OffSequenceMar 29
🚨 CVE-2026-5033 (MEDIUM): SQL injection in code-projects Accounting System 1.0 (/view_costumer.php, cos_id) is being actively exploited. Remote risk — monitor and patch as soon as fixes arrive. More: https://radar.offseq.com/threat/cve-2026-5033-sql-injection-in-code-projects-accou-9e1a8bbd #OffSeq #SQLInjection #VulnResearch
TechNaduDec 3

Google’s December Android update addresses 107 security flaws, including two Framework vulnerabilities already exploited in targeted scenarios. The release also patches a critical DoS issue and multiple vendor-specific components across major chipsets.

How should mobile ecosystems improve patch adoption across fragmented devices?
Follow us for more neutral, technical cybersecurity updates.

Source: https://thehackernews.com/2025/12/google-patches-107-android-flaws.html

#infosec #androidsecurity #zeroday #vulnresearch #mobilesecurity #threatintel #googlepatch #securitybulletin #technadu

OffSequenceSep 14, 2025
🐶 CVE-2025-10396: MEDIUM severity SQL injection in SourceCodester Pet Grooming Mgmt 1.0 (/admin/edit_role.php, ID param). Remote, unauthenticated exploit risk—no patch yet. Apply WAF, limit access, monitor logs. Details: https://radar.offseq.com/threat/cve-2025-10396-sql-injection-in-sourcecodester-pet-0c841b0a #OffSeq #SQLi #VulnResearch
OffSequenceAug 31, 2025
🚨 CVE-2025-47696: HIGH severity RFI in Solwin Blog Designer PRO (≤3.4.7) allows unauthenticated remote code execution via improper PHP include control. Disable plugin & monitor for patches! https://radar.offseq.com/threat/cve-2025-47696-cwe-98-improper-control-of-filename-3c491ef1 #OffSeq #WordPress #VulnResearch
 domenukJul 19, 2025

Quote of the day: "Nicely done. It doesn’t undo all the (often rightly deserved) bad press that AI agents have received lately, but good news is good news."

https://www.vice.com/en/article/google-big-sleep-first-ai-to-ever-prevent-cyberattack/

#BigSleep #VulnResearch

Google’s ‘Big Sleep’ Just Became the First-Ever AI to Prevent a Cyberattack

Google's Big Sleep is just a year old, and for the first time it as able to detect and help close a vulnerability at risk of being exploited.

VICE
🌿 (buffy)² 🌿 Jun 23, 2025

Apparently I missed my original calling as a sociologist, so I’m making up for lost time by asking you about your thoughts on infosec! Do you feel you do meaningful work? How much is ritual compliance to appease the audit gods? Tell me your bullshit job stories.

https://cryptpad.fr/form/#/2/form/view/0LcyFXPJZeAxygGbkXq7T98f+mx2i6gJeaGpYZIy-AA/

Please reboost ❤️

#infosec #cyberSecurity #vulnResearch

Encrypted Form

CryptPad: end-to-end encrypted collaboration suite

Alison BreacherNov 8, 2024

Vulnerability hunting: it’s like hide-and-seek, but the bugs didn’t realize they were playing.

#VulnResearch #Infosec

Alison BreacherNov 4, 2024

#introduction

👋 Hi, I’m Alison Breacher (she/her), a cybersecurity researcher focused on finding vulnerabilities and helping make everyday systems more secure. I enjoy digging into the details to turn security gaps into solutions. When I’m not reverse engineering or testing systems, I’m usually learning new tools or collaborating on projects with the infosec community.

Always up for a good challenge and excited to see where this journey takes me next. #Cybersecurity #BugHunter #VulnResearch

Joseph ZengJun 22, 2024

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

https://googleprojectzero.blogspot.com/2024/06/project-naptime.html

#llm #cybersecurity #vulnresearch

Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models

Posted by Sergei Glazunov and Mark Brand, Google Project Zero Introduction At Project Zero, we constantly seek to expand the scope and e...

BDFeb 6, 2024

Great research, identifying nine vulns affecting the IPv6 stack in a UEFI implementation - exploitable during network boot (aka Pixie boot)
https://blog.quarkslab.com/pixiefail-nine-vulnerabilities-in-tianocores-edk-ii-ipv6-network-stack.html

#ipv6 #vulnresearch

PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

This blog post provides details about nine vulnerabilities affecting the IPv6 network protocol stack of EDK II, TianoCore's open source reference implementation of UEFI.

Quarkslab's blog