Showing 100 articles max

Black & White Path

May 15, 2026 · Information Security

Twin Brothers Delete 96 Government Databases – A Privileged‑Account Failure Case Study

In 2025, twin brothers with prior cyber‑crime convictions exploited a privileged‑account gap at a federal‑service contractor, erased 96 government databases within six minutes, used AI to seek log‑clearing methods, and triggered a multi‑layered forensic and legal response that highlights critical gaps in identity‑access management, backup integrity, and insider‑threat detection.

AI-assisted attackIncident ResponseMITRE ATT&CK

0 likes · 13 min read

Twin Brothers Delete 96 Government Databases – A Privileged‑Account Failure Case Study

Java Tech Enthusiast

May 14, 2026 · Information Security

Why JWT Still Needs Redis Despite Its Stateless Promise

Although JWT is marketed as a stateless, database‑free authentication method, real‑world applications often store token identifiers in Redis to handle logout, password changes, and token renewal, which reintroduces state and a database lookup.

AuthenticationRedisRefresh Token

0 likes · 6 min read

Why JWT Still Needs Redis Despite Its Stateless Promise

Black & White Path

May 14, 2026 · Information Security

WireTapper: One-Click Open-Source Tool to Reveal All Nearby Wireless Devices

WireTapper is an open-source OSINT/SIGINT platform that passively scans and visualizes every nearby wireless device—from Wi-Fi and Bluetooth to CCTV and vehicle RF—using a privacy-preserving k-anonymous query, integrates multiple external APIs, and offers a quick two-step deployment with a sleek web UI.

BLEOSINTOpen Source

0 likes · 4 min read

WireTapper: One-Click Open-Source Tool to Reveal All Nearby Wireless Devices

Black & White Path

May 14, 2026 · Information Security

How ODINI Breaches Air‑Gapped Machines: Exfiltrating Keys Without Opening the Cage

The ODINI attack demonstrates that a computer sealed in a metal Faraday cage can have its RSA private keys, SSH credentials, and passwords stolen by encoding data into the CPU's power‑state rhythm, emitting a low‑frequency magnetic field that leaks out at up to 40 bits per second.

ODINIRSA key exfiltrationair‑gapped security

0 likes · 6 min read

How ODINI Breaches Air‑Gapped Machines: Exfiltrating Keys Without Opening the Cage

Black & White Path

May 14, 2026 · Information Security

The Dark Side and Hidden Risks of AI Relay Stations

AI relay stations bypass mainland China restrictions by repackaging foreign model APIs, but their three-layer proxy design introduces model substitution, billing manipulation, privacy leakage, and malicious code injection, creating a fragile supply chain that endangers developers, enterprises, and end‑users alike.

AI relay stationsData PrivacySupply Chain

0 likes · 9 min read

The Dark Side and Hidden Risks of AI Relay Stations

Black & White Path

May 13, 2026 · Information Security

Comprehensive Red Team Information‑Gathering Guide

This article presents a step‑by‑step red‑team information‑gathering methodology covering domain CDN detection, real‑IP extraction, subdomain enumeration, DNS history analysis, SSL certificate probing, host‑IP collision, company‑level queries, and a curated list of open‑source tools and command‑line examples for each phase.

CDN BypassInformation GatheringNetwork Scanning

0 likes · 19 min read

Comprehensive Red Team Information‑Gathering Guide

Black & White Path

May 13, 2026 · Information Security

How 84 npm Packages Were Poisoned via a Legitimate CI/CD Pipeline

On May 11, 2024, attackers injected 84 malicious versions across 42 @tanstack packages into the npm registry, all bearing valid SLSA Level 3 signatures, by hijacking TanStack's CI/CD workflow through a Pwn Request, cache poisoning, OIDC token extraction, and rapid release, exposing a critical supply‑chain vulnerability.

