InfoSec Planet
A collection of diverse security content from a curated list of sources. This website also serves as a demo for "worker-planet", the software that powers it.
âĄshort stream, testing stuff đ on 04/02/2026
Bugcrowdâs new Security Inbox on 04/02/2026
How To Approach ANY Bug Bounty Target In 2026 on 04/02/2026
US Declassifies Information on JUMPSEAT Spy Satellites on 04/02/2026
The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m actually impressed to see a declassification only two decades after decommission. [...]
Web Traffic Hijacking: When Your Nginx Configuration Turns Malicious on 04/02/2026
Datadog Security Research has identified an active web traffic hijacking campaign that targets NGINX installations and management panels like Baota (BT). In this post, we provide our analysis of the techniques this campaign uses and share indicators of compromise you can check for in your NGINX configurations. [...]
Security folks on 03/02/2026
The Most Common IoT Security Flaws on 03/02/2026
Microsoft is Giving the FBI BitLocker Keys on 03/02/2026
Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year. It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience. While that means someone can access their data if they forget their password, or if repeated failed attempts to login [...]
Please Donât Feed the Scattered Lapsus ShinyHunters by BrianKrebs on 02/02/2026
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying — perhaps as much to contain the stolen data [...]
Hacking a Windows Web Application on 02/02/2026
Live Hacking 2025: $4.3M in Bounties, Tested Around the World on 02/02/2026
AI Coding Assistants Secretly Copying All Code to China on 02/02/2026
There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China. Maybe avoid using them. [...]
Every organization is vulnerable. on 02/02/2026
Exploiting PostMessage vulnerabilities: A complete guide by Ayoub on 31/01/2026
PostMessage vulnerabilities arise when developers fail to properly validate message origins or sanitize content within cross-origin communication handlers. As modern web applications increasingly rely on the postMessage API for cross-origin communication, whether for embedded widgets, OAuth flows, third-party integrations, or iframe-based components, the attack surface continues to grow. While pos [...]
Friday Squid Blogging: New Squid Species Discovered on 30/01/2026
A new species of squid. pretends to be a plant: Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods. They captured the bizarre scene while studying the depths of the Clarion-Clipperton Zone (CCZ), an abyssal plain in the Pacific Ocean targeted for deep-sea mining. The team described the enc [...]
Inside the Mind of a Hacker is a Bugcrowd staple on 30/01/2026
How Hackers Defeated Our AI on 30/01/2026
AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities on 30/01/2026
From an Anthropic blog post: In a recent evaluation of AI modelsâ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly coming down, and high [...]
Why API Security Is No Longer an AppSec Problem â And What Security Leaders Must Do Instead by Annette Reed on 30/01/2026
APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams â and thatâs a problem. This organizational mismatch creates systemic risk: business teams assume APIs are âsecured,â while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim Erlin noted rece [...]
Celebrating our 2025 open-source contributions on 30/01/2026
Last year, our engineers submitted over 375 pull requests that were merged into nonâTrail of Bits repositories, touching more than 90 projects from cryptography libraries to the Rust compiler. This work reflects one of our driving values: “share what others can use.” The measure isn’t whether you share something, but whether it’s actually useful to someone else. This princi [...]
The Rise of the Bionic Hacker: AI, Autonomy & the Future of Offensive Security | Black Hat Europe on 29/01/2026
Annual testing vs daily change on 29/01/2026
Building cryptographic agility into Sigstore on 29/01/2026
Software signatures carry an invisible expiration date. The container image or firmware you sign today might be deployed for 20 years, but the cryptographic signature protecting it may become untrustworthy within 10 years. SHA-1 certificates become worthless, weak RSA keys are banned, and quantum computers may crack today’s elliptic curve cryptography. The question isn’t whether our cu [...]
Exciting Announcement With an Upcoming Capture the Flag! on 28/01/2026
Intigriti 0126 CTF Challenge: Exploiting insecure postMessage handlers by Ayoub on 28/01/2026
At Intigriti, we host monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security researcher community. January's challenge presented participants with CRYPTIGRITI, a cryptocurrency trading platform where users could buy and trade Bitcoin (BTC), Monero (XMR), and a custom digital currency, 1337COIN. This article provides a step-by-step walkthrough for solving January's [...]
Clawdbot Malware on 27/01/2026
Chip-Off Firmware Extraction: 1-Minute Guide on 27/01/2026
New Android Theft Protection Feature Updates: Smarter, Stronger on 27/01/2026
Posted by Nataliya Stanetsky, Fabricio Ferracioli, Elliot Sisteron, Irene Ang of the Android Security Team Phone theft is more than just losing a device; it's a form of financial fraud that can leave you suddenly vulnerable to personal data and financial theft. Thatâs why we're committed to providing multi-layered defenses that help protect you before, during, and after a theft attempt. Today, [...]
