Mastodawn

0xBughunter 5h ago

🔒 Public and Private Medical Community Targeted by China-Nexus Threat Actor Pur...

📝 Written by: Patrick Whitsell, John McGuiness Google Threat Intellig...

https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research/

📰 Threat Intelligence

#Pentesting #InfoSec

Public and Private Medical Community Targeted by China-Nexus Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research | Google Cloud Blog

UNC6508 leveraged Google Workspace compliance rules and REDCap vulnerabilities for intelligence collection.

Google Cloud Blog

Rubén Santos García 1d ago

Enterprise SSO with SAML: one XML signature wrapping attack = access to every app in scope. This week I broke down XSW variants, void canonicalization bypass, NameID comment injection, and attribute-based escalation. Five quick checks that cover most real-world SAML bugs, all automatable with SAMLRaider. https://www.kayssel.com/newsletter/issue-54/
#InfoSec #CyberSecurity #Pentesting #BugBounty #OffSec #SAMl #SSo

SAML SSO Exploitation: Breaking the Trust Chain

XML signature wrapping variants, void canonicalization bypass, NameID comment injection, SAML attribute injection, and token replay against enterprise SSO

Kayssel

KOREONE 2d ago

I just solved Callfuscated on Hack The Box! https://labs.hackthebox.com/achievement/challenge/2026525/928 #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting

Owned Callfuscated from Hack The Box!

I have just owned challenge Callfuscated from Hack The Box

KOREONE 2d ago

I just solved Bobby's Bistro on Hack The Box! https://labs.hackthebox.com/achievement/challenge/2026525/1272 #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting

Owned Bobby's Bistro from Hack The Box!

I have just owned challenge Bobby's Bistro from Hack The Box

xer0dayz 3d ago

[DEMO] Sn1per Professional 2026 Released: A New Era for Attack Surface Management

https://sn1persecurity.com/wordpress/sn1per-professional-2026-release/?utm_source=mastodon&utm_medium=social&utm_campaign=pro2026-launch

#offsec #offensivesecurity #netsec #infosec #bugbounty #pentesting #ai

KOREONE 3d ago

I just solved Sattrack on Hack The Box! https://labs.hackthebox.com/achievement/challenge/2026525/964 #HackTheBox #HTB #CyberSecurity #EthicalHacking #InfoSec #PenTesting

Owned Sattrack from Hack The Box!

I have just owned challenge Sattrack from Hack The Box

RootShell 3d ago

From pentesting tips to cloud defense, today’s curated cyber playlist has it all. 🎥 https://www.youtube.com/playlist?list=PLXqx05yil_mfRFdgiEPlBqHsQNWiJ7puL
#PenTesting #AppSec #CyberSecurity #ThreatIntelligence #IncidentResponse

260611 rootshell.online

YouTube

hoek 💎4d ago

I was tired of digging through endless random cybersecurity lists, so naturally I built another random cybersecurity list - just cleaner, prettier and actually organized.

Hack Hub is a curated directory of useful security resources.

https://hackhub.fyi

#CyberSecurity #InfoSec #Hacking #EthicalHacking #Pentesting #RedTeam #BlueTeam #DFIR #OSINT #ThreatIntel #MalwareAnalysis #BugBounty #CloudSecurity #MobileSecurity #OpenSource #SecurityTools #SecurityResearch #Linux #Hackers #Tech