"Know your adversary's network, and your own, and you shall not fear the outcome of a thousand hacks." - The Art of Cyber War

📚 SecMisc #

OrgSec Guide – A practical guide to organizational security. Read More

Llama Protections – Open-source security tools by Llama. Read More

📰 SecLinks #

Fake GIF Leveraged in Multi-Stage Reverse-Proxy Card Skimming Attack – A fake image used in a stealthy card skimming technique. Read More

Cybersecurity (Anti)Patterns: Busywork Generators – Discussing patterns that create meaningless security tasks. Read More

AWS Built a Security Tool. It Introduced a Security Risk. – How AWS unintentionally introduced a vulnerability. Read More

Grafana Security Update – GitHub workflow vulnerability clarified. Read More

Securing a SaaS Company's AWS Environment After a Breach – Lessons learned post-incident. Read More

Applying Security Engineering to Prompt Injection Security – Bruce Schneier on prompt injection threats. Read More

CVE-2025-32433 – RCE via state machine error in Erlang/OTP SSH. Read More

WTF is SOC 2 Compliance? – A simple breakdown of SOC 2. Read More

Tag Your Way In – New privilege escalation in GCP using tags. Read More

Peephole Deobfuscation – Simplifying obfuscated code with pattern-based logic. Read More

Meta’s New Open-Source AI Privacy Tools – Latest security advancements from Meta. Read More

AirBorne: Zero-Click RCE in Apple AirPlay – Critical RCE flaw in Apple’s AirPlay protocol. Read More

Deceiving Users with ANSI Terminal Codes – Security implications of terminal manipulation. Read More

The MCP Server for Wiz – AI-native security server from Wiz. Read More

💻 SecGit #

AdnaneKhan/Gato-X – Static analysis and GitHub Actions exploitation toolkit. Explore on GitHub

Yamato-Security/suzaku – Sigma-based threat hunting and cloud log forensics. Explore on GitHub

google/mcp-security – Google’s official MCP security framework. Explore on GitHub

quarkslab/proxyblob – A SOCKS5 proxy tool using Azure Blob Storage. Explore on GitHub

← Back to Seclog