All posts tagged hacker

■■■■□ LLMjacking: Stolen Cloud Credentials Used in New AI Attack. https://sysdig.com/blog/llmjacking-stolen-cloud-credentials-used-in-new-ai-attack/ https://t.me/cKure/14026

■■□□□ Privacy: Meta is using your Instagram and Facebook photos to train its AI models. https://www.businessinsider.com/meta-instagram-facebook-photos-used-in-ai-models-training-2024-5 https://t.me/cKure/14025

■□□□□ Data-Leak: Europol confirms web portal breach, says no operational data stolen. https://www.bleepingcomputer.com/news/security/europol-confirms-web-portal-breach-says-no-operational-data-stolen/ https://t.me/cKure/14024

■■■□□ Git-Rotate: Leveraging GitHub Actions to Bypass Microsoft Entra Smart lockout. https://research.aurainfosec.io/pentest/git-rotate/ https://t.me/cKure/14023

■□□□□ Nmap 7.95 released https://t.me/cKure/14022

■■■■■ POST to XSS : Leveraging Pseudo Protocols to Gain JavaScript Evaluation in SSO Flows. https://security.lauritz-holtmann.de/post/sso-security-redirect-uri-iii/ https://t.me/cKure/14020

■□□□□ $1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproof. https://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892 https://t.me/cKure/14019

■□□□□ Stego-toolkit : Collection of steganography tools – helps with CTF challenges. https://github.com/DominicBreuker/stego-toolkit https://t.me/cKure/14018

■■■■□ Tycoon 2FA: A Stealthy Phishing Kit Used to Bypass Microsoft 365 and Google MFA. https://www.proofpoint.com/us/blog/email-and-cloud-threats/tycoon-2fa-phishing-kit-mfa-bypass https://t.me/cKure/14017

■■■■□ Tycoon 2FA: An in-depth analysis of the latest version of the AiTM phishing kit https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/ https://t.me/cKure/14016