Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025
https://specterops.io/blog/2026/06/10/oops-i-weaponized-the-database-abusing-ai-features-in-mssql-2025/
https://specterops.io/blog/2026/06/10/oops-i-weaponized-the-database-abusing-ai-features-in-mssql-2025/
SpecterOps
Oops, I Weaponized the Database: Abusing AI Features in SQL Server 2025
New native AI features in Microsoft SQL Server 2025 provide a practical channel for data exfiltration and C2 transport within the database engine itself.
π₯6β€5
Securing the uncharted territories of AI systems. A discussion with Leo Racanelli
https://www.intigriti.com/blog/business-insights/securing-the-uncharted-territories-of-ai-systems-a-discussion-with-leo-racanelli
https://www.intigriti.com/blog/business-insights/securing-the-uncharted-territories-of-ai-systems-a-discussion-with-leo-racanelli
Intigriti
Securing the uncharted territories of AI systems. A discussion with Leo Racanelli
Few conversations cut through the noise to ask what AI means for those on the ground: the hunters, the security engineers, and the organizations trying to secure their data.In this blog, we open up that discussion, with insights from Leo Racaneli.
Release v3.9.0 Β· projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei/releases/tag/v3.9.0
https://github.com/projectdiscovery/nuclei/releases/tag/v3.9.0
GitHub
Release v3.9.0 Β· projectdiscovery/nuclei
What's Changed
π New Features
Added support for protocol redirects by @Mzack9999 in #7296
Added impacket integration by @Mzack9999 in #7356
Added wmi, tsch, scmr, and dcom helper modules for J...
π New Features
Added support for protocol redirects by @Mzack9999 in #7296
Added impacket integration by @Mzack9999 in #7356
Added wmi, tsch, scmr, and dcom helper modules for J...
β€3
Visa Vulnerability Agentic Harness β Agentic SAST Pipeline
https://github.com/visa/visa-vulnerability-agentic-harness
https://github.com/visa/visa-vulnerability-agentic-harness
GitHub
GitHub - visa/visa-vulnerability-agentic-harness: Visa Vulnerability Agentic Harness
Visa Vulnerability Agentic Harness. Contribute to visa/visa-vulnerability-agentic-harness development by creating an account on GitHub.
β€7
MCP Client OAuth Refresh-Token Support Matrix (June 2026)
https://redcaller.com/docs/references/mcp-client-oauth-refresh-token-support
https://redcaller.com/docs/references/mcp-client-oauth-refresh-token-support
Redcaller
MCP Client OAuth Refresh-Token Support Matrix (June 2026) | RedCaller Docs
A compatibility matrix tracking OAuth refresh-token support across 14 MCP clients. Covers status, root causes, SDK layers, and server-side workarounds.
β€5π2
I Accidentally Logged as Admin Into a Threat Actor Website
https://potato.id/en/posts/i-accidentally-logged-into-threat-actor-website/
https://potato.id/en/posts/i-accidentally-logged-into-threat-actor-website/
Jonias Fortuna
I Accidentally Logged as Admin Into a Threat Actor Website
I accidentally logged into a malicious website operated by threat actors after scrolling X. Here's how I do that.
π5β€3π₯2
Burp Suite Professional: browser-powered crawl can write attacker-controlled files through file input handling
https://hackerone.com/reports/3712279
https://hackerone.com/reports/3712279
HackerOne
PortSwigger Web Security disclosed on HackerOne: Burp Suite...
## Target
Burp Suite Professional 2026.3.3 on Windows.
## Summary
When Burp Scanner's browser-powered crawler crawls an attacker's website, the website can force Burp to write an...
Burp Suite Professional 2026.3.3 on Windows.
## Summary
When Burp Scanner's browser-powered crawler crawls an attacker's website, the website can force Burp to write an...
