cybersecurity

Mentorship Monday - Post All Career, Education and Job questions here!

2026-06-08T00:00:08+00:00

This is the weekly thread for career and education questions and advice. There are no stupid questions; so, what do you want to know about certs/degrees, job requirements, and any other general cybersecurity career questions? Ask away!

Interested in what other people are asking, or think your question has been asked before? Have a look through prior weeks of content - though we're working on making this more easily searchable for the future.

submitted by /u/AutoModerator
[link] [comments]

Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow

2026-06-09T17:38:50+00:00

It seems that sooner or later DNS filtering will be the only proper way to ensure that the blocks work throughout different versions. 'It was nice while it lasted.'

submitted by /u/escalibur
[link] [comments]

META DELETES FACE-RECOGNITION SYSTEM FROM ITS SMART GLASSES APP AFTER WIRED REPORT

2026-06-09T23:13:11+00:00

Description:

"One day after WIRED revealed that Meta had quietly embedded an unreleased face-recognition system into an app installed on more than 50 million phones, the company removed it, according to a WIRED analysis of the latest version’s code. The most recent version of Meta AI, a companion app for its line of smart glasses, strips out the unactivated software components that powered the system Meta internally called NameTag"

TikTok link:

https://www.tiktok.com/t/ZTBmbUL1k/

submitted by /u/Miserable_Day7074
[link] [comments]

FBI is announcing Operation Riptide

2026-06-09T21:45:15+00:00

https://www.youtube.com/watch?v=3WqOP2iL6R0

The FBI is announcing Operation Riptide, an ongoing, coordinated law enforcement campaign targeting criminal actors and the key services they rely on, their infrastructure, their tools and services, their communications platforms, and their money.

submitted by /u/MT_Carnage
[link] [comments]

North Korean Hackers—Posing As Fake IT Workers—Behind Nearly Half Of All Tech Firm Attacks, Report Says

2026-06-09T18:38:24+00:00

submitted by /u/forbes
[link] [comments]

ServiceNow confirmed some customer instances were breached.

2026-06-09T21:39:56+00:00

Not a lot of detail on what was accessed, but SNOW did confirm that unauthorized access happened. They also claim they have notified all impacted orgs, so if you didn't get an email you're ok for now.

https://www.bleepingcomputer.com/news/security/servicenow-discloses-security-incident-exposing-customer-data/

submitted by /u/MikeTalonNYC
[link] [comments]

someone actually leaked the Miasma supply chain attack toolkit source code on github

2026-06-09T13:31:10+00:00

we saw that multiple github repos name as Miasma-Open-Source-Release started appearing yesterday which was pushed by a compromised developer accounts. then we pulled the source and tried to dig deeper. And calling it a worm would be very small its kind of a complete supply chain framework having ARCHITECTURE.md integration test etc. so it was kind of a product.
ARCHITECTURE.md was saying that it requires no C2 infrastructure and not have to deal with takedowns or maintaining infrastructure. it just stolen github PATs is only what is necessary.

submitted by /u/BattleRemote3157
[link] [comments]

Looking to move off KnowBe4, what are people actually using these days?

2026-06-09T17:37:34+00:00

Our renewal is up in two months and leadership wants options. the training content feels stale and our click rates aren't budging. Curious what the best knowbe4 alternatives for cybersecurity awareness are right now without breaking the bank.

submitted by /u/Particular_Ebb_4872
[link] [comments]

Meta Says Israeli Spyware Firm Targeted WhatsApp Users Again

2026-06-09T08:14:05+00:00

submitted by /u/rkhunter_
[link] [comments]

FCaptcha v1.12: Catching AI Agents That Drive Real Browsers

2026-06-10T02:29:44+00:00

How FCaptcha v1.11 and v1.12 detect AI agents that drive real browsers, using CDP input forensics, think-time cadence, and declared-agent matching.

https://github.com/WebDecoy/FCaptcha

submitted by /u/cport1
[link] [comments]

For the 2nd time in weeks, Microsoft packages laced with credential stealer

2026-06-08T21:53:55+00:00

Dozens of cryptographically verified open source packages from Microsoft were compromised late last week to add advanced credential-stealing code that was triggered when developers opened them in AI coding agents.

submitted by /u/rkhunter_
[link] [comments]

Flooding invalid deauth frames still kicks PMF clients, tested on 3 Android phones

2026-06-10T02:10:37+00:00

Enabled PMF on my AP, expected my deauth tool to fail. It didn’t.

