nethemba

‘Withdraw Now’, Inside Aave’s Sudden $200M Bad Debt Crisis A major exploit of KelpDAO's cross-chain bridge has cascaded into Aave, one of DeFi's largest lending protocols. forbes.com/sites/digital-…

Autonomous vulnerability scanner and source-code hunter built on LangGraph. github.com/Lazarus-AI/cle…

"I Let Claude Opus Write a Chrome Exploit: The Next Model (Mythos?) Won't Need My Help? " hacktron.ai/blog/i-let-cla…

Can you steal $10,000 from a locked iPhone? youtube.com/watch?v=PPJ6NJ…

Supply chain nightmare: How Rust will be attacked and what we can do to mitigate the inevitable kerkour.com/rust-supply-ch…

Evaluating and mitigating the growing risk of LLM-discovered 0-days Claude Opus 4.6, released today, continues a trajectory of meaningful improvements in AI models’ cybersecurity capabilities. red.anthropic.com/2026/zero-days/

XBOW Validation Benchmarks is a collection of web security challenges designed to test automated security testing tools. github.com/xbow-engineeri… AI agent benchmark results across security platforms 0ca.github.io/BoxPwnr-Traces…

Assessing Claude Mythos Preview’s cybersecurity capabilities red.anthropic.com/2026/mythos-pr…

Privacy-first mobile carrier with IMSI rotation, encrypted texting, SIM swap protection, anonymous payments, and no data collection cape.co

axios Compromised on npm - Malicious Versions Drop Remote Access Trojan: The attacker injected a hidden dependency that drops a cross platform RAT. We are actively investigating and will update this post with a full technical analysis. stepsecurity.io/blog/axios-com…

#23 Year Of The Pig (Try Hack Me) (Hard) (Challenge) I Should Learn Python... What happens when a Java/PHP coder is challenged to write a Python script? My attempt at Year Of The Pig on THM which is rated 'Hard'. Thanks to Rick. youtube.com/watch?v=DgSZV8…

Z ktorého vrecka zaplatí EK pokutu za hrubé zanedbanie bezpečnosti? Správne! Z vrecka daňových obetí... Čo v korporáciách musia ťažko znášať majitelia/akcionári. European Commission’s Data Stolen in Hack on AWS Account bloomberg.com/news/articles/…

Large-Scale Online Deanonymization with LLMs We measure the capabilities of LLMs to deanonymize users online. simonlermen.substack.com/p/large-scale-…

Sweden's E-Government Source Code Leaked in Major CGI Sverige Breach safestate.com/post/swedens-e…

Česká vláda má bezpečnou digitální identitu na dosah. Zájem o ni zatím není Česko zatím opakuje vzorec Evropské komise a upřednostňuje zastaralé technologie před prověřenými bezpečnými inovacemi. reporteri.substack.com/p/ceska-vlada-…

Venice Launches End-to-End Encrypted AI We're introducing verifiably encrypted AI inference, offering both Trusted Execution Environment (TEE) and End-to-End Encrypted (E2EE) models. venice.ai/blog/venice-la…

Docker-based lab environment for the Attacking, Defending, and Leveraging AI class. Integrates the BHIS AI-CTF (11 prompt injection challenges) with 9 hands-on Jupyter lab notebooks and an automated LLM red-teaming container. github.com/deruke/aisecop…

HorusEye: I Built an AI-Assisted Active Directory Attack Platform After 1000+ CTF Rooms @OmarTamer0/horuseye-i-built-an-ai-assisted-active-directory-attack-platform-after-1000-ctf-rooms-7f0ace21895c" target="_blank" rel="nofollow noopener">medium.com/@OmarTamer0/ho…

The new attack against Wi-Fi The attacker can view and modify data before it makes its way to the intended recipient. The attacker can be on the same SSID, a separate one, or even a separate network segment tied to the same AP. schneier.com/blog/archives/…

How to Stop the Government From Spying on You, Explained by a Digital Privacy Expert tuckercarlson.com/tucker-show-ya… open.spotify.com/episode/3pa2re…