β€7
SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon
https://www.varonis.com/blog/searchleak
https://www.varonis.com/blog/searchleak
Varonis
SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon
Varonis Threat Labs discovered SearchLeak, a critical vulnerability chain in Microsoft 365 Copilot Enterprise that allows an attacker to steal sensitive data β MFA codes, email messages, meeting details, and private organizational files β with a single click.
β€4
Unauthenticated file upload in Amasty Order Attributes for Magento https://sansec.io/research/amasty-order-attributes-file-upload
Sansec
Unauthenticated file upload in Amasty Order Attributes for Magento
An unauthenticated arbitrary file upload flaw in Amasty Order Attributes lets attackers write executable files to a Magento store without logging in, opening...
β€3π3π1
humiliating iis servers for fun and jail time
https://mll.sh/humiliating-iis-servers-for-fun-and-jail-time/
https://mll.sh/humiliating-iis-servers-for-fun-and-jail-time/
miguel llamazares
humiliating iis servers for fun and jail time
A friend of mine once told me: If you ever spot an IIS blue screen, donβt stop there; there must be something.
π4β€3π2π₯1
The gift that keeps giving: Exploiting Git Integrations in Cloud Services
https://nopnop.pro/2026/06/17/exploiting-git-integrations-in-cloud-services/
https://nopnop.pro/2026/06/17/exploiting-git-integrations-in-cloud-services/
Arbitrary
The gift that keeps giving: Exploiting Git Integrations in Cloud Services
1. Introduction
β€3π1
Hacking in the age of AI: LLMs, agentic CLIs and MCP servers for Bug Bounty hunters
https://www.yeswehack.com/learn-bug-bounty/llm-bug-bounty-hunting-agentic-cli
https://www.yeswehack.com/learn-bug-bounty/llm-bug-bounty-hunting-agentic-cli
YesWeHack
How to hack with LLMs, agentic CLIs and MCP servers
Discover how LLMs, agentic CLIs and MCP servers boost Bug Bounty workflows while keeping manual validation at the core of vulnerability research.
β€3π1π1
CVE-2026-5667: The Secret Life of Probe Requests β Mitsubishi MAC-577IF-2E WiFi Adapter
https://innerfirez.github.io/posts/the-secret-life-of-probe-requests/
https://innerfirez.github.io/posts/the-secret-life-of-probe-requests/
Messing with Code So You Donβt Have To
CVE-2026-5667: The Secret Life of Probe Requests β Mitsubishi MAC-577IF-2E WiFi Adapter
CVE-2026-5667 β Unauthenticated remote control of Mitsubishi MAC-577IF-2E WiFi air conditioner adapters discovered via citywide probe request reconnaissance. Full technical writeup with PoC methodology.
β€3
AutoJack: How a single page can RCE the host running your AI agent
https://www.microsoft.com/en-us/security/blog/2026/06/18/autojack-single-page-rce-host-running-ai-agent/
https://www.microsoft.com/en-us/security/blog/2026/06/18/autojack-single-page-rce-host-running-ai-agent/
Microsoft News
AutoJack: How a single page can RCE the host running your AI agent
AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackersβ¦
β€5
We have Mythos at Home: GLM 5.2 beats Claude in our Cyber Benchmarks
https://semgrep.dev/blog/2026/we-have-mythos-at-home-glm-52-beats-claude-in-our-cyber-benchmarks
https://semgrep.dev/blog/2026/we-have-mythos-at-home-glm-52-beats-claude-in-our-cyber-benchmarks
Semgrep
We have Mythos at Home: GLM 5.2 beats Claude in our Cyber Benchmarks
Among models given nothing but a prompt, the best open-weight option beat Claude Opus 4.8.
β€2
Exploiting vulnerabilities in Johnson & Johnson web apps
https://eaton-works.com/2026/06/24/jnj-webapp-hacks/
https://eaton-works.com/2026/06/24/jnj-webapp-hacks/
Eaton-Works
Exploiting vulnerabilities in Johnson & Johnson web apps
Campus Recruiting vulnerability exposed student information, and Audit Tracking Management System vulnerability exposed confidential internal audit data.
π1