Even though every frame gets rejected by the crypto, flooding enough of them in aggressive mode still disconnected all three Android phones I tested (latest security patch). Took around 9 seconds on average.

Has anyone else seen this on iOS, Windows, or IoT? Curious how widespread it is.

For anyone asking; the tool scans and deauths in parallel so there’s no breathing room and the agressive mode is what let me discover this.

https://github.com/Ymsniper/KTO

submitted by /u/Trick-Resolve-6085
[link] [comments]

More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs

2026-06-10T00:54:51+00:00

submitted by /u/dx7r__
[link] [comments]

AI Malware Worm Adapts to New Targets in Real Time, Cybersecurity Experts Say

2026-06-10T00:44:48+00:00

submitted by /u/CrossPuffs
[link] [comments]

Microsoft has released a patch for the bitlocker bypass

2026-06-09T18:35:05+00:00

submitted by /u/cspotme2
[link] [comments]

Chaotic Eclipse's new RoguePlanet

2026-06-09T20:21:02+00:00

It seems Chaotic eclipse has release a new Windows Defender Vulnerability by the name RoguePlanet.

It is worth mentioning today is Patch Tuesday.

Found here: https://github.com/MSNightmare/RoguePlanet

submitted by /u/Overflow0X
[link] [comments]

Skill to Scan your Codebase

2026-06-10T04:16:53+00:00

I tried creating a skill in Kiro to scan codebases. Feedbacks appreciated on how i can improve this further.

https://youtu.be/Htxv0j2yOpE

submitted by /u/Dr_Anonymous95
[link] [comments]

Miasma-style supply chain attacks

2026-06-10T03:50:11+00:00

Miasma has opened the doorway to a brand-new style of supply chain attacks that even the most security-conscious organizations are finding difficult to defend.

Almost every repo these days uses 3rd party packages, has CI/CD automation, and has coding agent config files.

Checkout the blog on this topic: Hardening the Agentic Supply Chain

submitted by /u/3Pointers
[link] [comments]

University of Toronto proof-of-concept AI worm spread to 62% of a test network in 7 days using a free open-weight model

2026-06-09T15:16:43+00:00

This one breaks a core assumption about worm containment. Traditional worms have a fixed exploit payload. Patch those bugs and propagation stops. This worm reads live public advisories at runtime and generates new attack logic tailored to whatever it finds on the next target. Patch one hole, it picks another.

It ran on a free open-weight LLM on a single GPU with no API keys and no cloud dependency. Across 15 runs on a 33-host isolated network it gained elevated access on 23 hosts and replicated to 62% of the network in 7 days with no human input. It exploited three CVEs disclosed after the model was trained, including CVE-2026-39987, a pre-auth RCE in Marimo (CVSS 9.3) that was exploited in the wild 9 hours after disclosure.

Once it compromises a GPU-capable host it routes inference through that machine for lower-compute devices on the same subnet. One compromised deep-learning server becomes a reasoning hub for the whole network. And because it runs entirely locally, provider-side controls do nothing. There is no API key to revoke.

What I found most significant: the worm rewrote its own code on several occasions to bypass security controls, behavior the researchers never programmed in.

For defenders: hunt for unexpected GPU inference on endpoints, automated SSH key injection, and LLM activity on unexpected segments. Segment GPU infrastructure and treat it as high-value attack real estate.

Paper at arXiv:2606.03811 by Jonas Guan, Tom Blanchard, Hanna Foerster, Hengrui Jia, Gabriel Huang and Nicolas Papernot from University of Toronto, Vector Institute, Cambridge and ServiceNow.

submitted by /u/Aureliand
[link] [comments]

DF/IR Community

2026-06-09T21:17:26+00:00

Hey, I'm new to Reddit but have been in the DF/IR space for around 10 years.

