Show threadTelH903d ago

@Taffer @Vivaldi simple:

Annoy everyone who uses #RogueISP|s like #ClownFlare into changing that and boycott them until they get rid of said value-removing maliciois actors that are comitting #MITM attacks against their clients!

Chema Alonso 4d ago
El lado del mal - Cómo filtrar las API Keys de los LLMs en las Apps de iPhone y Android https://www.elladodelmal.com/2026/06/como-filtrar-las-api-keys-de-los-llms.html #IA #AI #LLM #Hacking #APIKey #ChatGPT #Gemini #Anthropic #Claude #OpenAI #InteligenciaArtificial #hacking #mitm #Iphone #iOS #Apps
Cómo filtrar las API Keys de los LLMs en las Apps de iPhone y Android

Blog personal de Chema Alonso ( https://MyPublicInbox.com/ChemaAlonso ): Ciberseguridad, IA, Innovación, Tecnología, Cómics & Cosas Personasles.

nextredblog 5d ago

🐀 Cybersecurity Advance Class
🎭 ARP Spoofing (ARP Poisoning)

In una rete locale, un attaccante può inviare risposte ARP false e convincere i dispositivi che il suo MAC appartenga al gateway. Il risultato? Il traffico passa attraverso di lui, aprendo la porta a intercettazione, manipolazione dei dati e attacchi Man-in-the-Middle (MITM).

@sicurezza

#CyberSecurity #ARP #MITM #Networking #Nextred

tallshipJun 16

Assholes Will Always Exist

Over the years they've been called a lot of things. Some of the terms, these miscreants actually donned like a cape or wore the disparaging noun as a badge of honor:

- #cracker
- #list_bully
- #foreign_agent
- #incel
- #phishermen
- #spammer
- #blackhat

The list is truly, much too long to collate in a single fly by topical mention; and that's really not the point of what I'm writing about here either. What is absolutely pernicious, is the #MiTM style attack on software distribution rising to a level where even the source cannot be held in high confidence.

When these atrocious acts become the commonplace verbs to the infamous nouns above it is time that each and every one of us stand vigil and at the ready to come to the aid of our community members. Here's one such place where we can begin - the #AUR: https://archlinux.org/news/active-aur-malicious-packages-incident/

#tallship #FOSS #malware

S.Fynn  Jun 12

https://mrbruh.com/amd2/

#amd #rce #mitm #vulnerabilities

The RCE that AMD wouldn’t fix!

Following backlash, AMD agreed to fix an MITM RCE I discovered in Ryzen Master. All in all, it took them over four months to roll out the fix.

Patrick Jun 12
One Open-source Project Daily

Ngrok FRP Alternative • Fast • Lightweight • 0 Dependency • Pluggable • TLS interception • DNS-over-HTTPS • Poor Man's VPN • Reverse & Forward • "Proxy Server" framework • "Web Server" framework • "PubSub" framework • "Work" acceptor & executor framework

https://github.com/abhinavsingh/proxy.py

#1ospd #opensource #dnsoverhttps #gfw #httpproxy #httpserver #httpsproxy #maninthemiddle #mitm #mitmproxy #ngrok #ngrokalternative #ngrokreplacement #proxy #proxyserver #python3 #reverseproxy #tlsinterception #tunnel #vpn #webserver #webserver
GitHub - abhinavsingh/proxy.py: 💫 Ngrok FRP Alternative • ⚡ Fast • 🪶 Lightweight • 0️⃣ Dependency • 🔌 Pluggable • 😈 TLS interception • 🔒 DNS-over-HTTPS • 🔥 Poor Man's VPN • ⏪ Reverse & ⏩ Forward • 👮🏿 "Proxy Server" framework • 🌐 "Web Server" framework • ➵ ➶ ➷ ➠ "PubSub" framework • 👷 "Work" acceptor & executor framework

💫 Ngrok FRP Alternative • ⚡ Fast • 🪶 Lightweight • 0️⃣ Dependency • 🔌 Pluggable • 😈 TLS interception • 🔒 DNS-over-HTTPS • 🔥 Poor Man's VPN • ⏪ Reverse & ⏩ Forward • 👮🏿 "Proxy Server&qu...

GitHub
SecBurgJun 11

oproxy - an an open-source local proxy server for inspecting, replaying, and modifying HTTP, HTTPS, and SOCKS5 traffic - released in v0.1.7 and v0.1.8

https://secburg.com/posts/oproxy-v017-v018-released/

#mitm #mitmproxy #tools #proxy #opensource

oproxy v0.1.7 and v0.1.8 released

oproxy is an open-source local proxy server for inspecting, replaying, and modifying HTTP, HTTPS, and SOCKS5 traffic. Built in Rust with a JavaScript frontend, it supports request breakpoints, traffic rules, Lua scripting, mock responses, DNS overrides, and an AI assistant via any OpenAI-compatible model.

SecBurg - InfoSec Blog
Joey ChenJun 10

👉 New post: 10 Months Unpatched: Dissecting LocalSend CVE-2025-54792

LocalSend uses HTTPS, but this CVE shows why encryption is not same as authentication. Forged UDP discovery packet poison nearby device list, making encrypted transfer go to wrong peer.

In this write-up:
- How unverified UDP data becomes a trusted UI entry
- A Python PoC using spoofed packet & fake HTTPS receiver
- A proposed fix for broken model

🔗 Link: https://blog.joeyc.dev/posts/localsend-cve-2025-54792/

#LocalSend #CVE #CyberSecurity #InfoSec #MITM

10 Months Unpatched: Dissecting LocalSend CVE-2025-54792 - Joey Chen

A writeup of CVE-2025-54792 in LocalSend, showing how unauthenticated UDP discovery can poison the device list, route encrypted transfers to the wrong peer, and why encryption is not authentication.

Joey Chen
SecBurgJun 7

oproxy - an an open-source local proxy server for inspecting, replaying, and modifying HTTP, HTTPS, and SOCKS5 traffic - released in v0.1.6

https://secburg.com/posts/oproxy-v016-released/

#mitm #mitmproxy #tools #proxy #opensource

oproxy v0.1.6 released

oproxy is an open-source local proxy server for inspecting, replaying, and modifying HTTP, HTTPS, and SOCKS5 traffic. Built in Rust with a JavaScript frontend, it supports request breakpoints, traffic rules, Lua scripting, mock responses, DNS overrides, and an AI assistant via any OpenAI-compatible model.

SecBurg - InfoSec Blog
Show threadMy Privacy DNS - MatrixJun 7
@[email protected] @[email protected]

Ass it is demonstrated, it is caused by Cloudflare's MITM controlled walled garden censoring

#cloudflare #crimeflare #gafam #walledgarden #censoring #censorship #privacymatters #infosec #mitm