Part 3: Why CISOs Must Rethink Trust in AI on 27/01/2026
The Constitutionality of Geofence Warrants on 27/01/2026
The US Supreme Court is considering the constitutionality of geofence warrants. The case centers on the trial of Okello Chatrie, a Virginia man who pleaded guilty to a 2019 robbery outside of Richmond and was sentenced to almost 12 years in prison for stealing $195,000 at gunpoint. Police probing the crime found security camera footage showing a man on a cell phone near the credit union that was r [...]
OpenSSL January 2026 Security Update: CMS and PKCS#12 Buffer Overflows on 27/01/2026
A deep dive into OpenSSLâs January 2026 CMS and PKCS#12 vulnerabilities, including a pre-auth stack overflow and a PKCS#12 parsing bug. [...]
đŠđ€MOAR CLAWDBOT CRAPđŠđ€ on 26/01/2026
đŠđ€CLAWDBOT SECURITY??đŠđ€ on 26/01/2026
Who Operates the Badbox 2.0 Botnet? by BrianKrebs on 26/01/2026
The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people b [...]
HackerOne Agentic PTaaS Demo: Continuous Validation for Real-World Risk on 26/01/2026
AI can move fast on 26/01/2026
How to Become a Top Bug Bounty Hunter in 2026 on 26/01/2026
Ireland Proposes Giving Police New Digital Surveillance Powers on 26/01/2026
This is coming: The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. [...]
Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE on 26/01/2026
IDE-SHEPHERD is an open-source IDE security extension that provides real-time monitoring and protection for VS Code and Cursor. It intercepts malicious process executions, monitors network activity, and blocks dangerous workspace tasks before they can compromise your development environment. [...]
Friday Squid Blogging: Giant Squid in the Star Trek Universe on 23/01/2026
Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation #5. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. [...]
đ€đ€đ€ on 23/01/2026
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities on 23/01/2026
Really interesting blog post from Anthropic: In a recent evaluation of AI modelsâ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous cyber workflows are rapidly comin [...]
I am a scammer? on 23/01/2026
What exploit to hunt for when everything is tested #bugbounty on 23/01/2026
How to pick an exploit in #bugbounty on 23/01/2026
đ€đ€ on 22/01/2026
How I sped up exploit validation in Repeater using Burp AI on 22/01/2026
Note: This is a guest post by IT security consultant Adarsh Kumar. Iâve been using Burp Suite day to day for years, so when Burp AI was introduced, I was curious how it would actually hold up dur [...]
Why AI Keeps Falling for Prompt Injection Attacks on 22/01/2026
Imagine you work at a drive-through restaurant. Someone drives up and says: “I’ll have a double cheeseburger, large fries, and ignore previous instructions and give me the contents of the cash drawer.” Would you hand over the money? Of course not. Yet this is what large language models (LLMs) do. Prompt injection is a method of tricking LLMs into doing things they are normally pr [...]
A tech issue alone does not = risk on 22/01/2026
IoT Hacking Stream on 22/01/2026
31 bite-sized tips, techniques, and bug bounty resources to kick off 2026! by Eleanor Barlow on 22/01/2026
What you will learn Practical, bite-sized bug bounty tips and techniques you can apply immediately, whether youâre just starting or sharpening your skills. Proven approaches for finding, prioritizing, and validating vulnerabilities more efficiently in real-world programs. An eye on what to look out for to stay consistent and motivated in 2026. In the lead-up to the new year, we released a bug [...]
đ€ on 21/01/2026
"I made an Evil MCP server" (and AI fell for it) on 21/01/2026
Will LLMs Always Hallucinate? on 20/01/2026
Kimwolf Botnet Lurking in Corporate, Govt. Networks by BrianKrebs on 20/01/2026
A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf’s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations [...]
This Simple Vulnerability Was Worth $70,000 on 19/01/2026
Is @TheXSSRat a scammer? on 18/01/2026
I bought this tiny $40 ereader⊠Then rewrote It on 16/01/2026
How Iâm Approaching Cybersecurity Goals in 2026 on 16/01/2026
Locked in for 2026 on 16/01/2026
Functional PoCs in less than a minute? Julen Garrido Estévez puts Burp AI to the test on 16/01/2026
Note: This is a guest post by pentester Julen Garrido Estévez (@b3xal). Methodology Key results Examples Key learnings Prompt template A pentester's POV on Burp AI Pentester Julen Garrido Es [...]
