Markus Vervier

Reality check your defenses! POC collection of the Month-of-Bypasses: github.com/persistent-sec…

Millions of AI agents imperiled by critical vulnerability in open source package. “BadHost” was found in Starlette, a package with 325 million weekly downloads. arstechnica.com/information-te…

While everyone was on Holiday we scanned the Internet for #BadHost (CVE-2026-48710): zero auth required, affecting FastAPI, vLLM, LiteLLM, and many more - basically the whole AI infra stack! What we found is: clinical trial databases, email mailboxes, MCP server for SSH industrial IoT via bastion servers, and live PII APIs wide open. The FastAPI/MCP ecosystem is sitting exposed - patch to Starlette 1.0.1 NOW and check your exposure at badhost.org

@OSTIFofficial Great collab on this one with @OSTIFofficial , @Persistent_Psi and BinTech!

During a security audit of vLLM managed by OSTIF.org, a bug was discovered through manual analysis by a senior security expert at X41 D-Sec. #OSTIF #BadHost #vLLM #X41DSec

Identify badhost.org using Semhound in minutes ! semhound <github-org> \ --rules-url raw.githubusercontent.com/x41sec/poc/ref… \ --ai-config ai.config \ --threads 20

We live in interesting times. Last month Linux patched a core uaf in the epoll subsystem, we rarely see these kind of bugs. As i like these kind of bugs, i wrote a few words about it here: guysrd.github.io

Claude Code vs Developer 🤣🤣🤣

Running FastAPI or another python ASGI framework? Then patch Starlette now, chances are high it's in your supply chain! A host header parsing issue can lead to vulnerabilities leading from auth bypass up until RCE! Examples for affected packages are liteLLM, vllm, etc... Here is the X41 Advisory: x41-dsec.de/lab/advisories…

Our @qualys TRU advisory for CVE-2026-46333 is live. Local root impact in the Linux kernel ptrace path. The patch went public, PoCs followed, and defenders were left racing. The gap between patch and protection is becoming one of security’s defining problems, current disclosure was not built for this. cdn2.qualys.com/advisory/2026/…

@dadrian 100% will be a bug collision!

Tomorrow, I will drop Chrome exploit code showing how an attacker can execute arbitrary Javascript within the context of a domain they control.

@LiveOverflow I've asked myself the same question.

anybody else getting older and noticing that you increasingly talk to yourself????

Aaaand it's official! Orange Tsai (@orange_8361) of DEVCORE Research Team chained 3 bugs to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning a whooping $200,000 and 20 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉

If AI is taking jobs everywhere and especially in security, why is everyone I currently deal with swamped with work?

CVE-2026-40361 (msrc.microsoft.com/update-guide/v…), patched today, is a critical 0-click UAF/RCE bug in Microsoft Outlook that I discovered back in Q1. You definitely want to patch this sooner rather than later. The danger of such 0-click bugs in Outlook is that they are triggered as soon as the victim reads or previews the email - no clicking of links or attachments is required. Since the bugs reside in Outlook's email rendering engine, it is difficult to mitigate or block (though specifically setting Outlook to render emails only in plain text format is a valid mitigation). Fun fact about the discovery: after the discovery of the #BadWinmail bug a decade ago, I wanted to run an experiment in Q1 to see if I could find another 0-click RCE in Outlook. The result? It wasn't easy — I even built a dedicated system for it — but I eventually found this one. :) To understand why such bugs are so critical, check out the #BadWinmail video demo I released a decade ago: youtube.com/watch?v=ngWVbc…. They share the same attack vector (though #BadWinmail was a working exploit, while this one was a PoC). Essentially, anyone could compromise a CEO or CFO just by sending an email. The threat perfectly bypasses enterprise firewalls and is delivered directly to the inbox. Furthermore, note that Outlook (Classic) lacks an application sandbox, making this attack vector even more dangerous. Regarding defense and detection: if you are concerned about Outlook 0-click 0-days, my EXPMON system (pub.expmon.com) provides cutting-edge detection against such advanced threats. When I designed the original system in 2020/2021, I developed this functionality specifically considering the impact of #BadWinmail. The system accepts .eml or .msg formats, and email samples are deeply tested within an Outlook sandbox. For enterprise users, emails can be "dumped" from the mail server, and EXPMON can be deployed in a private network. Contact me for more details. P.S. I just noted that the title of the Microsoft Security Update (msrc.microsoft.com/update-guide/v…) lists this as a Microsoft Word bug, which may or may not be entirely accurate. I demonstrated this bug to MSRC by showing that it works in a real, live Outlook + Exchange Server environment. My bet is that because the bug resides in wwlib.dll — a shared DLL used heavily by both Outlook and Word — it likely affects both Outlook (via email) and Word (via a document file). Regardless of the title, it is a genuine Outlook 0-click RCE. #CVE-2026-40361 #PatchTuesday #Outlook #0click #EmailSecurity #EnterpriseSecurity #expmon #ThreatIntel #ExploitDetection

This guy got so annoyed with spam callers that he wrote a script that endlessly calls them back and plays Rick Astley’s “Never Gonna Give You Up” on repeat until they finally block his number.

@bl4sty straight left-pad to the face!

my prediction is we will finally properly crack down on these npm supply chain attacks once left-pad gets hit

26b74a3148a790a887f7e59a93905eea2fa126a917aae28f4a428e8494cdf4d6