security
BugHunter - Bug Bounty Toolkit Powered by Claude and Free AI Providers
https://cybersecuritynews.com/bughunter-bug-bounty-toolkit/
Added 5 days ago
Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack - Phoronix
https://www.phoronix.com/news/Arch-Linux-AUR-More-Malware
Added 5 days ago
How formal verification makes AWS Nitro the first formally verified cloud hypervisor - Amazon Science
https://www.amazon.science/blog/ec2s-formally-verified-isolation-engine-provides-mathematical-assurance-of-virtual-machine-isolation
Added 6 days ago
BUMSRAKETE™ — The Most Beautiful, Most Tremendous FreeBSD Vulnerability In The History Of Computing. BELIEVE ME.
https://bumsrake.de/
Added 1 week ago
The newest Instagram “exploit” is the goofiest I've seen
https://www.0xsid.com/blog/meta-account-takeover-fiasco
Added 2 weeks ago
https://blog.calif.io/p/codex-discovered-a-hidden-http2-bomb
https://blog.calif.io/p/codex-discovered-a-hidden-http2-bomb
Added 2 weeks ago
How we contain Claude across products \ Anthropic
https://www.anthropic.com/engineering/how-we-contain-claude
Added 3 weeks ago
Anthropic adds 28 security and compliance integrations for Claude - Help Net Security
https://www.helpnetsecurity.com/2026/05/25/anthropic-security-compliance-integrations-claude/
Added 3 weeks ago
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
https://www.theregister.com/security/2026/05/22/megalodon-chums-the-waters-in-55k-github-repo-poisonings/5245342
Added 3 weeks ago
Mini Shai-Hulud Strikes Again: 317 npm Packages Compromised - Real-time Open Source Software Supply Chain Security
https://safedep.io/mini-shai-hulud-strikes-again-314-npm-packages-compromised/
Added 4 weeks ago
Investigating unauthorized access to GitHub-owned repositories - The GitHub Blog
https://github.blog/security/investigating-unauthorized-access-to-githubs-internal-repositories/
Added 4 weeks ago
CISA Admin Leaked AWS GovCloud Keys on Github – Krebs on Security
https://krebsonsecurity.com/2026/05/cisa-admin-leaked-aws-govcloud-keys-on-github/
Added 1 month ago
Project Glasswing: what Mythos showed us
https://blog.cloudflare.com/cyber-frontier-models/
Added 1 month ago
SecurityBaseline.eu
https://internetcleanup.foundation/2026/05/european-governments-3000-tracking-sites-1000-phpmyadmins-and-99pct-poorly-encrypted-email-introducing-securitybaseline-eu/
Added 1 month ago
Local privilege escalation via execve()
https://www.freebsd.org/security/advisories/FreeBSD-SA-26:13.exec.asc
Added 1 month ago
Incident Report: CVE-2024-YIKES
https://nesbitt.io/2026/02/03/incident-report-cve-2024-yikes.html
Added 1 month ago
Postmortem: TanStack NPM supply-chain compromise
https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
Added 1 month ago
Mythos finds a curl vulnerability | daniel.haxx.se
https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/
Added 1 month ago
Let's Encrypt Halts Certificate Issuance After Cross-Signed Root Certificate Incident
https://cybersecuritynews.com/lets-encrypt-halts-certificate-issuance/amp/
Added 1 month ago
You gave me a u32. I gave you root. (io_uring ZCRX freelist LPE)
https://ze3tar.github.io/post-zcrx.html
Added 1 month ago