reddit.com

/r/netsec - Information Security News & Discussion

Get the latest updates from /r/netsec - Information Security News & Discussion directly as they happen.

Follow now 626 followers

Latest posts

Last updated about 3 hours ago

More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs

about 3 hours ago

submitted by /u/dx7r__ [link] [comments]

Read full

Apple’s Siri-AI, or more shouting into the void about “private” agents

about 9 hours ago

submitted by /u/feross [link] [comments]

Read full

Entra Agent ID from a Security Perspective

about 14 hours ago

submitted by /u/GonzoZH [link] [comments]

Read full

X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection

about 15 hours ago

Did some digging into why pasting from X.com triggers "malicious injection" warnings...

Read full

WinGet - Code Execution, Persistence and Detection Strategies

about 16 hours ago

submitted by /u/netbiosX [link] [comments]

Read full

I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue

about 18 hours ago

I scanned Chrome extension manifests for chrome_settings_overrides and found 23 extensions silently...

Read full

I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information

about 21 hours ago

submitted by /u/Magnese1625 [link] [comments]

Read full

AI Agents May Always Fall for Prompt Injections

about 22 hours ago

submitted by /u/User_Deprecated [link] [comments]

Read full

Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it

1 day ago

submitted by /u/Turbulent-Tap6723 [link] [comments]

Read full

EDRChoker: Choking The Telemetry Stream to Bypass Defenses

3 days ago

EDRChoker uses Policy-based Quality of Service (QoS) to set hard bandwidth caps...

Read full

PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware

3 days ago

TL;DR: Bought an Attack Shark R85 HE from FREEWOLF US on Amazon...

Read full

CVE-2026-46640: Developing payloads for Twig sandbox bypass

3 days ago

I recently learned about multiple sandbox bypasses discovered in Twig by project...

Read full

Everything you care about in one place

/r/netsec - Information Security News & Discussion

Latest posts

More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) - watchTowr Labs

Apple’s Siri-AI, or more shouting into the void about “private” agents

Entra Agent ID from a Security Perspective

X.com silently injects session-bound tracking tokens into your clipboard on every copy — security tools correctly flag this as malicious injection

WinGet - Code Execution, Persistence and Detection Strategies

I found 23 Chrome extensions hijacking 758,000 users' searches for affiliate revenue

I just completed Search Skills room on TryHackMe! Learn to efficiently search the Internet and use specialised services and technical docs for information

AI Agents May Always Fall for Prompt Injections

Arc Gate — runtime governance proxy for AI agents, catches multi-turn prompt injection via geometric drift detection — try to break it

EDRChoker: Choking The Telemetry Stream to Bypass Defenses

PSA: Attack Shark R85 HE (FREEWOLF US / Amazon) — BadUSB credential harvester, confirmed malware

CVE-2026-46640: Developing payloads for Twig sandbox bypass

Try Feeder for free