrong
31.12.2024 21:35
π 0
π 0
π¬ 0
π 0
I'm pleased to announce the latest SecTemplates.com release, External Penetration Testing Program Pack v1.1.
Announcement: www.sectemplates.com/2024/12/anno...
GitHub: github.com/securitytemp...
28.12.2024 00:12
π 2
π 0
π¬ 0
π 0
Bill requiring US agencies to share custom source code with each other becomes law
President Joe Biden signed the bipartisan legislation into law Dec. 23.
This is a good idea, however I doubt that this code on average is getting proper security testing/updates. As a result there may be a surge in agencies adopting vulnerable code and increasing their attack surface fedscoop.com/agencies-mus...
27.12.2024 22:53
π 1
π 0
π¬ 0
π 0
Breaking: Cyberhaven Chrome Extension Compromised in Holiday Attack Campaign
An attacker successfully phished a Cyberhaven employee, gained access to Chrome Web Store admin credentials, published a malicious version of the extension
An attacker successfully phished a Cyberhaven employee.
They gained access to their Chrome Web Store admin credentials and published a malicious version of the Cyberhaven extension.
Read my full writeup here:
www.vulnu.com/p/breaking-c...
Thanks @jaimeblascob.bsky.social and @johntuckner.me
27.12.2024 03:20
π 40
π 17
π¬ 0
π 0
You know what one of the best uses for #AI is going to be that nobody is talking about? When you're arguing with an internet stranger about a point and you need to find facts to 'teach them', you can ask the AI to summarize the best sources and paste it back. Soon arguing will be automated. ;)
17.12.2024 07:22
π 0
π 0
π¬ 0
π 0
These Jersey drones are worrying. Feeling more and more like they are searching for something that has the possibility of a very negative outcome. #drones
15.12.2024 00:05
π 2
π 0
π¬ 0
π 0
