Test Suite
https://zenodo.org/records/16794243:

1. www.github.com/mandcony/quantoniumos It includes: RFT transform & symbolic state stability metrics Binary ↔ symbolic latency numbers Cross-platform reproducibility proof Cryptanalysis & randomness test results (Avalanche, NIST SP 800-22, Dieharder, TestU01) KAT reproducibility A clear summary tying it all together.
2. More info on how stats are collected....
3. Powered by CERN Data Centre & InvenioRDM This site uses cookies.

@secharvester

Building an Autonomous AI Pentester: What Worked, What Didn’t, and Why It Matters
https://www.ultrared.ai/blog/building-autonomous-ai-hacker:

1. A secured backend allowing the LLM to generate and execute Python with sudo access for complex logic like token crafting or dynamic encoding.
2. It was more expensive and far less accurate.  The AI could craft beautiful attack chains and generate creative payloads, but it couldn't reliably distinguish between a real vulnerability and background noise.
3. ‍ This was one of the most fascinating projects I've worked on, combining offensive security, AI orchestration, and systems design into something that was simultaneously impressive and humbling.

@secharvester

Weekly Cybersecurity News Summary –11/08/2025
https://kordon.app/11-cybersecurity-news-worth-your-attention-this-week-summarised-11-08-2025/:

1. I am also happy to see interesting AI developements on the detection and defecne side of things.
2. Got some feedback that the last summary was tooooo long, so I’ll try to wrap it up with up to 15 news items per week from now on.
3. Got some feedback that the last summary was tooooo long, so I’ll try to wrap it up with up to 15 news items per week from now on.

@secharvester

AI-Powered Code Security Reviews for DevSecOps with Claude
https://medium.com/@mostafahussein/ai-powered-code-security-reviews-for-devsecops-with-claude-12baeacf196f:

1. Instead of relying only on manual reviews or separate static analysis tools, Claude can analyze your code using AI and point out potential problems directly in your workflow.
2. The endpoint should be: app.get(‘/api/cart’, isAuthenticated, async (req: any, res) => { const userId = req.user.id; … }) After catching the IDOR vulnerability in our first pull request, we tested Claude on another scenario — this time focusing on supply chain risks in project dependencies.
3. Whether it’s preventing injection attacks, stopping broken access control, or catching subtle business logic flaws, Claude acts like a security expert embedded in your DevSecOps process.

@secharvester

From medieval stronghold to cyber fortress: shielding Europe’s digital future
https://projects.research-and-innovation.ec.europa.eu/en/horizon-magazine/medieval-stronghold-cyber-fortress-shielding-europes-digital-future:

1. It was here, at the foot of this centuries-old fortress, that local computer scientists first had the idea to strengthen the defences of Europe’s digital realm by setting up a cross-border cybersecurity hub.
2. “Estonia, on the other hand, has a strong expertise in the security of e-government solutions, for instance.” One challenge keeping CHESS experts on their toes is post-quantum cryptography.
3. “This isn’t a threat yet, but we need to think about this now because data needs to be kept safe for decades to come.” Liina Kamm, an Estonian expert in privacy-enhancing technologies, warns that quantum computing could one day make current encryption obsolete.

@secharvester

Creating the longest possible Ski Jump in The Games: Winter Challenge
https://mrwint.github.io/winter/writeup/writeup2.html:

1. Each method I successfully deciphered I also translated into a function in a higher-level programming language (in this case Rust), which is typically much shorter than the assembly and helps both to keep an overview of the business logic as I understand it so far, and to eventually be a fully-functional replica of the game’s simulation.
2. Comparing my simulation against this source-of-truth data, I uncovered some minor discrepancies, but those were easy to address and quickly I was able to get it to sync along the whole length of the replay, confirming that my decompilation is accurate to the real game and I didn’t miss anything significant.
3. Taking a step back, the gain over the jump I showed initially and performed in a couple minutes of trying is not actually that big, the incremental improvements tryin...

@secharvester

Encryption made for police and military radios may be easily cracked
https://arstechnica.com/security/2025/08/encryption-made-for-police-and-military-radios-may-be-easily-cracked/:

1. But now the same researchers have found that at least one implementation of the end-to-end encryption solution endorsed by ETSI has a similar issue that makes it equally vulnerable to eavesdropping.
2. In the case of the E2EE, the researchers found that the implementation they examined starts with a key that is more secure than ones used in the TETRA algorithms, but it gets reduced to 56 bits, which would potentially let someone decrypt voice and data communications.
3. Advances in computing power make it less secure now, so when the Dutch researchers exposed the reduced key two years ago, ETSI recommended that customers using TEA1 deploy TCCA's end-to-end encryption solution on top of it.

