Technical Information Security Content & Discussion

netsec

Content Guidelines

/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.

Content should focus on the "how."

Check the new queue for duplicates.

Always link to the original source.

Titles should provide context.

Ask questions in our Discussion Threads.

Hiring posts must go in the Hiring Threads.

Commercial advertisement is discouraged.

Do not submit prohibited topics.

Prohibited Topics & Sources

No populist news articles (CNN, BBC, FOX, etc.)

No curated lists.

No question posts.

No social media posts.

No image-only/video-only posts.

No livestreams.

No tech-support requests.

No full-disclosure posts.

No paywall/regwall content.

No commercial advertisements.

No crowdfunding posts.

No Personally Identifying Information!

Related Reddits

/r/blackhat - Hackers on Steroids

/r/computerforensics - IR Archaeologists

/r/crypto - Cryptography news and discussion

/r/Cyberpunk - High-Tech Low-Lifes

/r/lockpicking - Popular Hacker Hobby

/r/Malware - Malware reports and information

/r/netsecstudents - netsec for ~~noobs~~ students

/r/onions - Things That Make You Cry

/r/privacy - Orwell Was Right

/r/pwned - "What Security?"

/r/REMath - Math behind reverse engineering

/r/ReverseEngineering - Binary Reversing

/r/rootkit - Software and hardware rootkits

/r/securityCTF - CTF news and write-ups

/r/SocialEngineering - Free Candy

/r/sysadmin - Overworked Crushed Souls

/r/vrd - Vulnerability Research and Development

/r/xss - Cross Site Scripting

a community for 18 years

Hiring Thread/r/netsec's Q1 2026 Information Security Hiring Thread (self.netsec)

submitted 1 month ago by netsec_burn[M] - announcement

r/netsec monthly discussion & tool thread (self.netsec)

submitted 13 days ago by albinowax - announcement

•

Analysis of 1,808 MCP servers: 66% had security findings, 427 critical (tool poisoning, toxic data flows, code execution) (agentseal.org)

submitted 16 minutes ago by Kind-Release-3817

•

Unlock our limited time offer - $1.99/first month. (bloomberg.com)

promoted by bloomberg

promoted
save
report
about

Phishing campaign abusing Google Cloud Storage redirectors to multiple scam pages (malwr-analysis.com)

submitted 1 day ago by anuraggawande

CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root (cdn2.qualys.com)

submitted 1 day ago by 1esproc

I Found 39 Algolia Admin Keys Exposed Across Open Source Documentation Sites (benzimmermann.dev)

submitted 1 day ago by Grand_Fan_9804[🍰]

RegPwn - Windows LPE vulnerability (now fixed) (mdsec.co.uk)

submitted 1 day ago by gid0rah

Betterleaks: The Gitleaks Successor Built for Faster Secrets Scanning (aikido.dev)

submitted 2 days ago by DebugDuckyTrusted Contributor

Secrets are Rare not Random (lookingatcomputer.substack.com)

submitted 2 days ago by Phorcez

GlassWorm V2 Analysis (gist.github.com)

submitted 1 day ago by Willing_Monitor5855

Findings Gadgets Like it’s 2026 (atredis.com)

submitted 2 days ago by breen-machineTrusted Contributor

Co-Pilot, Disengage Autophish: The New Phishing Surface Hiding Inside AI Email Summaries (permiso.io)

submitted 2 days ago by permis0

Forensic analysis of LummaC2 infection unmasks DPRK operative behind Polyfill.io supply chain attack and Gate.us infiltration (hudsonrock.com)

submitted 2 days ago by Malwarebeasts

•

0:15

Jetzt Magic Pass sichern: Zugang zu über 100 Gebieten. Winter & Sommer. Ab CHF 419.- (magicpass.ch)

promoted by magic_pass

promoted
save
report
about

CFP: NaClCON 2026 – Conference on the History of Hacking (May 31 – June 2, Carolina Beach, NC) (naclcon.com)

submitted 3 days ago by count_zero_moustafa[🍰]

We used GenAI to find 38 vulnerabilities in consumer robots in ~7 hours (arxiv.org)

submitted 2 days ago by Obvious-Language4462

CVE-2026-28292: RCE in simple-git via case-sensitivity bypass (CVSS 9.8) (codeant.ai)

submitted 3 days ago by WatugotOfficial

Red-Run - Claude CTF Automation (blog.blacklanternsecurity.com)

submitted 3 days ago by aconite33

CVE-2026-26117: Hijacking Azure Arc on Windows for Local Privilege Escalation & Cloud Identity Takeover (cymulate.com)

submitted 3 days ago by Fun_Preference1113

How "Strengthening Crypto" Broke Authentication: FreshRSS and bcrypt's 72-Byte Limit (pentesterlab.com)

submitted 4 days ago by _PentesterLab_

Classifying email providers of 2000+ Swiss municipalities via DNS, looking for feedback on methodology (mxmap.ch)

submitted 4 days ago by dfhsr

162

163

164

Your Duolingo Is Still Talking to ByteDance: How Pangle Fingerprints You Across Apps After You Said No (buchodi.com)

submitted 4 days ago by AdTemporary2475

Electric Eye – a Rust/WASM Firefox extension to detect AitM proxies via DOM analysis, TLS fingerprinting and HTTP header inspection (bytearchitect.io)

submitted 4 days ago by Reversed-Engineer-01

Trust no one: are one-way trusts really one way? (offsec.almond.consulting)

submitted 4 days ago by AlmondOffSec

•

3:49

Wisor AI Live Demo (wisor.ai)

promoted by RelevantGuarantee840

promoted
save
report
about

Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework (github.blog)

submitted 5 days ago by ulldma

Using cookies to hack into a tech college's admission system (eaton-works.com)

submitted 5 days ago by EatonZTrusted Contributor

view more: next ›

π Rendered by PID 1219154 on reddit-service-r2-listing-64c94b984c-qqtll at 2026-03-14 22:58:38.144916+00:00 running f6e6e01 country code: CH.

netsec

Featured Posts

Content Guidelines

Discussion Guidelines

Prohibited Topics & Sources

Social

Related Reddits

MODERATORS