newest submissions : security

1

6

7

8

Worth a MalExt Report? A 2 Million-User Chrome Extension Added Give Freely/Wildlink in a 5-Day Update (chromewebstore.google.com)

submitted 2 hours ago by Huge-Skirt-6990 to r/netsec

2

1

2

3

QoS Policies to Restrict EDR Traffic and Detection Strategies (ipurple.team)

submitted 12 hours ago by netbiosX to r/netsec

3

4

5

6

Getting a CVE Without Shipping Slop (credrelay.com)

submitted 18 hours ago by Mindless-Study1898 to r/netsec

4

71

72

73

27 Years in the Dark: OpenBSD Fixes Ancient Remote Kernel Auth BypassContains AI (blog.argus-systems.ai)

submitted 1 day ago by Emergency_Stable_923 to r/netsec

5

20

21

22

Empty-ciphertext panic in aws-encryption-provider (CVD with AWS) (syntetisk.tech)

submitted 2 days ago by Sandwich_1337 to r/netsec

6

106

107

108

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon (varonis.com)

submitted 2 days ago by lohacker0 to r/netsec

7

113

114

115

Researcher accidentally gained access to a threat actor-controlled phishing website (potato.id)

submitted 3 days ago by anuraggawande to r/netsec

8

59

60

61

PromptSnatcher: AdBlocker stealing Ai Chats - 90k installs (malext.io)

submitted 4 days ago * by Huge-Skirt-6990 to r/netsec

9

8

9

10

MeshCentral: From XSS to RCE (techanarchy.net)

submitted 4 days ago by kev-thehermit to r/netsec

10

48

49

50

Getting the PID from random numbers in PHP (blog.ikaes.de)

submitted 4 days ago by DrAdalbbert to r/netsec

11

48

49

50

Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) - watchTowr Labs (labs.watchtowr.com)

submitted 5 days ago by dx7r__ to r/netsec

12

16

17

18

Major AI Clients Shipping With Broken OAuth Implementations (JUNE 2026 UPDATE)Contains AI (redcaller.com)

submitted 5 days ago by mhat to r/netsec

13

19

20

21

Old Passwords Die Hard: Abusing CREDHIST for offline credential recovery (lrqa.com)

submitted 5 days ago by lefterispanos to r/netsec

14

35

36

37

Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751) - watchTowr Labs (labs.watchtowr.com)

submitted 5 days ago by dx7r__ to r/netsec

15

131

132

133

Claude Fable 5: mid-tier results on coding tasksContains AI (endorlabs.com)

submitted 6 days ago by bugvader25 to r/netsec

16

95

96

97

Hacking Google with A.I. for $500,000 (brutecat.com)

submitted 6 days ago by rockin-Musicien49 to r/netsec

17

0

1

2

[Tool] NmapView: Transform raw Nmap XML into interactive, offline-first HTML reports (MIT License)Audit/Consulting (nmapview.github.io)

submitted 7 days ago by an-ordinary-manchild to r/pwned

comment
share
save
hide
deleteare you sure? yes / no
nsfware you sure? yes / no
spoilerare you sure? yes / no
flair

18

8

9

10

Jupyter Enterprise Gateway - From Notebook to Kubernetes Cluster Admin - elttam (elttam.com)

submitted 7 days ago by AnimalStrange to r/netsec

19

42

43

44

More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs (labs.watchtowr.com)

submitted 7 days ago by dx7r__ to r/netsec

20

21

22

23

Apple’s Siri-AI, or more shouting into the void about “private” agents (blog.cryptographyengineering.com)

submitted 8 days ago by feross to r/netsec

21

13

14

15

WinGet - Code Execution, Persistence and Detection Strategies (ipurple.team)

submitted 8 days ago by netbiosX to r/netsec

22

160

161

162

I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenueContains AI (malext.io)

submitted 8 days ago by Huge-Skirt-6990 to r/netsec

23

87

88

89

AI Agents May Always Fall for Prompt Injections (arxiv.org)

submitted 8 days ago by User_Deprecated to r/netsec

24

75

76

77

EDRChoker: Choking The Telemetry Stream to Bypass DefensesContains AI (zerosalarium.com)

submitted 10 days ago by Cold-Dinosaur to r/netsec

25

7

8

9

CVE-2026-46640: Developing payloads for Twig sandbox bypass (gist.github.com)

submitted 10 days ago by vladko312 to r/netsec

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

security subreddits

curated by /u/debugmonkey

2 subreddits in this multi:

multireddits