“If you know your network and your systems, you need not fear the result of a hundred cyber battles." - Sun Tzu, The Art of Cyber War
📚 SecMisc
- GPS Signal Spoofing - Overview of GPS spoofing threats and mitigation techniques. Read More
📰 SecLinks
Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey - Exploiting vulnerabilities in older versions of SpiderMonkey. Read More
RCE Vulnerability in QBittorrent – Sharp Security - Analysis of a remote code execution vulnerability in QBittorrent. Read More
OSV - Open Source Vulnerabilities - Initiatives for improving data quality in open-source vulnerability reporting. Read More
Email Security Analysis - Danny's Newsletter - In-depth look into email security challenges and solutions. Read More
More Models, More ProbLLMs: New Vulnerabilities in Ollama | Oligo Security - Discussing vulnerabilities introduced by new models in machine learning security. Read More
Identifying Blind Spots in Your API and Application Security - Strategies for identifying and addressing API security gaps. Read More
ChatGPT-4o Guardrail Jailbreak: Hex Encoding for Writing CVE - Techniques for bypassing guardrails in ChatGPT-4 to write CVEs. Read More
Asking Good Questions in OSINT - Essential questioning strategies to enhance OSINT investigations. Read More
🐦 SecX
- Bypassing App-Bound Encrypted Keys in Chrome - Code for bypassing and decrypting App-Bound encrypted keys in Chrome 127+. View on X
💻 SecGit
tun2socks - A tool powered by gVisor’s TCP/IP stack for tunneling SOCKS connections. Explore on GitHub
gcp-ctf-workshop - A workshop for GCP-based capture the flag (CTF) exercises. Explore on GitHub
dns-triage - A Python script for conducting domain-focused reconnaissance. Explore on GitHub
For suggestions and any feedback, please contact: securify@rosecurify.com