Seclog - #119

RosecurifyRosecurify
2 min read

"Great results can be achieved by small teams focused on the correct actions" - The Art of Cyber War

๐Ÿ“š SecMisc

  • DOM Clobbering
    Manipulating the DOM to bypass security controls or influence application logic.
    Read More

  • HackBench
    Practice your offensive security skills in a gamified and competitive environment.
    Read More

  • Find Your Cybersecurity Degree or Certification
    A curated list of cybersecurity degrees and certifications to advance your career.
    Read More

  • Remote Code Execution Vulnerabilities in Ingress NGINX | Wiz Blog
    Details on the latest critical RCE vulnerabilities in Ingress NGINX for Kubernetes.
    Read More

  • Defeating Prompt Injections by Design
    New research proposing architectural defenses against prompt injection attacks.
    Read More

  • Report on Paragon Spyware - Schneier on Security
    Analysis of the Paragon spyware and its implications on surveillance.
    Read More

  • Improper Use of Private iOS APIs in Vietnamese Banking Apps
    A technical analysis uncovering misuse of iOS APIs leading to potential security risks.
    Read More

  • Exploring Javascript events & Bypassing WAFs via character normalization
    Novel WAF bypass techniques using character normalization tricks.
    Read More

  • NVD Backlog Crisis
    The NVD struggles to keep up with the surge in CVE disclosures.
    Read More

  • Next.js Middleware Bypass (CVE-2025-29927)
    In-depth analysis of a critical vulnerability in Next.js middleware.
    Read More

  • High Agency Hacking
    A personal journey on how initiative and agency shape great hackers.
    Read More

  • CrushFTP Authentication Bypass - CVE-2025-2825
    Details of a critical auth bypass vulnerability affecting CrushFTP.
    Read More

๐Ÿฆ SecX

  • Signal App Debunking Misinfo
    Addressing widespread misinformation and educating users on secure messaging.
    Watch Here

๐ŸŽฅ SecVideo

  • CRITICAL 9.1 Severity Next.js Vulnerability
    A video breakdown of the latest Next.js vulnerability and its real-world impact.
    Watch Here

๐Ÿ’ป SecGit

  • Zouuup/landrun
    Secure, unprivileged sandboxing for Linux processes using Landlock LSM.
    Explore on GitHub

  • sandumjacob/IngressNightmare-POCs
    Public POC repository for CVE-2025-1974 - Ingress Nightmare.
    Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com

0
Subscribe to my newsletter

Read articles from Rosecurify directly inside your inbox. Subscribe to the newsletter, and don't miss out.

seclog

Written by

Rosecurify
Rosecurify