@secharvester

Pentest Trick: Out of sight, out of mind with Windows Long File Names
https://www.zerosalarium.com/2025/08/pentest-trick-out-of-sight-out-of-mind-long-filename.html:

1. In addition to avoiding the watchful eyes of AVs, keeping your payloads from being submitted to analysis sites on the Internet (and subsequently falling into the hands of malware analysts, blue teams, etc.)
2. In this article, I will present the idea of leveraging the long file name feature on Windows to help keep payloads from being collected by EDR's tools and scripts that gather samples.
3. For pentesters and red teamers, if you hide your payload in paths longer than 260 characters, the likelihood is that collection tools and scripts will be unable to access it, resulting in a "file does not exist" message.

@secharvester

Black Hat USA 2025 slides
https://github.com/onhexgroup/Conferences/tree/main/BlackHat_USA_2025_Slides:

1. We read every piece of feedback, and take your input very seriously.
2. To see all available qualifiers, see our documentation.
3. There was an error while loading.

@secharvester

Does anyone know how to Crack/decompile exe's protected with bypass Oreans Code Virtualizer
https://www.oreans.com/:

1. SecureEngine is a technology that is exclusively designed to protect against modern cracking tools and provides windows applications with an industry standard protection system with total licence control.
2. The generated virtual machine will emulate the execution of the original instructions, making it impossible for a cracker to use common disassemblers/debuggers to trace your code.
3. It offers a wide range of powerful and flexible techniques that allow developers to securely distribute trial versions of their applications.

@secharvester

Vulnerability Management Program - How to implement SLA and its processes
https://securityautopsy.com/vulnerability-management-program-how-to-implement-sla-and-its-processes/:

1. This article helps internal security teams set clear SLAs, define the right metrics, and adjust their ticketing system to build a successful vulnerability management program.
2. Most importantly, effective SLAs will provide actionable metrics to continually enhance your Product Security program, improve overall quality, and build resilience within your organization.An SLA might seem straightforward, just pick a number of days and you're done, right?
3. One important subject to discuss when talking about vulnerability management is the day you open the valve on a code scanning tool that generates an enormous number of security findings.

@secharvester

WinRAR zero-day exploited to plant malware on archive extraction
https://www.bleepingcomputer.com/news/security/winrar-zero-day-flaw-exploited-by-romcom-hackers-in-phishing-attacks/:

1. RomCom (also tracked as Storm-0978, Tropical Scorpius, or UNC2596) is a Russian hacking group linked to ransomware and data-theft extortion attacks, along with campaigns focused on stealing credentials.
2. Register Now Google suffers data breach in ongoing Salesforce data theft attacks Microsoft warns of high-severity flaw in hybrid Exchange deployments ReVault flaws let hackers bypass Windows login on Dell laptops The State of the Virtual CISO 2025: How AI is Reshaping Cybersecurity and Compliance Services View your organization's attack surface & digital frauds - at no cost.
3. Audit your Active Directory for free Stop ClickFix Attacks Where They Start: In the Browser Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright...

@secharvester

What are your favorite threat intel TTPs?
https://github.com/RoseSecurity/Red-Teaming-TTPs/blob/main/Threat_Intel.md:

1. We read every piece of feedback, and take your input very seriously.
2. To see all available qualifiers, see our documentation.
3. Please reload this page.

@secharvester

Could an unpatched iPhone activation flaw let someone take over before you even use it?
https://cyberpress.org/apple-ios-activation-vulnerability/:

1. Attackers exploiting this flaw can introduce persistent configuration manipulations and custom provisioning logic, completely bypassing standard Mobile Device Management (MDM) enrollment, user consent, and Apple’s signature checks.
2. The lack of remediation leaves iOS devices, including those running the latest stable release, vulnerable to advanced post-exploitation tactics, warranting immediate attention from both Apple and enterprise security teams.
3. As this vulnerability remains unmitigated, it underscores the urgent need for improved authentication, payload verification, and robust error handling in critical infrastructure components underpinning device trust, especially at the earliest stages of setup and activation.

