Seclog - #116

RosecurifyRosecurify
2 min read

"Your adversary does not wait for you to finish patching." - The Art of Cyber War

๐Ÿ“š SecMisc

  • InfoSecMap - Mapping out the best InfoSec events and groups! - Read More

๐Ÿ“ฐ SecLinks

  • Increasing Google & Alphabet VRP rewards up to $151,515 - Google Bug Hunters announces increased rewards for vulnerability reports. Read More

  • Undocumented "backdoor" found in Bluetooth chip used by a billion devices - Critical security flaw discovered affecting numerous Bluetooth-enabled devices. Read More

  • Sitecore: Unsafe Deserialisation Again! (CVE-2025-27218) - New vulnerability in Sitecore CMS due to unsafe deserialization practices. Read More

  • Google Vulnerability Reward Program: 2024 in Review - Google's annual review of their vulnerability reward program highlights key findings and statistics. Read More

  • Zen and the Art of Microcode Hacking - Insights into microcode vulnerabilities and exploitation techniques shared by Google Bug Hunters. Read More

  • Find my hacker: How Apple's network can be a potential tracking tool - Analysis on potential misuse of Apple's Find My network for tracking purposes. Read More

  • K8s-Security-4 - Deep dive into Kubernetes security best practices and vulnerabilities. Read More

  • Threat modeling the TRAIL of Bits way - Comprehensive guide to effective threat modeling methodologies by Trail of Bits. Read More

  • Ciofeca Forensics - Never Trust Cookies - Exploration of cookie-based vulnerabilities and forensic analysis techniques. Read More

  • PostgreSQL: Privilege Escalation Vulnerability via pg_cron - Advisory detailing privilege escalation vulnerability in PostgreSQL's pg_cron extension. Read More

๐ŸŽฅ SecVideo

  • Do you know this common Go vulnerability? - Explanation and demonstration of a prevalent Go programming language vulnerability. Watch Here

  • The tools that real hackers use - Overview of essential hacking tools used by cybersecurity professionals and penetration testers. Watch Here

๐Ÿ’ป SecGit

  • webcap - An ultra lightweight web screenshot tool with advanced DOM analysis features by Black Lantern Security. Explore on GitHub

  • oasis - Ollama Automated Security Intelligence Scanner for efficient vulnerability detection by Psyray. Explore on GitHub

  • JavaRansomware - Simple ransomware tool implemented purely in Java by Panagiotis Drakatos for educational purposes. Explore on GitHub

  • system-prompts-and-models-of-ai-tools - Collection of system prompts and models used by various AI tools, curated by x1xhlol. Explore on GitHub

  • phisherman - A realistic fake social engineering application developed by jfmaes for security training purposes. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com

0
Subscribe to my newsletter

Read articles from Rosecurify directly inside your inbox. Subscribe to the newsletter, and don't miss out.

seclog

Written by

Rosecurify
Rosecurify