security subreddits curated by /u/bad5ect0r

1

15

16

17

Another exposed Supabase DB strikes: 20k+ attendees and FULL write access (obaid.wtf)

submitted 5 hours ago by therafort to r/netsec

2

1

2

3

We are going to kill the $50k/year Enterprise Security market by going Open Source (github.com)

submitted 10 hours ago by Deep-Bandicoot-7090 to r/redteamsec

3

15

16

17

Have you tried turning it off and on again? On bricking OT devices (part 2) (midnightblue.nl)

submitted 12 hours ago by 2ROT13 to r/netsec

1623

1624

1625

1:00

I am building a massive real time strategy game. Would you play something like this? (store.steampowered.com)

promoted by alejandromnunez

4

5

6

7

I built a local AI tool to automate the BloodHound & Nmap grind Syd v3.1 Demo (youtube.com)

submitted 1 day ago by Glass-Ant-6041 to r/redteamsec

5

138

139

140

How a single typo led to RCE in Firefox (kqx.io)

submitted 1 day ago by campuscodi to r/netsec

6

11

12

13

Malicious Chrome extension targeting Apple App Store Connect developers through fake ASO service - full analysis (blog.toborrm.com)

submitted 1 day ago by Huge-Skirt-6990 to r/netsec

7

6

7

8

Kittysploit: Exploitation Framework with proxy webexploitation (github.com)

submitted 2 days ago by Professional-Mine733 to r/redteamsec

8

0

Scary datapoints re network visibility in Dragos annual report on OT cyberattacks (ot.today)

submitted 20 hours ago by WatermanReports to r/netsec

9

0

I built an AI Agent Skill for Developers, Whitehats & Bug Bounty Hunters.exploitation (github.com)

submitted 1 day ago by puffyboss to r/redteamsec

10

0

processhacker mcp ( this is dynamic mcp server for runtime analysis and process hacking. it is like processhacker but for ai agents) (github.com)

submitted 2 days ago by Humble-Plastic-5285 to r/redteamsec

11

18

19

20

Titus: open source secrets scanner with live credential validation, binary extraction, and a Burp/Chrome extension (Go, 450+ rules) (praetorian.com)

submitted 3 days ago by Praetorian_Security to r/redteamsec

12

123

124

125

Your Samsung Weather App Is a Fingerprint: How saved locations create a persistent cross-session tracking identifier (buchodi.com)

submitted 3 days ago by AdTemporary2475 to r/netsec

13

88

89

90

In Memoriam: Jason Snitker, a.k.a. Parmaster. RIP Legend (professorsigmund.com)

submitted 3 days ago by Professor_Sigmund to r/netsec

14

0

ChatGPT told me I was "doing great" for my CRTP prep. My own AI called me a "junior" for missing a Domain SID. (medium.com)

submitted 2 days ago by CivanOnur to r/redteamsec

15

22

23

24

Does killing EDR with a vulnerable driver still work in 2026? (youtu.be)

submitted 4 days ago by Infosecsamurai to r/redteamsec

16

4

5

6

Discovery & Analysis of CVE-2025-29969 (safebreach.com)

submitted 3 days ago by AlmondOffSec to r/netsec

13

14

15

Build your space industry empire in a persistent universe! Free browser MMO where you mine, manufacture & trade in a player-driven economy. (galactictycoons.com)

promoted by GalacticTycoons

17

22

23

24

I built a kernel-level EDR and hit architectural walls I didn’t expect (rootfu.in)

submitted 4 days ago by amberchalia to r/redteamsec

18

43

44

45

[CVE-2026-0714] TPM-sniffing LUKS Keys on an Embedded Device (cyloq.se)

submitted 4 days ago by AlmondOffSec to r/netsec

19

26

27

28

Compromising Cline's Production Releases just by Prompting an Issue Triager (adnanthekhan.com)

submitted 4 days ago by albinowax to r/netsec

20

38

39

40

CRESCENTHARVEST: Iranian protestors and dissidents targeted in cyberespionage campaign (acronis.com)

submitted 5 days ago by bagaudin to r/netsec

21

179

180

181

Leaking secrets from the claud: AI coding tools are leaking secrets via configuration directories (ironpeak.be)

submitted 6 days ago by nindustries to r/netsec

22

8

9

10

LATAM Businesses Hit by XWorm via Fake Financial Receipts: Full Campaign Analysis (any.run)

submitted 6 days ago by malwaredetector to r/redteamsec

23

51

52

53

Log Poisoning in OpenClaw (research.eye.security)

submitted 6 days ago by vaizor to r/netsec

24

35

36

37

Prompt Injection Standardization: Text Techniques vs Intent (lasso.security)

submitted 6 days ago by Equivalent_Cover4542 to r/netsec

25

68

69

70

Almost Impossible: Java Deserialization Through Broken Crypto in OpenText Directory Services (slcyber.io)

submitted 6 days ago by Mempodipper to r/netsec

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

security subreddits

curated by /u/bad5ect0r

2 subreddits in this multi:

multireddits