Seclog - #180
In this week's Seclog, the pervasive integration of Artificial Intelligence across the security landscape stands out as a dominant theme, showcasing both its utility in defense and its introduction of novel attack vectors. Several articles detail advanced exploit chains and intricate bypass techniques, affecting everything from developer tools and widely used protocols like OAuth 2.0 to critical infrastructure like WAFs. The role of AI as an attack surface is critically examined through vulnerabilities in AI-driven features and connectors, emphasizing the need for robust security frameworks like Zero Trust for AI agents. Simultaneously, the community continues to share deep dives into traditional bug hunting, client-side authentication bypasses, and complex privilege escalation paths across various platforms. This collection underscores the dual challenge of leveraging AI for security while securing AI itself, all while the fundamental principles of vulnerability research remain as crucial as ever.
📚 SecMisc #
Cyber Education for Children - cyberkinder.com
Presents CyberKinder, an interactive learning platform designed to teach children about coding, cybersecurity, AI, and online safety.
Utilizes short, engaging games to deliver educational content in a child-friendly environment.
📰 SecLinks #
Hardening CTF Challenges Against AI - danisy-eisyraf-portfolio.super.site
Addresses the rising trend of AI utilization in CTF competitions by challenge creators.
Explores strategies for designing CTF challenges that specifically resist AI-driven solutions.
Neo: AI Security Engineer Framework - projectdiscovery.io
Introduces Neo, a cloud-based AI designed to function as a security co-engineer within teams.
Highlights Neo's framework architecture, which combines LLM reasoning with specialized execution tools, sandboxed environments, and a persistent memory layer for learning system specifics.
Advanced GitHub Phishing for Red Teams - atsika.ninja
Details a red team methodology for sophisticated GitHub phishing, exploiting TOCTOU race conditions.
Demonstrates how to trick developers into authorizing malicious OAuth applications for initial access, effectively bypassing MFA through trusted infrastructure.
JavaScript Analysis for Pentesters - kpwn.de
Provides guidance on analyzing JavaScript code, a crucial skill for penetration testers.
Focuses on techniques to identify client-side vulnerabilities and understand application logic through script examination.
Security Risks in AI Integrations - kamilsecnotes.blogspot.com
Discusses security implications arising from integrating AI components, specifically referencing a Claude Desktop plugin.
Highlights the potential for supply chain risks and insecure configurations introduced by third-party AI extensions.
Claude AI Connector Security Database - claudesec.pluto.security
Introduces ClaudeSec, a resource dedicated to tracking and assessing security risks in Claude AI connectors, plugins, and extensions.
Aids in identifying vulnerabilities and understanding risk ratings within the Claude ecosystem, offering security guidance for developers and users.
Native Frida Build on Termux - qbtau.in
Explores the process and challenges of compiling Frida natively on Android using Termux, bypassing the Android NDK.
Offers insights into setting up and troubleshooting a mobile dynamic instrumentation toolkit in a non-standard environment.
Real-World Client-side Auth Bypass - synack.com
Provides an in-depth analysis of client-side authentication bypass vulnerabilities through three real-world case studies.
Illustrates practical methodologies for identifying and exploiting weaknesses in frontend authentication mechanisms during penetration testing.
VSCode Extensions for Initial Access - mdsec.co.uk
Details a red team technique involving the use of malicious VSCode extensions to gain initial access in targeted phishing campaigns.
Focuses on exploiting developer trust in IDE environments to compromise technical users.
Security Engineering in AI Era - semgrep.dev
Examines the future role of security engineers in an era of rapidly increasing code volume and AI-generated code.
Argues for the critical need for security tools and practices to evolve and adapt to the changing landscape of software development to remain relevant.
OAuth 2.0 Vulnerability Chains - blogs.jsmon.sh
Details complex attack chains against OAuth 2.0 and OpenID Connect, exploiting issues like
iss+subconfusion andredirect_uripath traversal.
Explains how token leakage via Referer headers can compromise these widely adopted authentication protocols in production systems.
WAF Bypasses with h2 Framing - lab.ctbb.show
Investigates novel techniques for bypassing Web Application Firewalls (WAFs) by manipulating HTTP/2 (h2) framing.
Provides technical insights into how specific h2 framing anomalies can evade WAF detection mechanisms.
MCP Bug Hunting in AI Security - sallam.gitbook.io
Discusses methods and strategies for bug hunting within the context of AI security, specifically focusing on "MCP" (Machine Learning, Cloud, Privacy).
Provides guidance for identifying vulnerabilities in AI-driven systems and integrations.
Malicious README Steals Cursor Keys - 0din.ai
Demonstrates an attack vector where a malicious GitHub README can exploit Cursor IDE via prompt injection.
