PortSwigger x TryHackMe: Supporting Advent of Cyber
https://portswigger.net/blog/portswigger-x-tryhackme-supporting-advent-of-cyber
https://portswigger.net/blog/portswigger-x-tryhackme-supporting-advent-of-cyber
PortSwigger Blog
PortSwigger x TryHackMe: Supporting Advent of Cyber
Every December, TryHackMe’s Advent of Cyber brings the security community together around a simple idea: learn something new by getting hands-on. Each day during the festive season reveals a beginner-
👏5❤4
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
https://www.sonarsource.com/blog/sonarqube-compare-editions/
https://www.sonarsource.com/blog/sonarqube-compare-editions/
Sonarsource
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
SonarQube has emerged as a leading automated code review platform that empowers development teams to achieve a high level of code quality and code security.
👍3❤1
How AI is leveraged to enhance the Intigriti platform.
https://www.intigriti.com/blog/news/how-ai-is-leveraged-to-enhance-the-intigriti-platform
https://www.intigriti.com/blog/news/how-ai-is-leveraged-to-enhance-the-intigriti-platform
Intigriti
How AI is leveraged to enhance the Intigriti platform.
How Intigriti uses the implementation of AI to solve three key business challenges relating to vulnerability submissions.
❤2👎2
Introducing constant-time support for LLVM to protect cryptographic code
https://blog.trailofbits.com/2025/12/02/introducing-constant-time-support-for-llvm-to-protect-cryptographic-code/
https://blog.trailofbits.com/2025/12/02/introducing-constant-time-support-for-llvm-to-protect-cryptographic-code/
The Trail of Bits Blog
Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits developed constant-time coding support for LLVM that prevents compilers from breaking cryptographic implementations vulnerable to timing attacks, introducing the __builtin_ct_select family of intrinsics that preserve constant-time properties…
❤2
Introducing Neo, an AI security engineer for complex security tasks — ProjectDiscovery Blog
https://projectdiscovery.io/blog/introducing-neo
https://projectdiscovery.io/blog/introducing-neo
ProjectDiscovery
Introducing Neo, an AI security engineer for complex security tasks — ProjectDiscovery Blog
Neo is a cloud-based AI security engineer that works alongside your team and takes on real security tasks like a true co-engineer. As it operates, it continuously learns your systems and processes, improving over time just like an engineer ramping up on your…
👎3❤2
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Sonarsource
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
Enhance compliance and security with the new audit logs for SonarQube Cloud Enterprise plan. Get a chronological record of key IAM events, accessible via API to integrate with your SIEM tools.
❤3
InQL v6.1.0 Just Landed with New Features and Contribution Swag! 🚀 · Doyensec's Blog
https://blog.doyensec.com/2025/12/02/inql-v610.html
https://blog.doyensec.com/2025/12/02/inql-v610.html
Doyensec
InQL v6.1.0 Just Landed with New Features and Contribution Swag! 🚀
We are excited to announce a new release of our Burp Suite Extension - InQL v6.1.0! The complete re-write from Jython to Kotlin in our previous update (v6.0.0) laid the groundwork for us to start implementing powerful new features, and this update delivers…
❤2
Forwarded from Android Security & Malware
Reverse engineering Bluetooth on Amazon Kindle eReaders
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
https://sighery.com/posts/reverse-engineering-bluetooth-on-kindle-ereaders/
Sighery
Reverse engineering Bluetooth on Amazon Kindle eReaders
A journey of learning C and reverse engineering to be more efficiently lazy
❤6
Forwarded from Android Security & Malware
[Beginners] All About Android Pentesting: A Complete Methodology
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1
Medium
All About Android Pentesting: A Complete Methodology
Complete Android application security testing guide: Static & dynamic testing, root detection bypass, SSL pinning, and common vuln…
Critical RCE Vulnerabilities Discovered in React & Next.js | Wiz Blog
https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182
https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182
wiz.io
React2Shell (CVE-2025-55182): Critical React Vulnerability | Wiz Blog
React2Shell (CVE-2025-55182) is a critical RCE vulnerability in React Server Components. Learn which versions are impacted and how to mitigate.
❤11
Android expands pilot for in-call scam protection for financial apps
http://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
http://security.googleblog.com/2025/12/android-expands-pilot-in-call-scam-protection-financial-apps.html
Google Online Security Blog
Android expands pilot for in-call scam protection for financial apps
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Goo...
❤3
Prompt Injection Inside GitHub Actions: The New Frontier of Supply Chain Attacks
https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents
https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents
www.aikido.dev
Prompt Injection Inside GitHub Actions: The New Frontier of Supply Chain Attacks
AI-driven GitHub Actions expose new prompt-injection supply chain vulnerabilities.
❤6
Release v3.6.0 · projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei/releases/tag/v3.6.0
https://github.com/projectdiscovery/nuclei/releases/tag/v3.6.0
GitHub
Release v3.6.0 · projectdiscovery/nuclei
What's Changed
✨ New Features
Write resume file specified by flag by @circleous (#6616)
Javascript Multi-Port Support by @pussycat0x (#6501)
Direct fuzzing using target URL for OpenAPI/Swagger...
✨ New Features
Write resume file specified by flag by @circleous (#6616)
Javascript Multi-Port Support by @pussycat0x (#6501)
Direct fuzzing using target URL for OpenAPI/Swagger...
❤1
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
https://www.sonarsource.com/blog/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
Sonarsource
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
Enhance compliance and security with the new audit logs for SonarQube Cloud Enterprise plan. Get a chronological record of key IAM events, accessible via API to integrate with your SIEM tools.
❤3
When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection
https://appomni.com/ao-labs/ai-agent-to-agent-discovery-prompt-injection/
https://appomni.com/ao-labs/ai-agent-to-agent-discovery-prompt-injection/
AppOmni
When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection
See how prompt injection attacks work in ServiceNow to perform unauthorized actions, and how to defend against it with AppOmni AgentGuard.
❤1
How to detect React2Shell with Burp Suite
https://portswigger.net/blog/how-to-detect-react2shell-with-burp-suite
https://portswigger.net/blog/how-to-detect-react2shell-with-burp-suite
❤8👎2
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
https://www.sonarsource.com/blog/sonarqube-compare-editions/
https://www.sonarsource.com/blog/sonarqube-compare-editions/
Sonarsource
SonarQube Compare Community vs Developer vs Enterprise vs Data Center
SonarQube has emerged as a leading automated code review platform that empowers development teams to achieve a high level of code quality and code security.
❤3