Seclog - #132

"In the digital battlefield, the greatest weapon is the ability to adapt faster than the enemy." - The Art of Cyber War

📚 SecMisc

• Wiz CTF: Cloud Hacking Challenges – Sharpens skills via cloud hacking scenarios; earn certificates and build infosec reputations. Read More

📰 SecLinks

• Django IPv6 DoS Vulnerability Analysis – Exploits missing input limits in IPv6 validation (CVE-2024–56374), allowing oversized payloads to trigger resource exhaustion and DoS in Django's address fields. Read More

• FileFix: ClickFix Attack Alternative – Introduces FileFix for social engineering via Run Dialog execution, diving into ClickFix techniques for phishing operations. Read More

• CentOS Web Panel RCE (CVE-2025-48703) – Discloses a remote code execution flaw in CWP, tracing its evolution from CentOS-focused to supporting AlmaLinux/Rocky Linux. Read More

• AI Uncovers Dassault Delmia Apriso RCE – Hacktron found a pre-auth RCE missed by audits, demonstrating AI’s speed in exposing critical vulnerabilities like unprotected .svc files. Read More

• OWASP AI Agent Security Framework – Maps NIST AI RMF to OWASP standards, offering threat analysis for securing agentic systems. Read More

• Semgrep MCP for Agentic Era Security – Launches beta tools addressing agentic era risks in AI systems. Read More

• Detecting IP KVMs with RunZero – Identifies open-source IP KVMs like TinyPilot for remote control, common in labs/SMBs. Read More

• Malicious GitHub MCP Servers Study – VirusTotal found 8% of MCP servers potentially malicious or vulnerable due to poor practices. Read More

• North Korean npm Supply Chain Attack – Exposes supply chain attack using 35 malicious packages; 6 remain live with 4k+ downloads. Read More

• Make Self-XSS Great Again - Slonser Notes

🐦 SecX

• Agentic Ecosystem Achieves 1-Click RCE – @pwndotai enabled 1-click RCE in Cluely via indirect prompt injection. Watch Here

• Agentic Hacking RCE via AI – Octagon Networks demonstrated a 1-click RCE in Cluely using @pwndotai, an agentic hacking ecosystem. The exploit involved techniques like indirect prompt injection. Read More

💻 SecGit

• stamparm/ipsum – Daily feed of bad IPs (with blacklist-hit scores). Explore on GitHub

• NHAS/reverse_ssh – SSH-based reverse shell. Explore on GitHub

• Cybr-Inc/reinforce-2025-summaries – Summaries and key insights from AWS re:inforce 2025 talks. Explore on GitHub

• ANG13T/skytrack – Cybersecurity toolkit for various security tasks. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com