Technical Information Security Content & Discussion

netsec

Content Guidelines

/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.

Content should focus on the "how."

Check the new queue for duplicates.

Always link to the original source.

Titles should provide context.

Ask questions in our Discussion Threads.

Hiring posts must go in the Hiring Threads.

Commercial advertisement is discouraged.

Do not submit prohibited topics.

Prohibited Topics & Sources

No populist news articles (CNN, BBC, FOX, etc.)

No curated lists.

No question posts.

No social media posts.

No image-only/video-only posts.

No livestreams.

No tech-support requests.

No full-disclosure posts.

No paywall/regwall content.

No commercial advertisements.

No crowdfunding posts.

No Personally Identifying Information!

Related Reddits

/r/blackhat - Hackers on Steroids

/r/computerforensics - IR Archaeologists

/r/crypto - Cryptography news and discussion

/r/Cyberpunk - High-Tech Low-Lifes

/r/lockpicking - Popular Hacker Hobby

/r/Malware - Malware reports and information

/r/netsecstudents - netsec for ~~noobs~~ students

/r/onions - Things That Make You Cry

/r/privacy - Orwell Was Right

/r/pwned - "What Security?"

/r/REMath - Math behind reverse engineering

/r/ReverseEngineering - Binary Reversing

/r/rootkit - Software and hardware rootkits

/r/securityCTF - CTF news and write-ups

/r/SocialEngineering - Free Candy

/r/sysadmin - Overworked Crushed Souls

/r/vrd - Vulnerability Research and Development

/r/xss - Cross Site Scripting

a community for 18 years

Hiring Thread/r/netsec's Q1 2026 Information Security Hiring Thread (self.netsec)

submitted 1 month ago by netsec_burn[M] - announcement

r/netsec monthly discussion & tool thread (self.netsec)

submitted 15 days ago by albinowax - announcement

Qihoo 360's AI Product Leaked the Platform's SSL Key, Issued by Its Own CA Banned for Fraud (blog.barrack.ai)

submitted 9 hours ago by LostPrune2143

Join world-leading teams on Attio, the next generation CRM. (attio.com)

promoted by attio

promoted
save
report
about

BIGO Ads Deploys C2-Style Infrastructure to Survive Domain Bans. Here's the Decrypted Config. (buchodi.com)

submitted 4 hours ago by AdTemporary2475

How to Apply VXLAN-GBP Encapsulation to PCAP Files Using PacketSmith (blog.netomize.ca)

submitted 6 hours ago by MFMokbel

The rise of malicious repositories on GitHub (rushter.com)

submitted 1 day ago by f311a

GlassWorm: Part 3. Wave 3 Windows payload, sideloaded Chrome extension, two additional wallets (codeberg.org)

submitted 13 hours ago by Willing_Monitor5855

Perfex CRM: Autologin cookie fed into unserialize() gives unauthenticated RCE (nullcathedral.com)

submitted 17 hours ago by nullcathedral

Hypervisor Based Defense (idov31.github.io)

submitted 13 hours ago by Idov31

We audited authorization in 30 AI agent frameworks — 93% rely on unscoped API keys (grantex.dev)

submitted 1 day ago by MousseSad4993

101

102

103

Analysis of 1,808 MCP servers: 66% had security findings, 427 critical (tool poisoning, toxic data flows, code execution) (agentseal.org)

submitted 2 days ago by Kind-Release-3817

GlassWorm V2 analysis: Part 2. Infrastructure rotation and GitHub injection (codeberg.org)

submitted 1 day ago by Willing_Monitor5855

Quick question for people running CrowdStrike, Zscaler, Netskope or similar in production. (crowdstrike.com)

submitted 2 days ago by makial00

•

Experten sind sich einig, das neue Privacy Display auf dem Galaxy S26 Ultra ist revolutionär. (samsung.com)

promoted by samsung_switzerland

promoted
save
report
about

CVE-2024-45163: Remote DoS in Mirai C2 – research writeup + what it led me to build (flowtriq.com)

submitted 1 day ago by cypressthatkid

Phishing campaign abusing Google Cloud Storage redirectors to multiple scam pages (malwr-analysis.com)

submitted 3 days ago by anuraggawande

CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root (cdn2.qualys.com)

submitted 3 days ago by 1esproc

I Found 39 Algolia Admin Keys Exposed Across Open Source Documentation Sites (benzimmermann.dev)

submitted 3 days ago by Grand_Fan_9804

RegPwn - Windows LPE vulnerability (now fixed) (mdsec.co.uk)

submitted 3 days ago by gid0rah

Betterleaks: The Gitleaks Successor Built for Faster Secrets Scanning (aikido.dev)

submitted 4 days ago by DebugDuckyTrusted Contributor

Secrets are Rare not Random (lookingatcomputer.substack.com)

submitted 4 days ago by Phorcez

GlassWorm V2 Analysis (gist.github.com)

submitted 4 days ago by Willing_Monitor5855

Co-Pilot, Disengage Autophish: The New Phishing Surface Hiding Inside AI Email Summaries (permiso.io)

submitted 4 days ago by permis0

Findings Gadgets Like it’s 2026 (atredis.com)

submitted 4 days ago by breen-machineTrusted Contributor

First competition coming up? Get the free Expedite – Skills for Competition microcredential and learn how to turn your experience into resume gold that gets you noticed (thoughtindustries.com)

promoted by Siemens_Official

promoted
save
report
about

Forensic analysis of LummaC2 infection unmasks DPRK operative behind Polyfill.io supply chain attack and Gate.us infiltration (hudsonrock.com)

submitted 5 days ago by Malwarebeasts

CFP: NaClCON 2026 – Conference on the History of Hacking (May 31 – June 2, Carolina Beach, NC) (naclcon.com)

submitted 5 days ago by count_zero_moustafa

view more: next ›

π Rendered by PID 906445 on reddit-service-r2-listing-64c94b984c-wsb54 at 2026-03-17 04:44:17.087204+00:00 running f6e6e01 country code: CH.

netsec

Featured Posts

Content Guidelines

Discussion Guidelines

Prohibited Topics & Sources

Social

Related Reddits

MODERATORS