@secharvester

To keep your machine safe, run third-party tools inside Docker
https://ashishb.net/programming/run-tools-inside-docker/:

1. So, when you do npm install -g htmlhint, you are taking a huge risk.
2. Using Docker, you can enforce the following restrictions: This drastically reduces the attack surface of the code.
3. I even recommend this technique for running tools on GitHub Actions and have started using this extensively in GitHub Actions Boilerplate Generator.

@secharvester

Theori AIxCC writeup , 0day in sqlite + more
https://theori.io/blog/exploring-traces-63950:

1. SQLite is incredibly popular and used by a huge body of other software: operating systems such as Windows, Mac OS, and several flavors of Linux, all major web browsers, cars, planes, and of course most importantly, in our CRS itself!
2. The FreeRDP test harness outputs about 60kB of data when executing this input, which our backend code refuses to send to the agent for fear of polluting the context window.
3. While the CRS was not given the ability to search for help on the internet due to competition rules, large models fortunately have enough background information to be able to answer questions about standard protocols by themselves.

@secharvester

Update on Malicious Gems Removal
https://blog.rubygems.org/2025/08/08/malicious-gems-removal.html:

1. 08 Aug 2025 by Marty Haught We are aware of a recent report about malicious gems that were targeting social media credentials.
2. Our team first detected this activity on July 20th and began removing the affected gems immediately through our regular security processes.
3. For transparency, we would like to add more context from our team to the existing reporting, and will be publishing a more detailed breakdown of this incident next week, including information on how we typically handle threats like these.

@secharvester

Unclaimed Google Play Store package
http://example.com:

1. This domain is for use in illustrative examples in documents.
2. You may use this domain in literature without prior coordination or asking for permission.
3. More information...

@secharvester

ICE Washington, D.C. leads international takedown of BlackSuit ransomware infrastructure
https://www.ice.gov/news/releases/ice-washington-dc-leads-international-takedown-blacksuit-ransomware-infrastructure:

1. Learn more about ERO SEVP is a part of the National Security Investigations Division and acts as a bridge for government organizations that have an interest in information on nonimmigrants whose primary reason for coming to the United States is to be students.
2. “Disrupting ransomware infrastructure is not only about taking down servers — it's about dismantling the entire ecosystem that enables cybercriminals to operate with impunity,” said HSI Cyber Crimes Center Deputy Assistant Director Michael Prado.
3. The coordinated takedown was conducted under Operation Checkmate, a Europol Joint Cyber Action Task Force-coordinated initiative specifically targeting the Royal and BlackSuit ransomware groups.

@secharvester

The Mental Material Revolution: Why Engineers Need to Become Cognitive Architects
https://medium.com/@gabi.beyo/the-mental-material-revolution-why-engineers-need-to-become-cognitive-architects-3762221d38b9:

1. If it’s a senior developer under deadline pressure, they need conditional knowledge (when to denormalize vs. optimize) plus long-term memory (this person prefers pragmatic solutions) plus contextual constraints (production system limitations).
2. Perhaps the current query is intentionally slower because the optimized version would sacrifice readability (violating team guidelines), and the system should suggest either a local override for performance-critical cases or acceptance of the minor delay.
3. When you guide an AI away from a poor architectural choice or toward a better algorithm, that interaction should be captured and integrated into the system’s knowledge base, making it progressively more precise and aligned with good ...

@secharvester

The Hidden Risk in Your AI Stack (and the Tool You Already Have to Fix It)
https://itbusinessnet.com/2025/08/the-hidden-risk-in-your-ai-stack-and-the-tool-you-already-have-to-fix-it/#google_vignette:

1. Screenshot Why OCI Artifacts are the standard for production-grade model delivery By Brad Micklea In 2024, a large e-commerce platform rolled back their AI recommendation agent two weeks after it was initially deployed.
2. If you’re a DevOps lead, ML engineer, or security architect trying to bring AI to production safely you’ve probably seen it: a model that runs perfectly in a Jupyter Notebook or an experiment tracker like MLflow or Weights & Biases takes weeks to reproduce in staging or on another developer’s machine.
3. Even enterprise ML teams are living in their “before containers” era — scripts that work in one place, models that mutate silently, and deployments that feel more like art than engineering.

