#Netsec

Disclosure/write-up for CVE-2021-21735 affecting the ZTE ZXHN H168N V3.5. The issue is cataloged as information disclosure, but the useful part is the authorization failure: wizard handlers under the setup surface exposed PPPoE and WLAN material that…

The first sign wasn’t a security alert. It was a temperature reading. A food plant’s cold rooms were warming up and the product was spoiling. The engineers expected a dead compressor.…

Overview: On May 24, 2026, the data breach notification service Have I Been Pwned (HIBP) integrated a dataset originating from an April 2026 extortion campaign targeting 7-Eleven.…

This is a really bad one that flew under the radar. One character auth bypass in vLLM, LiteLLM, MCP servers, OpenAI shims, and a lot more. submitted by /u/Youknowimtheman [link] [comments]

I published a technical write-up on an old OLX account takeover issue. The core bug was an OTP correctness leak inside the rate-limit state. After repeated invalid OTP attempts, the application showed a lockout message.…

The security angle on encrypted DNS is often oversimplified. DoH prevents ISP-level snooping and basic DNS hijacking, but doesn't protect against a compromised resolver.…

The Lithuanian Prosecutor General’s Office and the Criminal Police Bureau have initiated a joint investigation into a large-scale data exfiltration incident targeting the State Enterprise Centre of Registers.…

After FIOD seized 800+ servers and arrested two operators on May 18, the ELLIO research team reports that scanning from the network's ASN ranges has continued largely uninterrupted - and that while roughly a third of the recently-active ranges (including…

I've been hard at work on a NEW phishing technique I'm excited to share. I'm calling it "Vaultjacking" and the impact is honestly a bit sobering.…

I built an independent benchmark with 20 real CVEs across 15 CWE categories, 5 models (3 OpenAI, 2 Poolside Laguna), three prompt conditions: full advisory, behavioral description only, and location only (file and function, no description of the flaw).…

Provenance attestation, OIDC trusted publishing, install script risk, SHA-pinned CI actions, and slopsquatting (where LLMs hallucinate package names and attackers pre-register them).…

We found a cluster of 1,001 IPs across 306 networks and 64 countries, tied to eight shared staging servers and a single TLS and HTTP fingerprint that appears nowhere else, plus smaller botnets that fall into clean separate islands.…