Shows how this technique can exfiltrate sensitive environment variables and API keys, leveraging user habit of auto-allowingpowershell -ccommands.
Malicious Codex Tool Stole OpenAI Tokens - hackread.com
Reports on a popular Codex UI tool (with 27,000 downloads) that was found to be secretly exfiltrating OpenAI refresh tokens.
Highlights the significant supply chain risk associated with widely adopted third-party tools and applications.
phpBB Blind SSRF via Web Push - hackerone.com
Details a blind POST Server-Side Request Forgery (SSRF) vulnerability found in phpBB, exploitable via Web Push functionality.
Illustrates how to leverage this vulnerability to trigger outbound connections from the server without direct response visibility.
Measuring Nginx RCE Vulnerability Impact - blog.calif.io
Analyzes the widespread impact and exploitability of two critical Nginx Remote Code Execution (RCE) vulnerabilities.
Discusses methodologies for assessing the prevalence and potential damage of high-severity flaws in widely deployed web server software.
Self-XSS to One-Click Account Takeover - zere.es
Documents an elaborate exploit chain transforming a seemingly innocuous self-XSS in a sanitized name field into a one-click account takeover.
Highlights the importance of persistent client-side vulnerability assessment and chaining multiple bypasses to achieve critical impact.
Samsung S25 Arbitrary APK Install - bugscale.ch
Details a five-bug exploit chain in the Samsung Galaxy Store leading to arbitrary local APK installation on the Samsung S25.
The chain leverages weak signature verification, unprotected exported receivers, path traversal, predictable randomness, and a denial-of-service vulnerability.
XSS Vulnerability in Shazzer Tool - jorianwoltjer.com
Describes the discovery of an XSS vulnerability within Shazzer, a browser fuzzing tool, rather than through its use.
Explores advanced XSS exploitation techniques, specifically focusing on Blob URLs to bypass sandboxing and execute malicious content.
Zero Trust Framework for AI Agents - claude.com
Proposes a Zero Trust framework specifically designed for the secure deployment of autonomous AI agents within enterprise environments.
Outlines a tiered architecture and an eight-phase implementation workflow to mitigate threats, including the integration of agentic SOAR capabilities.
Evolving Exploit Chains in LiteLLM - starlabs.sg
Analyzes the rapid evolution of four distinct exploit chains discovered in LiteLLM, a tool related to large language models.
Highlights the dynamic nature of vulnerability exploitation and patch evasion in AI-adjacent software.
Agentic Vulnerability Coverage Map - vuln.cs.berkeley.edu
Introduces a daily updated coverage map visualizing vulnerabilities discovered by agentic AI systems.
Serves as a dynamic resource for tracking the effectiveness and scope of AI in automated vulnerability discovery, sourced from public CVE feeds.
Grafana Misconfiguration to Meta Repos - sectricity.com
Details a five-hop exploit chain originating from a misconfigured Grafana instance on a Meta IP.
Explains how this misconfiguration allowed access to 507 private Meta repositories, showcasing the critical impact of even seemingly minor configuration flaws.
AI Discovers FreeBSD Kernel Bugs - blog.calif.io
Reports on an AI-driven security audit of FreeBSD that uncovered 15 kernel bugs.
The findings include critical vulnerabilities such as 3 Remote Code Executions (RCEs), 5 Local Privilege Escalations (LPEs), and 1 bhyve hypervisor escape.
Gogs Authenticated RCE Unfixed - rapid7.com
Reveals an authenticated Remote Code Execution (RCE) vulnerability in Gogs, exploitable via argument injection.
Explains how an authenticated user can achieve RCE by crafting a malicious branch name within a pull request, noting the vulnerability remains unfixed.
🐦 SecX #
Meta AI Feature Hijacked Instagram Accounts - x.com
Reports a critical vulnerability in a Meta AI feature that allowed attackers to hijack Instagram accounts using only a username.
Notes that the flaw was active during A/B testing, impacting high-profile accounts like the official Obama White House account.
💻 SecGit #
Agentic AI Vulnerability Scanner - github.com
Introduces Vigolium, an open-source, high-fidelity vulnerability scanner that leverages agentic AI for enhanced precision.
Designed for speed and modularity, combining AI reasoning with native execution for effective vulnerability detection.
Tesla Infotainment System Vulnerabilities - github.com
← All SeclogsPresents extensive vulnerability research on Tesla Model 3/Y infotainment systems, identifying six vulnerabilities and four CVEs (CVE-2022-42005 to CVE-2022-42008).
Details how these flaws enable root shell access, persistent compromise, and even spoofing of insurance telemetry data.