@secharvester

IBM Consulting and InfoSec Global collaborate on visibility, control of cryptographic assets
https://www.ibm.com/new/announcements/ibm-consulting-and-infosec-global-collaborate-on-visibility-control-of-cryptographic-assets:

1. 7 August 2025 Vice President & Global Offering Leader, Quantum Safe Transformation & Growth IBM To help businesses prepare for a quantum-based future, IBM Consulting and InfoSec Global, a Keyfactor company and cryptographic posture management provider, are partnering to deliver advanced cryptographic discovery and inventory solutions across all industries and geographies.
2. According to InfoSec Global’s co-founder and current Keyfactor Chief Business Officer, Nagi Moustafa, the importance of working with industry leaders to help clients understand and secure their organizations in the quantum computing era is critical, noting: “Establishing crypto-agility and preparing for the post-quantum era requires a sophist...

@secharvester

New EDR killer tool used by eight different ransomware groups
https://www.bleepingcomputer.com/news/security/new-edr-killer-tool-used-by-eight-different-ransomware-groups/:

1. Such tools help ransomware operators turn off security products on breached systems so they can deploy payloads, escalate privileges, attempt lateral movement, and ultimately encrypt devices on the network without being detected.
2. SentinelOne also reported last year about FIN7 hackers selling their custom "AvNeutralizer" tool to multiple ransomware gangs, including BlackBasta, AvosLocker, MedusaLocker, BlackCat, Trigona, and LockBit.
3. Audit your Active Directory for free Terms of Use - Privacy Policy - Ethics Statement - Affiliate Disclosure Copyright @ 2003 - 2025 Bleeping Computer® LLC - All Rights Reserved Not a member yet?

@secharvester

Flipper Zero Darkweb Firmware Bypasses Rolling Code Security
https://www.rtl-sdr.com/flipperzero-darkweb-firmware-bypasses-rolling-code-security/:

1. Over on YouTube Talking Sasquach has recently tested custom firmware for the Flipper Zero that can entirely break the rolling code security system used on most modern vehicles.
2. In the past we've discussed an attack against rolling code security systems called RollJam, which works by jamming the original keyfob signal so the vehicle cannot receive it, and at the same time recording it for later use.
3. However, another article mentions that the firmware is based on the "RollBack" attack, which works by playing back captured rolling codes in a specific order to initiate a 'rollback' of the synchronization system.

@secharvester

Prompt injection engineering for attackers: Exploiting GitHub Copilot
https://blog.trailofbits.com/2025/08/06/prompt-injection-engineering-for-attackers-exploiting-github-copilot/:

1. In this post, we will design and implement a prompt injection exploit targeting GitHub’s Copilot Agent, with a focus on maximizing reliability and minimizing the odds of detection.
2. To ensure the agent doesn’t become suspicious, we add fake warnings about “encoding artifacts.” For this to be a practical attack, the backdoor must be discreet, as the Copilot-generated pull request may need to pass a human review to get merged into the project.
3. To increase the reliability of these stealth measures, we will use strong language (“catastrophic”) and capitalization (“NEVER …”), and explicitly enumerate places the agent should not mention the script, such as the “description” field of its bash tool call and documentation files.

@secharvester

Consent & Compromise: Abusing Entra OAuth for Fun and Access to Internal Microsoft Applications
http://consentandcompromise.com:

1. Previous Research In 2023, Wiz discovered that for any multi-tenant application, if you replace /common or /organizations with / during authentication, you will receive an access token issued by the resource tenant.
2. We have written a small PowerShell script to quickly identify all Multi-Tenant applications in your own Entra environment and their respective redirect URIs.
3. Our research team performs proactive scans and threat intelligence operations across the region to defend our customers and their supply chains.

@secharvester

Automate Red Team Infrastructure
https://lodestar-forge.com:

1. Built-In Templates File Editor Multi-User Support SSH Key Management Open Source Multi-Cloud Support VirusTotal Integration Tailscale Support Template Editor Project Management Template Variables Full API Deployment Management Ansible & Terraform CREATORS NOTE c0nf1den71al INTEGRATIONS Connect with your favorite tools to streamline workflows Connect directly to infrastructure without the need for jump hosts using the Tailscale integration.
2. Status Analytics DNS Monitoring Health Tracking FAQS Get answers to your questions and learn about the platform How much does Lodestar Forge cost?
3. Forge is built from several components (Nucleus, Command, Radar, and Store) which allow for the platform to be easily developed and customised.

