Handala Claims Israeli Radar Hack, But Evidence Shows Phone Admin Panel

An Iranian-linked hacker group called Handala claimed to have hit Israeli military targets with massive cyberattacks on Sunday,…...

HTB-TwoMillion-Exploit

HTB-TwoMillion-Exploit Importante: Esto NO es un writeu...

Hardening Agent Benchmarks with Adversarial Hacker-Fixer Loops

Agent benchmarks score submissions with outcome verifiers that are typically hand-written and brittle, leaving them open to reward hacking. We audit 1,968 tasks across five terminal-agent benchmarks and find 323 16% hackable by frontier models given only the task description. This corrupts both...

Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow

Plus: A ransomware group is now stealing data in person, BusPatrol wants to hand its license plate surveillance data to the cops, and more...

hack-and-juice

B-SE...

Exploit for CVE-2024-34070

Exploit for CVE-2024-34070 Credit to froxlor for the vuln dis...

Exploit for Missing Authentication for Critical Function in Flowiseai Flowise

Silentium — HackTheBox Writeup Platform: HackTheBox...

Exploit for CVE-2026-42945

CVE-2026-42945 NGINX Rift - HTB-Ready Exploit Standalone ex...

htb-lab-writeups

No d...

cybersec-hw1

cybersec-hw1 Homework 1 for Introduction to Computer Securi...

Hack-Juice

No d...

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

You scroll past one incident and see another that feels familiar, like it should have been fixed years ago, but it still works with small changes. Same bugs. Same mistakes. The supply chain is messy. Packages you did not check are stealing data, adding backdoors, and spreading. Attacking the...

ctf-writeups

ctf-writeups Retos de HTB, TryHackMe y DFIR — documentado...

PT-2026-33765

https://t.co/4bpvciSJjS CVE-2026-39533 WordPress plugin vulnerability another-wordpress-classifieds-plugin cybersecurity wordpressfirewall wordpresssecurity hack…...

$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims

Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it's suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack tha...

infosec-notebook

infosec-notebook Personal cybersecurity notes and references...

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East and North Africa MENA, according to findings from Access Now, Lookout, and SMEX. Two of the target...

HTB-WriteUp

No d...

CVE-2026-34938

PraisonAI is a multi-agent teams system. Prior to version 1.5.90, executecode in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith method to the safegetattr wrapper, achieving arbitrary ...

Exploit for Server-Side Request Forgery in Apache Cxf

DevArea SOAP Exploitation Tool CVE-2022-46364 Descripti...