Seclog - #130

RosecurifyRosecurify
2 min read

The best way to penetrate an enemy network is to know its every vulnerability. - The Art of Cyber War

📚 SecMisc

  • RegSeek – Windows Registry Forensics Reference – Search-ready cheat-sheet of registry artefacts for DFIR triage (regseek.github.io)

  • Quasarops – Diego Perez’s threat-hunting pipelines, detections and intel dashboards (hunt.quasarops.com)

📰 SecLinks

  • Bruteforcing the phone number of any Google user – Enumeration flaw in Google’s recovery flow leaks linked numbers (brutecat.com)

  • Phishing Cloud Credentials (AccessKeys) via MCP – Abuses Model Context Protocol OAuth to steal AWS keys (blog.catgg.com)

  • Escaping “<” and “>” in attributes – Proper encoding blocks mutation-XSS gadget chains (bughunters.google.com)

  • Two Botnets, One Flaw: Mirai spreads via Wazuh vulnerability – Mirai weaponises unsafe deserialization in agents (akamai.com)

  • The Ultimate Double-Clickjacking PoC – Multi-step UI-redress technique for responsible disclosure (jorianwoltjer.com)

  • Getting started with Wirego – Quarkslab’s Go-based Wireshark-over-ZMQ plugin walkthrough (blog.quarkslab.com)

  • Bypassing GitHub Actions policies in the dumbest way possible – Nests reusable workflows to evade org allow-lists (blog.yossarian.net)

  • Netflix Vulnerability: Dependency Confusion in Action – Real-world supply-chain hijack via internal package overlap (landh.tech)

  • “Localhost tracking” explained – Privacy deep-dive on Meta’s internal-IP analytics risk (zeropartydata.es)

  • OBS WebSocket → RCE – Misconfig in obs-websocket enables browser-to-system code-exec (jorianwoltjer.com)

  • Fuzzing WebSockets for server-side vulnerabilities – Automates WS fuzzing with Backslash Scanner extensions (arete06.com)

  • When Path Normalization Beats Middleware – Auth-header bypass via normalized paths → full admin takeover (omaralzughaibi.com)

🎥 SecVideo

  • Is Your Approach to Pipeline Security Flawed? – Patricia R. dissects common CI/CD blind spots and mitigations (youtube.com)

💻 SecGit

  • ChrispyBacon-dev/DockFlare – Docker-label-driven Cloudflare Tunnel & Zero-Trust manager with web UI (github.com)

  • Privado-Inc/privado – Static scanner that maps data flows and pre-fills Play Store Data-Safety (github.com)

  • duty1g/subcat – Lightning-fast passive subdomain enumerator aggregating multiple sources (github.com)

For suggestions and any feedback, please contact: securify@rosecurify.com

0
Subscribe to my newsletter

Read articles from Rosecurify directly inside your inbox. Subscribe to the newsletter, and don't miss out.

seclog

Written by

Rosecurify
Rosecurify