@secharvester

New Infection Chain and ConfuserEx-Based Obfuscation for DarkCloud Stealer
https://unit42.paloaltonetworks.com/new-darkcloud-stealer-infection-chain:

1. Unit 42 researchers recently observed a shift in the delivery method in the distribution of DarkCloud Stealer and the obfuscation techniques used to complicate analysis.
2. Palo Alto Networks customers are better protected through the following products and services: If you think you might have been compromised or have an urgent matter, contact the Unit 42 Incident Response team.
3. These sensitive strings can be broadly categorized as: DarkCloud Stealer is typical of an evolution in cyberthreats, leveraging obfuscation techniques and intricate payload structures to evade traditional detection mechanisms.

@secharvester

Cracking the Vault: how we found zero-day flaws in authentication, identity, and authorization in HashiCorp Vault - Cyata | The Control Plane for Agentic Identity
https://cyata.ai/blog/cracking-the-vault-how-we-found-zero-day-flaws-in-authentication-identity-and-authorization-in-hashicorp-vault/:

1. For example: Impact: An attacker can make billions of password guesses against the same account in a single lockout window – completely defeating the brute-force protection mechanism CVE-2025-6003 – MFA enforcement bypass via username_as_alias and EntityIDThe second flaw was even more subtle and potentially more dangerous.
2. The relevant code: Inside SanitizePolicies, this logic appears: This introduces a subtle but powerful mismatch: That means the following inputs: Because these variations aren’t blocked by the validation check, they pass through and are then normalized to ‘root’ during enforcement.
3. Full exploit flow Default -> RCE (...

@secharvester

See 694201 POST requests to /aura in a pentest? It's probably Salesforce - run this tool against it.
https://projectblack.io/blog/salesforce-penetration-testing-fundamentals/:

1. This blog walks you through using our script to audit a Salesforce environment, uncovering excessive permissions and platform-specific risks like SOQL injection.
2. When testing for broken access controls in Salesforce, it’s essential to understand the core data structures: Objects, Fields, and Records.
3. Here’s a scenario to demonstrate the risk: Our test user can create and view Account records - but only their own, due to a combination of sharing rules and object-level permissions.

@secharvester

India Records Highest Average Cost of a Data Breach at INR 220 million in 2025: IBM Report
https://in.newsroom.ibm.com/2025-08-07-India-Records-Highest-Average-Cost-of-a-Data-Breach-IBM:

1. CISOs must act decisively – embedding trust, transparency, and governance into AI systems by design,” said Viswanath Ramaswamy, Vice President, Technology, IBM India & South Asia.
2. Thousands of governments and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM's hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently, and securely.
3. IBM's breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and consulting deliver open and flexible options to our clients.

@secharvester

Cyber Digital Defenses and Services in Asia 2025
https://itknowledgezone.com/:

1. Take a closer look at how companies have ventured into the realm of innovation and transformation, reaping impressive ROI and high-performance outcomes.
2. Take a closer look at how companies have ventured into the realm of innovation and transformation, reaping impressive ROI and high-performance outcomes.
3. Discover upcoming technology events, webinars, and conferences and explore the industry trends, innovations, and networking opportunities.

@secharvester

Ghost of Adwind? FUD Java Loader | Technical Analysis of a Stealth Java Loader Used in Phishing Campaigns Targeting Türkiye
https://www.malwation.com/blog/technical-analysis-of-a-stealth-java-loader-used-in-phishing-campaigns-targeting-turkiye:

1. We noted impact across many banks, ISPs, and mid-level organizations.This case again shows why on-premises sandboxes are essential for critical infrastructure and why real dynamic analysis is crucial for SOC teams.
2. Threat actors targeted computers running Windows operating systems located in Türkiye and using the Turkish language.  These emails distribute an advanced botnet that comes with a 3-stage loader under files such as “TEKLIFALINACAKURUNLER.jar”.
3. ‍ When this malware is executed, it uses advanced persistence mechanisms—including downloading TOR to establish communication with the command-and-control panel and scheduling tasks for automatic execution—to ensure the devi...

@secharvester

HTTP/1.1 must die: the desync endgame (whitepaper)
https://http1mustdie.com/:

1. AppSec Leadership In-House Pentesters MSSPs and Contract Pentesters Bug Bounty Hunters

@secharvester

OWASP Faction at BlackHat 2025 Arsenal
https://github.com/factionsecurity/faction:

1. -> Faction YouTube Channel Requirements Run the following commands to build the war file and deploy it to the docker container.
2. All instances are single tenants so you don't have to worry about sharing infrastructure with untrusted parties.
3. Faction Extensions can be used to trigger custom code when certain events happen in your workflow like sending all vulnerbilities to Jira when the assessment is complete or update a tracking system when retests pass or fail.

@secharvester