Seclog - #138

"A wise warrior knows that every click is a potential weapon in the digital battlefield." - The Art of Cyber War

📚 SecMisc

• Attacker File Extensions Database for Threat Intel – Filesec.io provides a database of file extensions used by attackers, helping you stay up-to-date with threat intelligence. You can contribute to expand this valuable resource. Filesec.io

• Red-Teaming AI Models for Vulnerabilities – A Kaggle competition challenges participants to find previously undiscovered flaws and vulnerabilities in the gpt-oss-20b model. This aims to improve AI security through community red-teaming efforts. Kaggle

• Vulnerability Vibes: Network, Learn, Connect – Vulnerability Vibes offers an opportunity to network and make new connections within the security industry. Attendees can learn from the hackers themselves, understanding both industry trends and attacker tactics. Vulnerabilityvibes.com

📰 SecLinks

• HTTP/1.1 Desynchronization Endgame – Protocol deemed inherently insecure. Read More

• AWS SAR IAM Action Nuances – AWS Service Authorization References (SAR) and IAM action risks. Read More

• AWS Account Termination Without Warning – 10-year-old AWS account deleted without recovery. Read More

• ORM Injection Crypto Theft Exploit – Cryptocurrency theft via ORM injection in online game. Read More

• CVE-2025-29891 Apache Camel RCE – Header injection RCE via misconfiguration. Read More

• Squid Proxy Critical RCE Vulnerability – SQUID-2025:1 flaw enables remote code execution. Read More

• Adobe Experience Manager Pre-Auth Flaws – Critical vulnerabilities in AEM Forms via Struts DevMode. Read More

• Jenkins RCE via Git Parameter Plugin – CVE-2025-53652 allows unauthenticated RCE. Read More

• Fastly HTTP/1.1 Attack Resilience – Parser robustness protects against desync. Read More

• 1Panel Agent Certificate Bypass – GHSA-8j63-96wh-wh3j allows arbitrary code execution. Read More

• Buttercup Open-Source Release – AI Cyber Challenge runner-up CRS open-sourced. Read More

• Blind SSRF to File Reading Oracle – Turning SSRF into a file oracle. Read More

• Copilot Studio AIjacking Data Theft – Prompt injection leads to full data exfiltration. Read More

• Security Products and Human Psychology – Security tools linked to 7 deadly sins. Read More

• HashiCorp Vault Auth Flaws Exposed – Zero-day in authentication & authorization. Read More

• Safari PermissionJacking Privacy Risk – Permission hijacking in Safari. Read More

• Zscaler SAML Auth Bypass Advisory – CVE-2025-54982 missing signature verification. Read More

• Confluence Auth Bypass via XSS – iOS-specific XSS leads to auth bypass. Read More

• FileJacking Initial Access with File System API – Experimental API allows direct file editing. Read More

• Introducing AI-powered Exploit Verification and Triage – AI to triage vulnerabilities. Read More

• Cursor IDE's MCP Vulnerability Discovery – MCP flaw in AI IDE allows local command execution. Read More

🐦 SecX

• Brave HTML Serialization Vulnerability – Demo shows broken serialization. Watch Here

💻 SecGit

• Quack PHP Deserialization Protector – Runtime validation against PHP deserialization attacks. Explore on GitHub

• Finch TLS Fingerprint-Aware Proxy – Reverse proxy blocks/reroutes traffic using JA3/JA4 fingerprints. Explore on GitHub

• Kwcmd Hidden Linux Backdoor – Persistent access via disguised commands. Explore on GitHub

• Beelzebub AI Honeypot Framework – AI for virtualization deception environments. Explore on GitHub

• Signal Key Transparency Auditor – Audits Signal's Merkle^2-style logs. Explore on GitHub

• Claude-Powered Security Code Review – Uses Claude AI to analyze commits for vulnerabilities. Explore on GitHub

• ECSpace AWS ECS Credential Theft – IAM credential theft in EC2 launch mode. Explore on GitHub

• Viper AI Red Teaming Platform – AI-powered adversary simulation. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com