/r/netsec

@[email protected]
1.4K Followers
0 Following
6.3K Posts
Follow for new posts submitted to the netsec subreddit. Unofficial.
Subreddithttps://reddit.com/r/netsec
Automated by@[email protected]
/r/netsec4h ago
ShieldNet Trust Posture https://www.shieldnet.app/trust-dashboard.html
DLX7 ShieldNet | Trust Posture Dashboard

DLX7 ShieldNet Trust Posture Dashboard: Live security posture, threat taxonomy, framework coverage, and containment metrics for AI agent protection. Aligned with OWASP LLM Top 10, NIST AI RMF, and Microsoft AI Security Guidance.

/r/netsec8h ago
What If HSMs Were as Easy to Use as They Are Powerful? A native macOS app for YubiHSM 2 management https://charles.dev/blog/yubihsm-app/
What If HSMs Were as Easy to Use as They Are Powerful?

I built a native macOS app for the YubiHSM 2 — with YubiKey-based authentication, visual security posture, hardware-backed secrets, SSH certificate issuance, and tamper-evident audit trails. Here's what HSM management looks like when someone designs for it.

/r/netsec13h ago
Claude Code Found a Linux Vulnerability Hidden for 23 Years https://mtlynch.io/claude-code-found-linux-vulnerability/
Claude Code Found a Linux Vulnerability Hidden for 23 Years

Claude Code has gotten extremely good at finding security vulnerabilities, and this is only the beginning.

/r/netsec13h ago
npm-sentinel: 21 malicious npm packages in 24h including LLM API MITM, encrypted skill backdoors, and Redis weaponization via postinstall https://yuribm.dev/security
Yuri Borges Martins — Cryptographer. Engineer. Builder.

18-year-old CTO, cryptography researcher, and open-source builder. Creator of TrueShot, Yorubs, and CTO at Amrntech.

Yuri Borges Martins
/r/netsec14h ago
Using undocumented AWS CodeBuild endpoints to extract privileged tokens from AWS CodeConnections allowing lateral movement and privilege escalation through an organisation's codebase https://thomaspreece.com/2026/03/23/part-2-aws-codebuild-escalating-privileges-via-aws-codeconnections/
/r/netsec14h ago
If you're running OpenClaw, you probably got hacked in the last week https://blink.new/blog/cve-2026-33579-openclaw-privilege-escalation-2026
CVE-2026-33579: OpenClaw Privilege Escalation Fix Guide

CVE-2026-33579 is a HIGH severity OpenClaw vulnerability fixed in 2026.3.28. Learn what's affected, how to patch, and how to detect exploitation.

Blink Blog
/r/netsec15h ago
Characterizing Abusive IP Proxies https://www.first.org/global/sigs/netsec/NETSEC.characterizing-abusive-IP-proxies.pdf
/r/netsec16h ago
What 16 security engines found in 2,900 MCP servers https://mcpampel.com/blog/16-engines-2900-mcp-servers
What 16 Security Engines Found in 2,900 MCP Servers

91% of MCP repos have security findings. Data from 6,494 scans across 2,896 repos with 16 independent engines.

/r/netsec19h ago
New RCE in Control Web Panel (CVE-2025-70951) https://fenrisk.com/rce-centos-webpanel-2
Remote code execution in CentOS Web Panel - CVE-2025-70951

Fenrisk
/r/netsec19h ago
A threat actor who goes by the name "Mr. Raccoon" has claimed to hack Adobe support via 3rd party Indian BPO firm https://thecybersecguru.com/news/adobe-data-breach-2026/
Adobe Data Breach 2026: Mr. Raccoon Leaks 13M Support Tickets | The CyberSec Guru

Report on the alleged Adobe data breach. Threat actor Mr. Raccoon claims 13M support tickets, 15k employee records and HackerOne data leaked via BPO.

The CyberSec Guru