OIDCSLSASupply Chain

0 likes · 18 min read

How 84 npm Packages Were Poisoned via a Legitimate CI/CD Pipeline

Black & White Path

May 13, 2026 · Information Security

AI‑Powered 0‑Day Discovery: How Attackers Autonomously Bypassed 2FA

In May 2026, Google Threat Intelligence disclosed that a cybercrime group used a large‑language model to autonomously identify a semantic‑logic flaw in a popular open‑source Python‑based web management tool, generate a Python exploit that bypasses its two‑factor authentication, and launch mass automated attacks, prompting new blue‑team detection and defense strategies.

0-day2FA bypassAI security

0 likes · 12 min read

AI‑Powered 0‑Day Discovery: How Attackers Autonomously Bypassed 2FA

Black & White Path

May 13, 2026 · Information Security

Why the 90‑Day Vulnerability Disclosure Policy Is Effectively Dead

The article argues that AI‑driven discovery, rapid exploit generation, and simultaneous reporting have shattered the four original assumptions of the 90‑day disclosure window, leaving the policy obsolete as patches often lag behind public exploits and industry debates intensify.

AI securityInformation SecurityLinux kernel

0 likes · 15 min read

Why the 90‑Day Vulnerability Disclosure Policy Is Effectively Dead

Black & White Path

May 13, 2026 · Information Security

How We Obtained Root on Samsung S26 (Exynos 2600) – First Exploit After Bootloader Lock Removal

The team’s AI agent captured root privileges on the newly released Samsung S26 smartphone with Exynos 2600, marking the first post‑One UI 8 bootloader‑lock exploit, and demonstrated the vulnerability via a command‑wrapper app that runs entirely in the application context.

Android SecurityBootloader LockExynos 2600

0 likes · 1 min read

How We Obtained Root on Samsung S26 (Exynos 2600) – First Exploit After Bootloader Lock Removal

May 12, 2026 · Information Security

cURL Founder Tests Anthropic Mythos on 176K Lines of C Code, Finds Only One Low‑Severity Vulnerability

In a detailed blog post, curl creator Daniel Stenberg evaluated Anthropic’s AI security model Mythos by scanning 176,000 lines of curl’s C code, uncovering five reported issues that collapsed to a single low‑severity CVE after manual verification, and concluded that the model’s hype far exceeds its actual capability.

AI code analysisAnthropic MythosC language

0 likes · 10 min read

cURL Founder Tests Anthropic Mythos on 176K Lines of C Code, Finds Only One Low‑Severity Vulnerability

Black & White Path

May 12, 2026 · Information Security

How FastGPT’s NoSQL Injection (CVE‑2026‑40351) Enables Admin Login Bypass – A Deep Dive

The FastGPT AI Agent platform suffers a critical NoSQL injection (CVE‑2026‑40351) that lets attackers bypass authentication by injecting MongoDB operators into the password field, granting admin or root access, and the article details the flaw, its impact, proof‑of‑concept, and mitigation steps.

Authentication BypassCVE-2026-40351FastGPT

0 likes · 10 min read

How FastGPT’s NoSQL Injection (CVE‑2026‑40351) Enables Admin Login Bypass – A Deep Dive

Black & White Path

May 12, 2026 · Information Security

Automate Chinese Graded Protection Assessment with OpenOcta AI Skill on Kali

This guide shows how to install the open‑source OpenOcta AI Skill on Kali Linux, then use it to automate the four‑stage Chinese graded‑protection (等保) assessment—including information gathering, vulnerability scanning, exploit verification, and full compliance report generation—without manual configuration.

Kali LinuxOpenOctacompliance report

0 likes · 4 min read

Automate Chinese Graded Protection Assessment with OpenOcta AI Skill on Kali

Black & White Path

May 12, 2026 · Information Security

16 CVEs Reveal Hidden Risks in Automotive Open‑Source Components

In May 2026, sixteen CVEs exposing vulnerabilities in small automotive open‑source libraries—covering CAN, UDS, ISO‑TP, and J1939—highlight how over‑trusted protocol fields, underestimated local boundaries, and neglected supply‑chain maintenance create a blind spot in vehicle security, prompting AI‑assisted research and concrete defensive recommendations.

