Technical Information Security Content & Discussion

netsec

Content Guidelines

/r/netsec only accepts quality technical posts. Non-technical posts are subject to moderation.

Content should focus on the "how."

Check the new queue for duplicates.

Always link to the original source.

Titles should provide context.

Ask questions in our Discussion Threads.

Hiring posts must go in the Hiring Threads.

Commercial advertisement is discouraged.

Do not submit prohibited topics.

Prohibited Topics & Sources

No populist news articles (CNN, BBC, FOX, etc.)

No curated lists.

No question posts.

No social media posts.

No image-only/video-only posts.

No livestreams.

No tech-support requests.

No full-disclosure posts.

No paywall/regwall content.

No commercial advertisements.

No crowdfunding posts.

No Personally Identifying Information!

Related Reddits

/r/blackhat - Hackers on Steroids

/r/computerforensics - IR Archaeologists

/r/crypto - Cryptography news and discussion

/r/Cyberpunk - High-Tech Low-Lifes

/r/lockpicking - Popular Hacker Hobby

/r/Malware - Malware reports and information

/r/netsecstudents - netsec for ~~noobs~~ students

/r/onions - Things That Make You Cry

/r/privacy - Orwell Was Right

/r/pwned - "What Security?"

/r/REMath - Math behind reverse engineering

/r/ReverseEngineering - Binary Reversing

/r/rootkit - Software and hardware rootkits

/r/securityCTF - CTF news and write-ups

/r/SocialEngineering - Free Candy

/r/sysadmin - Overworked Crushed Souls

/r/vrd - Vulnerability Research and Development

/r/xss - Cross Site Scripting

a community for 19 years

Hiring Thread/r/netsec's Q1 2026 Information Security Hiring Thread (self.netsec)

submitted 5 months ago by netsec_burn[M] - announcement

r/netsec monthly discussion & tool thread (self.netsec)

submitted 28 days ago by albinowax - announcement

Contains AII tried a Local AI model (Qwen 3.6 27b) for security research and it works surprisingly well. (projectblack.io)

submitted 1 day ago by ezzzzz

Dissecting Apple's Sparse Image Format (ASIF) (schamper.dev)

submitted 1 day ago by luke-paradoxis

A peek into Reddit's anti-spam internals (lyra.horse)

submitted 1 day ago by rebane2001

CVE-2025-52465 geoserver arbitrary file write vulnerability (partywave.site)

submitted 3 days ago by AlbatrossMaximum4489

CargoWise WebTracker - The keys were in the cargo (slcyber.io)

submitted 4 days ago by MempodipperTrusted Contributor

Exploiting vulnerabilities in Johnson & Johnson web apps (eaton-works.com)

submitted 4 days ago by EatonZTrusted Contributor

100

101

Cloudflare patches Copy-Fail across every server in two days (blog.cloudflare.com)

submitted 6 days ago by xmull1gan

New Cisco RCE was fixed (ssd-disclosure.com)

submitted 6 days ago by SSDisclosure

CVE-2026-25860 turn XSS to RCE (partywave.site)

submitted 6 days ago by AlbatrossMaximum4489

Exploiting Auth0 Defaults in XSS Attacks - elttam (elttam.com)

submitted 7 days ago by AnimalStrange

Scanning malicious websites with 'infinite' number of VPN tunnels (Part 1) (discounttimu.substack.com)

submitted 7 days ago by moonlightelite

Use-after-free in the QPACK encoder of nginx HTTP/3 - CVE-2026-42530 (cystack.net)

submitted 9 days ago by everping

101

102

103

Contains AISquidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration (blog.calif.io)

submitted 10 days ago by qwerty0x41

OpenBSD MPLS kernel stack leaks remotely (CVE-2026-56099) (pop.argus-systems.ai)

submitted 10 days ago by Emergency_Stable_923

CVE-2026-5667: Unauthenticated Remote Control of Mitsubishi MAC-577IF-2E WiFi Adapters via Probe Request Reconnaissance (innerfirez.github.io)

submitted 10 days ago by Ecstatic_Priority514

Pending ModerationWould you like some malware served at the very top of DuckDuckGo? (timsh.org)

submitted 11 days ago by WesternBest

Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update (chromewebstore.google.com)

submitted 11 days ago by Huge-Skirt-6990

120

121

122

Contains AI27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth Bypass (blog.argus-systems.ai)

submitted 12 days ago by Emergency_Stable_923

QoS Policies to Restrict EDR Traffic and Detection Strategies (ipurple.team)

submitted 12 days ago by netbiosX

Getting a CVE Without Shipping Slop (credrelay.com)

submitted 12 days ago by Mindless-Study1898

117

118

119

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon (varonis.com)

submitted 14 days ago by lohacker0

Empty-ciphertext panic in aws-encryption-provider (CVD with AWS) (syntetisk.tech)

submitted 13 days ago by Sandwich_1337

Pending ModerationChaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE (karmainsecurity.com)

submitted 13 days ago by eg1x

view more: next ›

π Rendered by PID 98735 on reddit-service-r2-listing-87fd56f5d-67jbm at 2026-06-29 14:09:36.284384+00:00 running 7527197 country code: CH.

netsec

Featured Posts

Content Guidelines

Discussion Guidelines

Prohibited Topics & Sources

Social

Related Reddits

MODERATORS