/r/netsec

How to scan for vulnerabilities with GitHub Security Lab’s open source AI-powered framework GitHub Security Lab Taskflow Agent is very effective at finding Auth Bypasses, IDORs, Token Leaks, and other high-impact vulnerabilities.

Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework

Built an Automated SOC Pipeline That Thinks for Itself, AI-Powered Multi-Pass Threat Hunting using Analyzers

How We Hacked McKinsey's AI Platform An autonomous AI agent found a SQL injection in McKinsey's Lilli AI platform. What it extracted was worse than we expected.

How We Hacked McKinsey's AI Platform

Helixar Labs — Open-Source AI Security Tools MCP Security Checklist, Sentinel scanner, and Unpinched PinchTab detector. Open-source tooling from Helixar for securing AI agent infrastructure and agentic browser attack surfaces.

Unpinched - Instant point-in-time detection of PinchTab and agentic browser bridge artifacts.

InferShield v1.0 – Zero-Custody OAuth Proxy: Client-Side Token Encryption for AI Workflows

**MCP Security Checklist - 40 controls for securing AI agent tool infrastructure**

AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks

NeuraCyb — Cybersecurity Intelligence & Investigation Threat intel, investigations, and analysis.

Fake Claude Code Install Guides Spread Amatera Infostealer in New “InstallFix” Malvertising Campaign

From a Sophisticated Browser-Extension Supply-Chain Compromise to a VibeCoded Twist: A Chrome Extension as the Initial Access Vector for a Broader Malware Chain Independent technical analysis of a Chrome extension compromise, fake update chain, and Windows-stage malware activity.

From Chrome Extension Supply-Chain Compromise to Host Malware: Technical Breakdown of the ShotBird Campaign

Tracking the Top 10 exploited CVEs of the week (updated daily)

Agents of Chaos We report an exploratory red-teaming study of autonomous language-model-powered agents deployed in a live laboratory environment with persistent memory, email accounts, Discord access, file systems, and shell execution. Over a two-week period, twenty AI researchers interacted with the agents under benign and adversarial conditions. Focusing on failures emerging from the integration of language models with autonomy, tool use, and multi-party communication, we document eleven representative case studies. Observed behaviors include unauthorized compliance with non-owners, disclosure of sensitive information, execution of destructive system-level actions, denial-of-service conditions, uncontrolled resource consumption, identity spoofing vulnerabilities, cross-agent propagation of unsafe practices, and partial system takeover. In several cases, agents reported task completion while the underlying system state contradicted those reports. We also report on some of the failed attempts. Our findings establish the existence of security-, privacy-, and governance-relevant vulnerabilities in realistic deployment settings. These behaviors raise unresolved questions regarding accountability, delegated authority, and responsibility for downstream harms, and warrant urgent attention from legal scholars, policymakers, and researchers across disciplines. This report serves as an initial empirical contribution to that broader conversation.

38 researchers red-teamed AI agents for 2 weeks. Here's what broke. (Agents of Chaos, Feb 2026)
AI Security

Need feedback from security specialists

CVE-2025-14297: MLflow Authorization Bypass | Tachyon Blog How Tachyon's autonomous security researcher found an authorization bypass in the open-source MLflow tracking server by reasoning across protocols and surfaces—and why this class of bug is so hard to catch.

We (at Tachyon) found an auth bypass in MLflow

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets A step-by-step guide to exploiting a 20-year-old bug in the Linux kernel to achieve full privilege escalation and container escape, plus a cool bug-hunting heuristic.

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets

Hardening Firefox with Anthropic’s Red Team  | The Mozilla Blog For more than two decades, Firefox has been one of the most scrutinized and security-hardened codebases on the web. Open source means our code is visible,

Hardening Firefox with Anthropic’s Red Team

The MCP AuthN/Z Nightmare · Doyensec's Blog

Model Context Protocol (MCP) Authentication and Authorization

Credential Protection for AI Agents: The Phantom Token Pattern How nono uses a credential injection proxy to protect API keys for AI agents.

Credential Protection for AI Agents: The Phantom Token Pattern

HPD (Hex Packet Decoder) now have AI feature – looking for feedback

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk GitGuardian partnered with Google to answer: what happens when private keys leak? Using Certificate Transparency, we mapped about 1M leaked keys to 140k certificates. Result: 2,622 were valid as of September 2025, exposing major organizations. Our disclosure campaign achieved 97% remediation.

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk

YGGtorrent — Fin de partie — YGGLeak

YGGtorrent — Fin de partie [French]

How I automated a full recon → secrets scan → cloud misconfiguration pipeline without writing a single parser

Security architecture question: controlling system authority when sensor trust degrades

we at codeant found a bug in pac4j-jwt (auth bypass)

Normalized Certificate Transparency logs as a daily JSON dataset

Your Duolingo Is Talking to ByteDance: Cracking the Pangle SDK's Encryption

Built a header echo + TLS interception detector to score ISP-level surveillance — looking for feedback on the methodology

CyberStrikeAI: the AI Attack Platform Behind the 600+ FortiGate Breach | Barrack.ai An open-source AI offensive security platform, built by a developer with ties to China's MSS, was used in a campaign that compromised 600+ FortiGate devices across 55 countries. Full technical breakdown.

A single operator with basic skills used an open-source AI platform to breach 600+ FortiGate devices across 55 countries. No zero-days. Just weak passwords and an AI copilot. Full breakdown of CyberStrikeAI, the developer's MSS ties, and all 21 server IOCs.

Zeek: Using Zeek with AWS Traffic Mirroring and Kafka AWS provides a feature that allows mirroring your infrastructure’s network traffic to a separate system for analysis purposes. This is called AWS Traffic Mirroring. If you’d like to use…

Using Zeek with AWS Traffic Mirroring and Kafka

AI Security Bootcamp

7-day intensive for security professionals looking to upskill on securing frontier AI systems (Apr 20-26 | Singapore)

Intent-Based Access Control (IBAC) – FGA for AI Agent Permissions