Talkback

Talkback

AI Powered Infosec Resource Aggregator to Boost Productivity.

Developed by elttam

Sign in to customize your weekly newsletter.

Resources See all
AI-augmented threat actor accesses FortiGate devices at scale net cloud

Commercial AI enabled low-skill threat actors to scale cyberattacks on FortiGate devices globally through automation and reconnaissance, highlighting the need for improved management security, credential hygiene, and behavioral monitoring.

Fri 20 Feb aws.amazon.com
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflow... mal

A sophisticated, multi-stage supply chain attack exploits malicious npm packages and AI tool integrations to steal credentials, infect developer environments, and maintain persistent control through obfuscated payloads, rogue servers, and configurable destructive features.

Fri 20 Feb socket.dev
Using threat modeling and prompt injection to audit Comet app

Implement early ML threat modeling, strict input validation, regular adversarial testing, least privilege principles, and consistent security controls to safeguard AI systems against prompt injection and related attacks.

Fri 20 Feb blog.trailofbits.com
GitLab Threat Intelligence Team reveals North Korean tradecraft mal

In 2025, GitLab's Threat Intelligence Team uncovered and disrupted sophisticated North Korean cyber campaigns involving malware, synthetic identities, and espionage, utilizing advanced techniques and operational complexity.

Thu 19 Feb about.gitlab.com
CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad exp sys

CVE-2026-20841 is a Windows Notepad vulnerability allowing remote code execution via malicious Markdown links, patched by Microsoft in February 2026.

Thu 19 Feb zerodayinitiative.com
GitHub - praetorian-inc/MCPHammer: MCP security testing framework for evaluating Model Context Protocol server vulnerabilities app

MCP Hammer is a secure, Python-based HTTP server with Claude AI integration, remote management, customizable configuration, and advanced features like session logging, health monitoring, and covert command capabilities.

Thu 19 Feb github.com/praetorian-inc
Vulnerabilities See all
CVE-2025-29969 7.5
Awaiting Analysis

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

  • Discovery & Analysis of CVE-2025-29969
  • Zero Day Initiative — The May 2025 Security Update Review
Tue 13 May
CVE-2019-7192 9.8
Modified

This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.

  • AI-augmented threat actor accesses FortiGate devices at scale
  • Sploitify
Thu 5 Dec
CVE-2026-21241 7.0
Awaiting Analysis

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • Use-After-Free in afd.sys (CVE-2026-21241)
  • Reversing CVE-2026-21241 - Use After Free in AFD.sys
  • Zero Day Initiative — The February 2026 Security Update Review
  • ...
Tue 10 Feb
CVE-2026-1603 8.6
Analyzed

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

  • CVE-2026-1603
Tue 10 Feb
CVE-2025-12758 7.5
Modified

Versions of the package validator before 13.15.22 are vulnerable to Incomplete Filtering of One or More Instances of Special Elements in the isLength() function that does not take into account Unicode variation selectors (\uFE0F, \uFE0E) appearing in a se…

  • I'm extremely happy to have Evilginx Pro sponsor Paged Out! #8, the highly technical magazine for hackers. 💗 This is the biggest issue to date! 🔥 Huge respect to @gynvael, @husseinmuhaisen and the team for making it happen! Grab it for FREE here:
Thu 27 Nov
CVE-2025-34186 9.8
Analyzed

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Du…

  • I'm extremely happy to have Evilginx Pro sponsor Paged Out! #8, the highly technical magazine for hackers. 💗 This is the biggest issue to date! 🔥 Huge respect to @gynvael, @husseinmuhaisen and the team for making it happen! Grab it for FREE here:
Tue 16 Sep
Topics See all
GitHub GitHub
Collaboration
  • SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflow...
  • Use-After-Free in afd.sys (CVE-2026-21241)
  • SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer
  • ...
Sat 21 Feb
GitHub Actions GitHub
Continuous Integration/Continuous Deployment (CI/CD) tool
  • Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager
  • Run XDRInternals as GitHub Action
  • GitHub - mitchellh/vouch: A contributor trust management system based on explicit vouches to participate.
  • ...
Sat 21 Feb
iOS Apple
Operating System
  • Firebase Misconfiguration Exposes 300M Messages From Chat & Ask AI Users
  • Apple Tests End-to-End Encrypted RCS Messaging in iOS 26.4 Developer Beta
  • About the security content of iOS 26.3 and iPadOS 26.3
  • ...
Sat 21 Feb
Ransomware Ragnar Locker
Security software
  • Japanese tech giant Advantest hit by ransomware attack
  • Latin America's Cyber Maturity Lags Threat Landscape
  • Man Linked to Phobos Ransomware Arrested in Poland
  • ...
Sat 21 Feb
Docker Docker
Containerization platform
  • GitHub - hakwerk/labca: A private Certificate Authority for internal (lab) use, based on the open source ACME Automated Certificate Management Environment implementation from Let's Encrypt (tm).
  • GitHub - samugit83/redamon: An AI-powered agentic red team framework that automates offensive security operations, from reconnaissance to exploitation to post-exploitation, with zero human intervention.
  • Automaker Secures the Supply Chain With Developer-Friendly Platform
  • ...
Sat 21 Feb
Elasticsearch Elastic
Log management tool
  • In Other News: Ransomware Shuts US Clinics, ICS Vulnerability Surge, European Parliament Bans AI
  • Alleged leak of over 6.8B emails downplayed
  • Misconfiguration exposes billions of Chinese records
  • ...
Sat 21 Feb

Indexed Resources