341 matches found
cybersec-mcp
🛡️ Cybersecurity Professor MCP Server Prof. Null — Tu pro...
-GodSearch
GodSearch v20.0 — THE SOVEREIGN 💀 Universal Exploit Sear...
human-connection-ctf
Human Connection Challenge: CTF Writeup Platform: Immersi...
autopenx
AutoPenX – A fully automated CTF-solving & penetration testing...
MAL-2026-3836 Malicious code in ctf-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...
Malicious code in ctf-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23293f1bc28e465f7ffaf916fd8a6cc3958b873a2b338b81c0bf71bb146d1d36 package.json declares a postinstall script that runs node src/install.js after building a local binary. src/install.js is a 175 KB single-line payloa...
Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple
SimpleCTF-THM-Relatory First CTF successfully completed! This...
Malicious code in 0ctf-chalweb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d7a129ab6079febb92ceac3587af97653477bce8a65b8e85bfa5bcae0293b0d The package's entire content xss.js is a 2-line cookie-stealing payload that creates an Image element pointing to...
CTFusion: A CTF-Based Benchmark for LLM Agent Evaluation
Recent advances in Large Language Models LLMs have enabled agentic systems for complex, multi-step tasks; cybersecurity is emerging as a prominent application. To evaluate such agents, researchers widely adopt Capture The Flag CTF benchmarks. However, current CTF benchmarks reuse existing...
When prompts become shells: RCE vulnerabilities in AI agent frameworks
In this article 1. A representative case study: Semantic Kernel 2. CVE-2026-26030: In-Memory Vector Store 3. CVE-2026-25592: Arbitrary file write through SessionsPythonPlugin 4. The vulnerability 5. Attack chain overview 6. Defending the agentic edge 7. Not bugs, but developed by design 8. CTF...
obliteratus-brain
OBLITERATUS BRAIN The Persistent Knowledge Layer for OBLITE...
alfactf2026-writeups
🏆 Alfa CTF 2026 — Райтапы команды The A-Team !CTF Badgeh...
darkmarket-vuln-lab
🕶️ Dark Market Simulator An intentionally vulnerable CTF-...
hangover-ctf-wolfpack-deals
🎰 The Hangover CTF — Machine 1: Wolfpack Deals "What happe...
bagbag (>=0.72.2 <=0.75.43), chameli (>=0.1.9 <=0.1.13) +29 more potentially affected by CVE-2026-40606 via mitmproxy (>=0.17.0 <=12.2.1)
mitmproxy PYPI version =0.17.0, =0.72.2, =0.1.9, =0.1.0, =0.0.0, =4.0.0, =0.34.0, =0.14.1, =4.0.0, =0.11.0, =3.7.6, =2.0.0b0, =1.0.0, =0.9.0, =1.1.0 and more Source cves: CVE-2026-40606 Source advisory: OSV:PYSEC-2026-92...
Malicious code in leavemealone (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5628eb1d01e8eb7de8a582cd9ea85dff68eafde06f4e1164ae92842354db0bf7 During building the package, it executes encrypted code. The content is unclear as the decryption key bases on the local environment variable. Given leaving a...
vantix
Vantix Vantix is a Codex-native offensive-security control pl...
Malicious code in devops-debug-tool-ctf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d30d25ee7c0447913c62771e8ddcec556db40753e2133f73ec7613939b5ca35c The package devops-debug-tool-ctf was found to contain malicious code...
Malicious code in ctf-package-onetimeuseforctf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d37390fd81ab77282de711d615673122fd18763d31c720135595e40dd32a71b The package ctf-package-onetimeuseforctf was found to contain malicious code...
Malicious code in libxmljs2var-ctf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01c9273d9a31b1c550935b2367e8a3ba1bedb4668f432fec423a01bdc314ea0e The package libxmljs2var-ctf was found to contain malicious code...