📚 SecMisc

HackerTracker Disobey 2025 - Explore the schedule and events of the Disobey 2025 conference. Read More
Beej's Guide to Git - A beginner-friendly guide to mastering Git. Read More
Search CTF Writeups - Find writeups for Capture The Flag challenges. Read More

📰 SecLinks

Why I'm Joining Wiz - Rami shares insights into his decision to join Wiz. Read More
Avoid ISP Routers - Understand why you should avoid ISP-provided routers. Read More
Do the CONTEC CMS8000 Patient Monitors Contain a Chinese Backdoor? - An in-depth analysis of potential vulnerabilities. Read More
POST to XSS: Leveraging Pseudo Protocols in SSO Flows - Explore advanced techniques for exploiting SSO flows. Read More
Everyone Knows Your Location - Tracking yourself through in-app ads. Read More
Browser Syncjacking - Discover how browser extensions can be exploited. Read More
Collabfiltrator 4.0.1 Released - New SQLi exfiltration support for the Burp plugin. Read More
CSP Bypass Tactics - Bypassing form-action CSP and other techniques. Read More
CVE-2024-46507 - Yeti platform server-side template injection (SSTI). Read More
Serving a (g)zip bomb with Caddy - Learn about serving compressed payloads. Read More
DeepSeek Security Insights - Thoughts on DeepSeek's implications for security. Read More
DeepSeek Janus Security&Safety Concerns - Safety concerns and challenges of DeepSeek. Read More
Rejecting CVSS as Broken - cURL and Go teams' take on CVSS. Read More

🐦 SecX

HackerOne x AnthropicAI Bug Bounty - Test the resilience of Constitutional Classifiers with rewards up to $30K. Read More

💻 SecGit

Fuzzilli - A JavaScript engine fuzzer by Google Project Zero. Explore on GitHub
Cloudflare-jsd - Bypass Cloudflare's challenges using Python. Explore on GitHub
Bettercap v2.41.0 - The latest release of the versatile MITM framework. Explore on GitHub
Awesome Secure Defaults - Libraries for eliminating common bug classes. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com

Seclog - #112