Talkback

Talkback

AI Powered Infosec Resource Aggregator to Boost Productivity.

Developed by elttam

Sign in to customize your weekly newsletter.

Resources See all
Avoid Entra Conditional Access using alternative token broker app

Attackers can bypass Entra ID Conditional Access by exploiting device compromise, cookie persistence, and API flows, necessitating vigilant detection and endpoint security measures.

Tue 7 Apr cloudbrothers.info
Claude Mythos Preview \ red.anthropic.com exp app

Claude Mythos Preview showcases AI's advanced ability to autonomously discover and exploit vulnerabilities, emphasizing the need for proactive cybersecurity measures and industry adaptation.

Tue 7 Apr red.anthropic.com
The Race to Ship AI Tools Left Security Behind. Part 1: Sandbox Escape app

Cymulate Research Labs uncovered critical vulnerabilities in AI development tools enabling sandbox escapes and privilege escalation, highlighting the need for improved security measures and cautious deployment.

Tue 7 Apr cymulate.com
What we learned about TEE security from auditing WhatsApp's Private Inference app crypto

The WhatsApp TEE audit highlights the need for rigorous validation, cryptographic verification, and comprehensive testing to ensure secure, privacy-preserving AI features.

Tue 7 Apr blog.trailofbits.com
Microsoft Speech exp net

SpeechRuntime.exe can be exploited for lateral movement through COM hijacking and session enumeration, requiring detection of API calls, registry changes, and service activity to identify malicious activity.

Tue 7 Apr ipurple.team
EvilTokens: an AI-augmented Phishing-as-a-Service for automating BEC fraud - Part 2 social

EvilTokens is an advanced AI-driven Phishing-as-a-Service platform that automates and democratizes sophisticated BEC attacks via Telegram, enabling cybercriminals to execute large-scale, targeted account takeovers and financial fraud with minimal effort.

Tue 7 Apr blog.sekoia.io
Vulnerabilities See all
CVE-2026-5246 5.6
Received

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack ca…

  • Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices
Thu 2 Apr
CVE-2026-5245 5.6
Received

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle_mdns_record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remot…

  • Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices
Thu 2 Apr
CVE-2026-5244 7.3
Received

A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg_tls_recv_cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may…

  • Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices
Thu 2 Apr
CVE-2026-27750 7.8
Awaiting Analysis

Avira Internet Security contains a time-of-check time-of-use (TOCTOU) vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate c…

  • Milking the last drop of Intego - Time for Windows to get its LPE - Quarkslab's blog
  • Avira: Deserialize, Delete and Escalate - The Proper Way to Use an AV - Quarkslab's blog
Thu 5 Mar
CVE-2026-27748 7.8
Awaiting Analysis

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\\ProgramData without validating whether the path resolv…

  • Milking the last drop of Intego - Time for Windows to get its LPE - Quarkslab's blog
  • ⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
  • Avira: Deserialize, Delete and Escalate - The Proper Way to Use an AV - Quarkslab's blog
  • ...
Thu 5 Mar
CVE-2026-25725 10.0
Analyzed

Claude Code is an agentic coding tool. Prior to version 2.1.2, Claude Code's bubblewrap sandboxing mechanism failed to properly protect the .claude/settings.json configuration file when it did not exist at startup. While the parent directory was mounted a…

  • The Race to Ship AI Tools Left Security Behind. Part 1: Sandbox Escape
Fri 6 Feb
Topics See all
Ghidra Ghidra
Reverse Engineering Tool
  • Building an Automated Pipeline with LangChain DeepAgents to Find Zero-Days in Kernel Drivers. It Found One in ASUS.
  • SightHouse: Automated function identification
  • CVE-2026-4946
  • ...
Wed 8 Apr
Chrome DevTools Protocol (CDP) Chrome
Debugger model
  • CDP as a Runtime Instrumentation Engine
  • Stillepost - Or: How to Proxy your C2s HTTP-Traffic through Chromium | mischief
Wed 8 Apr
Codex CodeX
Tool
  • GitHub - openai/codex-plugin-cc: Use Codex from Claude Code to review code or delegate tasks.
  • OpenAI Codex: How a Branch Name Stole GitHub Tokens | Barrack AI
  • OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability
  • ...
Wed 8 Apr
Claude Mythos Preview Anthropic
AI model
  • Project Glasswing: Securing critical software for the AI era
Wed 8 Apr
Z3 SMT solver Microsoft
SMT solver
  • Broken by Default: A Formal Verification Study of Security Vulnerabilities in AI-Generated Code Empirical Analysis of 3,500 Code Artifacts Across Seven Large Language Models Using Z3 SMT Solver, Ablation Studies, and Static Tool Comparison
  • Cyber Apocalypse CTF 2022: Intergalactic Chase - Memory Acceleration
  • CTFs/CrewCTF at master · ixSly/CTFs
  • ...
Wed 8 Apr
PowerShell Microsoft
Automation framework
  • Building a Detection Foundation: Part 5 - Correlation in Practice
  • Cutting Through the Noise: A Technique-Based Approach to Hunting Web-Delivered Malware
  • Recent Yurei Ransomware Attacks Show Use of Common Tools and References to Stranger Things
  • ...
Wed 8 Apr

Indexed Resources