My experience is a mixture of law enforcement digital forensics (mobile forensics, computer forensics, vehicle forensics etc) and private sector incident response (Ransomware. BECs, security assessments etc).

Just wanted to say hello & chat with anyone who has any questions / just wants to talk Cyber :)!

submitted by /u/razerjwf
[link] [comments]

Thoughts on Automated Compliance?

2026-06-09T19:49:12+00:00

Recently I've seen a trend where vendors will use platforms for automating compliance and come back with documents that are clearly AI generated and not backed by any proof from the vendor themselves. If asked, they will typically refer to a SOC2 that has been completed by a non-AICPA backed company and contains barely any extra details.

I understand from personal experience the time it takes to complete an audit and can see the benefits of using these automated platforms. However, it is hard for me to validate the security of a vendor if there is no proof for their security practices beyond a SOC2 that may or may not be valid. If these were solid SOC2 reports, maybe this would be a different story.

I would love to hear anyone's thoughts. Are companies that are using automated compliance platforms actually following the security posture set out in the generated documents? Am I being too harsh in my judgment of these vendors? How do you feel about automated compliance?

submitted by /u/Sad_Dentist_7288
[link] [comments]

WAF Detection Tool

2026-06-10T05:00:50+00:00

Hey everyone,

I just built a WAF detection tool, it essentially checks http headers to identify Cloudflare, Akamai, Imperva, DataDome, PerimeterX, Sucuri, AWS WAF, F5 etc by checking their signatures they leave on HTTP headers. Let me know what you think.

not planning to share the link here because of the rules, but if you show your interest, I would be happy to post on the comments here.

submitted by /u/DiligentImplement949
[link] [comments]

Where can GRC folks learn practical AppSec / DevSecOps without going full engineer?

2026-06-09T15:49:21+00:00

I’m a GRC director and struggling to find AppSec or "DevSecOps" training that hits the "right depth". Most options are either very high level (i.e., "Apply secure coding practices") or geared toward engineers working directly in code and tooling. I am looking for something practical enough to understand how secure SDLC actually works in real environments.

Ultimately, I wan to be able to give concrete, credible recommendations in risk assessments and strategy meetings, as well as properly understand limitations when they are presented by developers. Does anything like this exist?

submitted by /u/BaddestMofoLowDown
[link] [comments]

I feel like ive lost my passion to tinker after 6 years in the industry, anyone else?

2026-06-08T22:57:14+00:00

Ive been in the industry for around 6 years now, when I was much younger every second of my free time was spent learning computers as a whole and continuously tinkering with things like networking, pentesting, etc. Now after 6 years, I want to spend my time AWAY from the computer. Im writting this to ask, how do you all continue to advance your skills if youre in a similar boat, for me, my day-to-day work continues to challenge me and make me a better engineer. But, often times I wish I had the passion I used to.

tldr: how do you continue to advance your skills after many years in the field

submitted by /u/FragileEagle
[link] [comments]

How are all of doing with THE AI model thats big news currently??

2026-06-10T04:36:29+00:00

I am so burnt out , mostly because of the political games that are being played within the organization. Now that this has leadership visibility, there is so much input from our Engineering leaders on how we are categorizing issues, how the security team is analyzing risk, what is our discovery strategy. Why is product 1 doing x and product 2 doing y?? Why do the numbers for product 1 look so different/ are so less than my product????

Like leave the discovery and prioritizing strategy to security!!! And focus on remediation!!! Engineering needs to focus on remediation efforts!!! I am being asked for stats from 3 different leaders at different levels and then everyone has thoughts on how we should coordinate efforts across products, have same strategies etc etc...

Today I was literally told why are we prioritizing based on factors like auth or unauth or exploitibility and to just focus on CVSS since that's what engineers are used to...

To security teams, this is simply another source of vuln discovery. There is no need to prioritize these before other sources just because leaders want these metrics! The security team is performing risk based prioritization irrespective of source. Trust them!

How are yall dealing with the political environment related to vulns discovered using THE AI model?

submitted by /u/Rude-Cap-4455
[link] [comments]