ISC Stormcast For Monday, June 8th, 2026 https://isc.sans.edu/podcastdetail/9962, (Mon, Jun 8th)
08/06/2026 02:00(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
HTB: Facts
06/06/2026 13:45Facts is a Linux box hosting a trivia website built on the Camaleon CMS, a Ruby on Rails application. I’ll abuse a mass assignment vulnerability in Camaleon to promote my account to administrator, then use credentials from the admin panel to...
AI Worm
05/06/2026 13:21Researchers have prototyped an AI-powered internet worm. The coolest thing about the prototype is that it carries its own LLM with it, and runs it on computers that have been broken into. This is the closest to John Brunner’s original 1975...
The Evil MSI Background is Back!, (Fri, Jun 5th)
05/06/2026 06:47A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1]. Yesterday, I spotted another one! It seems that the technic is getting more and more popular. This time, it started with...
ISC Stormcast For Friday, June 5th, 2026 https://isc.sans.edu/podcastdetail/9960, (Fri, Jun 5th)
05/06/2026 02:00(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
From prompt to pwned: chaining LLM and web bugs to Admin
04/06/2026 22:00Introduction LLMs and their web integrations now power countless applications, including some belonging to our customers who, naturally, may want to assess their resilience against attacks. Although these systems look very smart, trusting them...
Hacking Meta’s AI Chatbot
04/06/2026 11:04Hackers are convincing Meta’s AI support chatbot to let them take over other peoples’ accounts: A video posted on X showed the step-by-step process to hack someone’s Instagram account. The hacker allegedly used a VPN to spoof the targets’...
AI Glossary
04/06/2026 09:00AI as a technology is moving fast. From the time ChatGPT went mainstream in 2023, it’s grown from a cute way to generate funny poems to a defining technology that is likely to change everything. With its amazingly quick rise, it’s tricky to get...
Microsoft's Coreutils for Windows, (Thu, Jun 4th)
04/06/2026 06:10I've been using the GnuWin32 CoreUtils for Windows for many years now (it gives you many *nix core commands on Windows). Microsoft has just released their coreutils version for Windows. You can install them with a winget command (winget install...
ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)
04/06/2026 02:00(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
"Practical Android Software Protection in the Wild" - An Appetizer
03/06/2026 22:00If you work in Android analysis, you have probably gotten your hands dirty with APK reversing: unzip the package, decompile it with JADX, browse the recovered Java code, and maybe pair it with some dynamic analysis using Frida. Most of the time...
Continuing Scans for swagger.json, (Wed, Jun 3rd)
03/06/2026 13:40Enterprise applications often still use complex standards like SOAP for web services. The big advantage of SOAP is its tight and extensive standards, which enable interoperability across an enterprise governed by web services. The disadvantage of...
AI Used to Decrypt Medieval Ciphers
03/06/2026 11:04Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers.
ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)
03/06/2026 02:00(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The Intersection of Encryption and AI
02/06/2026 11:06As part of their 20th Anniversary celebration, Dark Reading asked five cybersecurity industry leaders who wrote blogs or columns for them over the years to select their favorite piece and share their reflections on the topic today. This is my...
Microsoft Threatening Security Researcher
02/06/2026 11:00An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher....
New Wave Of Phishing Emails with SVG Files, (Tue, Jun 2nd)
02/06/2026 07:29For a few days, my SANS ISC mailbox is flooded with emails that delivers SVG files. An SVG ("Scalable Vector Graphic") is a web-friendly vector file format used for graphics and icons. No URL in the body, just “an image”, that’s the perfect way...
ISC Stormcast For Tuesday, June 2nd, 2026 https://isc.sans.edu/podcastdetail/9954, (Tue, Jun 2nd)
02/06/2026 02:00(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts
01/06/2026 17:32The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how to...
Vulnerability Disclosure in the Age of AI
01/06/2026 16:49New article: “Responsible Disclosure in the Age of AI: A Call for Urgent Action,” by Melissa Hathaway. Abstract: Artificial intelligence is fundamentally reshaping the balance between vulnerability discovery and remediation. Frontier AI models...
Aucun article de sécurité disponible