ConGISATA: A Framework for Continuous Gamified Information Security Awareness Training and Assessment

The incidence of cybersecurity attacks utilizing social engineering techniques has increased. Such attacks exploit the fact that in every secure system, there is at least one individual with the means to access sensitive information. Since it is easier to deceive a person than it is to bypass the...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +9630 more potentially affected by CVE-2026-5588 via org.bouncycastle:bcpkix-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcpkix-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =3.10.0.5, =0.5.0, =1.2.4, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2026.05.28.162006-546becb and more Source cves: CVE-2026-5588 Source advisory:...

AI clickbait can turn your notifications into a scam feed

Pushpaganda is the name researchers have given to an AI-assisted ad fraud, social engineering, and scareware operation targeting mobile users. For most people, Pushpaganda starts as something that looks completely normal. For example, a recommended article in your Google Discover feed the...

Challenges and Future Directions in Agentic Reverse Engineering Systems

Agentic systems built on large language models LLMs are increasingly being used for complex security tasks, including binary reverse engineering RE. Despite recent growth in popularity and capability, these systems continue to face limitations in realistic settings. Cutting-edge systems still fai...

Your Cloud Detection Strategy in 2026: What to Expect at the Global Cybersecurity Summit

Cloud environments have changed how security teams detect and respond to threats. Signals come from more places, identities are harder to track, and attacks rarely stay within a single system. For many teams, the challenge is no longer visibility. It is having the risk context to understand what...

coruna-exploit-kit-analysis

Coruna iOS Exploit Kit — Reverse Engineering Analysis Def...

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

Anthropic restricted its Mythos Preview model last week after it autonomously found and exploited zero-day vulnerabilities in every major operating system and browser. Palo Alto Networks' Wendi Whitmore warned that similar capabilities are weeks or months from proliferation. CrowdStrike's 2026...

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

The North Korean hacking group tracked as APT37 aka ScarCruft has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery...

ABB Ability Symphony Plus Engineering

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are affected by vulnerabilities in PostgreSQL version 13.11 and earlier versions. If an attacker gains access to a site’s S+ Client Server network, they...

A Synthetic Conversational Smishing Dataset for Social Engineering Detection

Smishing SMS phishing has become a serious cybersecurity threat, especially for elderly and cyber-unaware individuals, causing financial loss and undermining user trust. Although prior work has focused on detecting smishing at the level of individual messages, real-world attackers often rely on...

Cybersecurity-Detection-Engineering-POC-Event-Generator

Cybersecurity-Detection-Engineering-POC-Event...

infosec-notebook

infosec-notebook Personal cybersecurity notes and references...

UNC6783 Hackers Use Fake Okta Pages in Corporate Breach Campaign

UNC6783 hackers and extortionists impersonate support staff, using fake Okta login pages and social engineering to access corporate systems and steal sensitive data...

CVE-2026-33783

Junos OS Evolved on PTX Series is affected when SRTE policy tunnels are provisioned via PCEP and gRPC is used to monitor traffic; evo-aftmand crashes and requires manual restart, causing persistent DoS. The issue occurs only if the Originator ASN field in PCEP exceeds 65,535 (32-bit ASN). Affecte...

GPL Odorizers GPL750

RISK EVALUATION Successful exploitation of this vulnerability could allow a low privileged remote attacker to manipulate register values, which would result in too much or too little odorant being injected into a gas line. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

EUVD-2026-19994

The Gravity Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the formids parameter in the gformgetconfig AJAX action in all versions up to, and including, 2.9.30. This is due to the GFCommon::sendjson method outputting JSON-encoded data wrapped in HTML comment...

EUVD-2026-19549

Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio RES prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with...

LLM4CodeRE: Generative AI for Code Decompilation Analysis and Reverse Engineering

Code decompilation analysis is a fundamental yet challenging task in malware reverse engineering, particularly due to the pervasive use of sophisticated obfuscation techniques. Although recent large language models LLMs have shown promise in translating low-level representations into high-level...

CVE-2026-5709

Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio RES version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediat...

CVE-2026-5709

Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio RES version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediat...