ARPSyndicate - Cyber & Open Source Intelligence

Another bleeding-edge version of VEDAS is out now 🎉🥳 Many network-exploitable vulnerabilities, such as CVE-2025-47188, remains delayed, poorly documented and lack meaningful enrichment. Despite being actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS or proprietary vulnerability databases. VEDAS can be used for Mining Exploit Intelligence linked to vulnerability identifiers like CVE, EUVD, CNNVD, and BDU and can be helpful in developing custom Nuclei templates and extending its coverage, supporting the growing community of security teams, researchers, and ASM providers. Read More: osintteam.com/mining-exploit…

We welcome esteemed guest from @arpsyndicate as an Industry Partner for #BharatDefenceTechShow2026 (BDTS 2026). In an era where cyber dominance, digital warfare, and strategic innovation define national security, ARPSyndicate brings deep expertise in cybersecurity intelligence, threat research, and next-generation defence solutions. At BDTS 2026, the convergence of: 🔹 Innovation 🔹 Future Warfare Technologies 🔹 Global Collaboration will drive meaningful dialogue between defence leaders, technology pioneers, policymakers, and global industry stakeholders. 📅 February 16–17, 2026 📍 Manekshaw Centre, Delhi, India Together, we strengthen the ecosystem powering #AtmanirbharBharat and next-generation defence readiness. We look forward to impactful collaborations and strategic partnerships at #BDTS2026. @DefenceMinIndia @makeinindia @investindia @SpokespersonMoD @DefProdnIndia #BDTS2026 #BharatDefenceTechShow #DefenceInnovation #CyberSecurity #FutureWarfare #MakeInIndia #DefenceTechnology #StrategicPartnerships #GlobalDefence #MilitaryTechnology #Aerospace #HomelandSecurity #InnovationEcosystem #IndiaDefence #Defe

The API only gets 100 at a time, but I partially vibe coded this script to get beyond that. You can obviously scrape this entire API by refining the code. If someone has access to this, they have access to a wealth of info even if the SSNs are partial. Data brokers love data.

absolutely fantastic

MEAWFY Advanced MegaNZ File Search Engine 9M+ indexed files meawfy.com

Sandworm hackers linked to failed wiper attack on Poland’s energy systems - @LawrenceAbrams bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

It's crazy how hallucinated AI CVE PoCs keep ending up in @NIST NVD references. One recent example is CVE-2026-21962, a 10.0 CVE in Oracle HTTP Server / Apache Proxy Plugin. nvd.nist.gov/vuln/detail/CV… links to a GitHub repository with a fake PoC. This also propagates to @github advisories: github.com/advisories/GHS… Meanwhile, some blue teams are injecting AI slop rules to prevent this and thinking they are protected, but they are not.

A Spanish judge closed a probe into a high-profile spyware case after Israel did not respond to several coopration requests therecord.media/spanish-judge-…

Yes, we've heard a little noise about the semi-popular #ChatMoss #VSCode extension that appears to be malicious. We reported it on 31. Oct 2025, in fact; shortly after we began our ongoing campaign to monitor the VSCode and OpenVSX marketplaces. The extension ID is WhenSunset[.]chatgpt-china ; for whatever reason, in this case the marketplace folks decided to take no action. It's not new, it's not news, but it is a good reminder to be cautious; marketplace maintainers can be reluctant to remove things without "smoking gun" evidence of malice. #WhenSunset #VSCodeExtension #Malware #SupplyChainSecurity #OpenSourceSecurity

Well that’s a big one:

CVE-2025-2294🚨 The Gateway was allowing unauthenticated users to inject and execute arbitrary code via SpEL.🔥 #bugbountytips :Hit a 403? Use /..;/ or X-Original-URL header to bypass WAF and reach hidden endpoints. 💸 #bugbounty #bugbountytip #EthicalHacking

GNU InetUtils telnetd Argument Injection Authentication Bypass Leads to RCE (CVE-2026-24061) USER="-f root" telnet -a 127.0.0.1 2323 Try reproduce this issue using #Vulhub github.com/vulhub/vulhub/…

Public exploit disclosed for Redis CVE-2025-62507. Missing stack canaries in Docker allow unauthenticated RCE. Update to v8.3.2 immediately. #Redis #CVE202562507 #ExploitReleased #CyberSecurity #RCE #Docker #InfoSec #PatchNow securityonline.info/redis-rce-expo…

⚠️⚠️ CVE-2026-21962 (CVSS 10.0): Oracle Fusion Middleware to unauthenticated remote total takeover via HTTP 🔗FOFA Link: en.fofa.info/result?qbase64… 🎯5.3k+ Results are found on the en.fofa.info nearly year. FOFA Query: app="Oracle-Fusion-Middleware" 🔖Refer: securityonline.info/total-takeover… #OSINT #FOFA #CyberSecurity #Vulnerability

Cloudflare Zero day 💀

Something funky going on at @Zendesk, I’ve received the same junk myself. Anyone else?

Some additional domains: redvds[.]su, redvds[.]ru

Great aggregator website to live track Iran related news and updates. iranmonitor.org

Continued insight into the PRC cyber ecosystem where Chinese companies play a big role and even run cyber intrusions for the state. Knownsec is only one of many commercial actors that underpin troublesome hacks.

📦 I just released Security-Detections MCP - a way to let LLMs reason over real detection content, not just the internet. This isn’t "AI writes detections for you." It’s: • Threat report in • Coverage + gaps out • Grounded in actual rules (KQL, SPL, Sigma, internal content) The MCP indexes your detection corpus and exposes it in a way LLMs can query, compare, validate, and explain. What this enables: • Faster detection validation • Identifying blind spots before adversaries do • Structured markdown reports you can actually act on • Humans stay in control — AI becomes the force multiplier Repo ➡️ github.com/MHaggis/Securi… 👇Video walkthrough 👇 youtu.be/i9_sZAp8qfI If you’re doing detection engineering, threat hunting, or maintaining a large rule set - this changes how fast you can move. More coming. This is just the start.