CVE-2025-34508: Another File Sharing Application, Another Path Traversal

Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform

Is your AI safe? Threat analysis of MCP (Model Context Protocol)

dnsimg - storing images in txt records

You can read more about these contributions in our recent blog posts:.* * Come find us at the poster session this week at #DIMVA2025 @DIMVAConf and say hi 👋👋!.

Two posters, one mission: improve cyber threat detection. * KeyReaper: Recovering leaked cryptographic keys from memory snapshots.* Zero-Shot AGD Detection: Using LLMs to spot malicious domains without training.#PlanDeRecuperación #NextGenerationEU #ProyectosCiber.

Expanding on ChunkyIngress - Clippy Goes Rogue (GoClipC2)

New blog post! We present RAMPAGE, our open-source framework for reproducible evaluation of AGD detection models. Bye-bye black-box results! #PlanDeRecuperación #NextGenerationEU #ProyectosCiber #AICybersecurity #Reproducibility Read it here:

She Won. They Didn't Just Change the Machines. They Rewired the Election. #ElectionRewired #TechGiants #DigitalOccupation #VoteFlippingAlgorithm #CrimeoftheCentury

GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035) #GIMP #HeapOverflow #VulnerabilityExploitation #Security #IntegerOverflow

Make Self-XSS Great Again #MakeSelfXSSGreatAgain #StoredSelfXSS #CSRF #Clickjacking #XFrameOptionsDeny

⛱️ Este verano apúntate al curso ."Programación segura con RUST".Del 14 al 18 de julio en LAAAB. 🔜info: Actividad de la Cátedra Internacional de Ciberseguridad UNIZAR, financiado por @INCIBE .#CátedrasCiber #Unizar #PlanDeRecuperación #nextgenerationeu.

Giving an LLM command line access to Nmap #LLM #Nmap #SecurityResearch #ToolIntegration #Automation

Influencing LLM Output using logprobs and Token Distribution #LLMOutput #logprobs #TokenDistribution #AIInfluence #SpamFilter

Introducing: GitHub Device Code Phishing

Millions of Vulnerabilities: One Checklist to Kill The Noise #KillTheNoise #VulnerabilitiesManagement #CutTheNoise #FixCriticalIssues #ReduceBacklog

“Localhost tracking” explained. It could cost Meta 32 billion #LocalhostTracking #MetaFines #GDPRViolation #DMAViolation #PrivacyBreaches

Getting RCE on Monero forums with wrapwrap #bugbounty #moneroforums #libmagic #wrapwrap #RCE

Les comptes machines dans Active Directory #ActiveDirectory #ComptesMachines #Sécurité #Pentest #Mobeta

A Look in the Mirror - The Reflective Kerberos Relay Attack #KerberosRelayAttack #ReflectiveAttack #CVE202533073 #PatchTuesday #SecurityDisclosure