AI securityCVEOpen Source

0 likes · 13 min read

16 CVEs Reveal Hidden Risks in Automotive Open‑Source Components

Black & White Path

May 12, 2026 · Information Security

From an External Weak Password to Full Internal Access: A School Network Penetration Walkthrough

The article details a step‑by‑step penetration test of an educational network, starting with a weak external credential on a virtual teaching lab, harvesting teacher IDs, exploiting default webvpn and SSLVPN logins, and ultimately reaching an internal WebLogic server, highlighting the danger of weak passwords in schools.

SSLVPNWebLogiceducation network

0 likes · 3 min read

From an External Weak Password to Full Internal Access: A School Network Penetration Walkthrough

Old Zhang's AI Learning

May 11, 2026 · Information Security

Critical CVE-2026-7482 'Bleeding Llama' in Ollama: Why You Must Upgrade Now

Ollama versions before 0.17.1 suffer a CVSS 9.1 heap out‑of‑bounds read vulnerability (CVE‑2026‑7482) that lets attackers upload malicious GGUF files, read server memory—including env vars and API keys—and exfiltrate data, affecting over 300,000 publicly exposed servers, so immediate upgrade and hardening are essential.

API vulnerabilityBleeding LlamaCVE-2026-7482

0 likes · 5 min read

Critical CVE-2026-7482 'Bleeding Llama' in Ollama: Why You Must Upgrade Now

May 11, 2026 · Information Security

AI Uncovers 20-Year-Old Critical Vulnerabilities in PostgreSQL and MariaDB

An AI‑driven security tool discovered high‑severity, remote‑code‑execution flaws in PostgreSQL's pgcrypto extension and MariaDB's JSON schema validation, both dating back over two decades, prompting immediate patch releases and offering mitigation steps for unpatched deployments.

AI-driven AnalysisCVE-2026-2005MariaDB

0 likes · 6 min read

AI Uncovers 20-Year-Old Critical Vulnerabilities in PostgreSQL and MariaDB

Black & White Path

May 11, 2026 · Information Security

FFBT Hit Again: Credential and Admin Access Data Breach by NormalLeVrai

In May 2026, VECERT flagged threat actor NormalLeVrai for stealing credentials and admin access from France’s Fédération Française de Ball‑Trap (FFBT), selling the data on dark‑web markets; the breach, still under investigation, highlights the actor’s focus on French organizations, low‑price bulk sales, and the need for immediate password resets, MFA, and continuous monitoring.

Credential TheftFFBTInformation Security

0 likes · 6 min read

FFBT Hit Again: Credential and Admin Access Data Breach by NormalLeVrai

Black & White Path

May 11, 2026 · Information Security

How OceanLotus weaponized PyPI to deliver ZiChatBot malware using Zulip as C2

OceanLotus (APT32) hijacked three innocuous PyPI packages—uuid32-utils, colorinal, and termncolor—to drop the ZiChatBot malware, which persists via registry or crontab and communicates through the Zulip public chat REST API, making its traffic indistinguishable from legitimate developer traffic and evading network‑based detection.

Dependency PoisoningOceanLotusPyPI

0 likes · 11 min read

How OceanLotus weaponized PyPI to deliver ZiChatBot malware using Zulip as C2

Black & White Path

May 11, 2026 · Information Security

State‑Sponsored Actors Gain Root on Palo Alto PAN‑OS via Captive Portal Buffer Overflow

A detailed analysis of CVE‑2026‑0300 reveals how a nation‑backed group exploited a buffer‑overflow in PAN‑OS's Captive Portal to obtain root on Palo Alto firewalls, outlining the attack chain, affected versions, immediate mitigations, long‑term remediation, compliance impacts, and lessons learned.

CVE-2026-0300Captive PortalIncident Response

0 likes · 12 min read

State‑Sponsored Actors Gain Root on Palo Alto PAN‑OS via Captive Portal Buffer Overflow