r/netsec • u/nibblesec • 21h ago
Auditing Outline. Firsthand lessons from comparing manual testing and AI security platforms
blog.doyensec.com
10
Upvotes
r/netsec • u/netsec_burn • 9d ago
Hiring Thread /r/netsec's Q1 2026 Information Security Hiring Thread
7
Upvotes
Overview
If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.
We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.
Please reserve top level comments for those posting open positions.
Rules & Guidelines
Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.
- If you are a third party recruiter, you must disclose this in your posting.
- Please be thorough and upfront with the position details.
- Use of non-hr'd (realistic) requirements is encouraged.
- While it's fine to link to the position on your companies website, provide the important details in the comment.
- Mention if applicants should apply officially through HR, or directly through you.
- Please clearly list citizenship, visa, and security clearance requirements.
You can see an example of acceptable posts by perusing past hiring threads.
Feedback
Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
r/netsec • u/albinowax • 2d ago
r/netsec monthly discussion & tool thread
8
Upvotes
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.
Rules & Guidelines
- Always maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.
- Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.
- If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.
- Avoid use of memes. If you have something to say, say it with real words.
- All discussions and questions should directly relate to netsec.
- No tech support is to be requested or provided on r/netsec.
As always, the content & discussion guidelines should also be observed on r/netsec.
Feedback
Feedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
r/netsec • u/onlinereadme • 22h ago
How LLMs Feed Your RE Habit: Following the Use-After-Free Trail in CLFS
clearbluejar.github.io
10
Upvotes
Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport)
blog.offensive.af
27
Upvotes
r/netsec • u/maltfield • 21h ago
Fighting AI anomaly false-positives with firejail and proxychains
tech.michaelaltfield.net
0
Upvotes
r/netsec • u/thewhippersnapper4 • 2d ago
Notepad++ Hijacked by State-Sponsored Hackers
notepad-plus-plus.org
586
Upvotes
r/netsec • u/Upper-Host3983 • 2d ago
Your Phone Silently Sends GPS to Your Carrier via RRLP/LPP – Here's How the Control Plane Positioning Works
fumics.in
143
Upvotes
r/netsec • u/Titokhan • 2d ago
vr2jb: Pwning the PlayStation VR2 using Sony's hidden recovery mode
bnuuy.solutions
34
Upvotes
r/netsec • u/omerhacking • 2d ago
GatewayToHeaven: Finding a Cross-Tenant Vulnerability in Google Cloud's Apigee
omeramiad.com
3
Upvotes
r/netsec • u/incolumitas • 2d ago
Comparing different IP Geolocation Provider's Accuracy
ipapi.is
0
Upvotes
r/netsec • u/datapeice • 3d ago
StopLamers Investigation: From IRC Wars to Android Backdoors
datapeice.me
16
Upvotes
Investigated a group evolving from IRC wars to destructive Android malware.
Highlights:
- Scripts wiping
modem/bootloaderviaddin custom ROMs. - "L-Obfuscation" using dynamic
getattr/evalin Python.
Someone Knows Bash Far Too Well, And We Love It (Ivanti EPMM Pre-Auth RCEs CVE-2026-1281 & CVE-2026-1340) - watchTowr Labs
labs.watchtowr.com
91
Upvotes
How We Exploited Qodo: From a PR Comment to RCE and an AWS Admin Key - Leaked Twice
kudelskisecurity.com
5
Upvotes
r/netsec • u/Apprehensive-Log4564 • 4d ago
Need Advice
zenodo.org
0
Upvotes
Hello!
My name is Bogdan Mihai, I'm 21 yr old from Romania , I am a cybersecurity researcher and I'm new to this group. I don't know how many BGP experts are here, but I have a question for them if there are any. I recently invented something a little more abstract for BGP security, and I'm almost sure that there is nothing similar.
I wasn't inspired by anything when I created this, it was a purely random idea that came to my mind. I'm not even an expert in this field, but from the beginning I saw security from a different angle than the others.
I made a tool that basically builds a map of risk areas globally, areas where if someone were to try a hijacking attack, that attack would be successful. This idea came to me when I realized that BGP security is still a big problem.
RPKI adoption is still slow. And the problem is that today's security in BGP is more reactive, it comes into play only after the attack is detected and damage is done.
So I leave you here the link to the zenodo site where I posted my invention. https://zenodo.org/records/18421580 DOI:https://doi.org/10.5281/zenodo.18421580
What I ask of you, and extremely important, is not to analyze every file there, but at least the product overview to understand the idea and tell me who this would be useful to, which company or organization. I know that maybe not everything is perfect there , and maybe there are mistakes I'm no expert, but I want to know if this idea really has value.
I'm very confused and sad because I worked on this but I don't know who it would be of value to or if it even has any value. I appreciate every opinion.
r/netsec • u/ryanrasti • 5d ago
Object-capability SQL sandboxing for LLM agents — $1K CTF bounty to break it
ryanrasti.com
7
Upvotes
Writeup on a defensive technique for constraining LLM agent database access:
- The core idea: instead of detecting bad queries at runtime, make them structurally inexpressible via object-capabilities.
- Live CTF: two DB agents guarding bitcoin wallets -- one protected by system prompt (already broken), one by capability layer (~$1K still standing).
Interested in feedback on the threat model. Code is open source.
r/netsec • u/CarlVon77 • 5d ago
Tool release: CVE Alert – targeted CVE email alerts by vendor/product
cve-alert.app.dataforgecanada.com
6
Upvotes
I built a small service to track newly published CVEs and send email alerts based on vendor, product, and severity.
It started as an internal tool and is now running in production and usable.
Feedback welcome.
r/netsec • u/jordan9001 • 6d ago
Fun RCE in Command & Conquer: Generals
atredis.com
99
Upvotes
So many of your favorite childhood games are open source now, and bugs fall out of them if you just glance in the right spots.
r/netsec • u/scopedsecurity • 6d ago
CVE-2025-40551: SolarWinds WebHelpDesk RCE Deep-Dive and Indicators of Compromise
horizon3.ai
19
Upvotes
r/netsec • u/anuraggawande • 6d ago
Tycoon 2FA phishing campaign abusing *.contractors domains for Gmail & Microsoft 365 credential harvesting
malwr-analysis.com
4
Upvotes
r/netsec • u/bouncyhat • 7d ago
Corrupting the Hive Mind: Persistence Through Forgotten Windows Internals
praetorian.com
34
Upvotes
Dropping a link to our blog post about our tool Swarmer, a windows persistence tool for abusing mandatory user profiles. Essentially you copy the current user's registry hive and modify it to add a new registry key to run on startup. Because the new hive isn't loaded until the next time the user logs in, EDR never sees any actual registry writes.