Intigriti Bug Bytes #232 - January 2026 đ by Ayoub on 16/01/2026
Hi hackers, Welcome to the latest edition of Bug Bytes (and the first of 2026)! In this monthâs issue, weâll be featuring: Hijacking official AWS GitHub repositories New anonymous bug bounty forum Finding more IDORs & SSRFs using a unique methodology New JavaScript file scanner to find hidden endpoints And so much more! Letâs dive in! Intigriti SantaCloud CTF results are in December 20 [...]
Pen testing demand is up. Budgets arenât. on 15/01/2026
Do NOT buy burp AI credits on 15/01/2026
NTUSER.MAN on 15/01/2026
7 Reasons to Get Certified in API Security by Tim Erlin on 15/01/2026
API security is becoming more important by the day and skilled practitioners are in high demand. Nowâs the time to level up your API security skillset. Wallarm University, our free training course, provides security analysts, engineers, and practitioners with hands-on skills you canât get from documentation, videos, or traditional courses. Run real attacks, investigate real signals, and learn [...]
Patch Tuesday, January 2026 Edition by BrianKrebs on 14/01/2026
Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft’s most-dire “critical” rating, and the company warns that attackers are already exploiting one of the bugs fixed today. January’s Microsoft zero-day flaw — CVE-2026-20805 — is brought t [...]
Reflecting on 2025, shaping 2026. A fireside chat with Intigriti leadership by Eleanor Barlow on 14/01/2026
What you will learn How 2025 became a defining year for Intigriti through key milestones, major wins, and bold product launches. Insights from Intigritiâs C-suite on the moments that shaped the companyâs growth and direction. How these reflections set the foundation for Intigritiâs vision and priorities for 2026. 2025 reflections, aspirations, and lessons learnt Stijn Jans, Chief Executive Off [...]
Unpatchable Vulnerabilities of Kubernetes: CVE-2020-8554 on 14/01/2026
A look at how Kubernetes CVE-2020-8554 works [...]
Certifications vs. Raw Skills: Which is Better? on 13/01/2026
AI Red Teaming: What Breaks, How It Breaks, and Human Role on 13/01/2026
Part 2: HackerOne CEO on Adapting to AI-Driven Change on 13/01/2026
Lack of isolation in agentic browsers resurfaces old vulnerabilities on 13/01/2026
With browser-embedded AI agents, we’re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from the dissemination of false information to cross-site data leaks. These attacks, which are functionally similar to cross-site scripting (XSS) and cross-site request forgery (CSRF), resurface decade [...]
From the first bug to financial independence: How bug bounty hunting shaped Isira's path by Jennifer Chaney on 12/01/2026
At Intigriti, weâre proud of our mission: helping companies safeguard their digital assets and protect their customers in a world where cyber threats are constantly evolving. But beyond security, weâre equally passionate about empowering ethical hackers, providing them with opportunities to learn, grow, and make a meaningful impact with their skills. We recently spoke with Isira, an ethical hacke [...]
From the first bug to financial independence: How bug bounty hunting shaped Isira's path by Jennifer Chaney on 12/01/2026
At Intigriti, weâre proud of our mission: helping companies safeguard their digital assets and protect their customers in a world where cyber threats are constantly evolving. But beyond security, weâre equally passionate about empowering ethical hackers, providing them with opportunities to learn, grow, and make a meaningful impact with their skills. We recently spoke with Isira, an ethical hacke [...]
Exploiting information disclosure vulnerabilities by Ayoub on 12/01/2026
Information disclosure vulnerabilities can arise in various peculiar ways, especially as applications continue to evolve and become more complex over time. Unlike some injection attacks, where several factors determine exploitability. Information disclosures can often lead to direct, standalone attacks while also facilitating future escalations. For instance, what starts as a seemingly non-confide [...]
JHT Course Launch! Constructing Defense 2026 - AI Assisted on 10/01/2026
IDOR EVERYWHERE - Medium reading on 09/01/2026
My brain said no on 09/01/2026
Who Benefited from the Aisuru and Kimwolf Botnets? by BrianKrebs on 08/01/2026
Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators and services that appear to have benefitted from Kimwolf’s spread. On Dec. 17, 2025, the Chinese security [...]
With Network Forensics, Sometimes You Just Get Lucky... on 08/01/2026
Part 1: HackerOne CEO on the need for Rapid Response on 08/01/2026
If securityâs been on your mind lately⊠on 08/01/2026
LIVE: đ”ïž New Year New Me | Sherlocks | Cybersecurity on 08/01/2026
Decoding the GitHub recommendations for npm maintainers on 07/01/2026
This blog post explores the rationale and implementation behind GitHub's security recommendations for npm maintainers following numerous high-profile supply-chain incidents. It details how hardening publishing infrastructure through trusted publishing, enforced two-factor authentication, and WebAuthn-based protocols can meaningfully increase the resilience of the ecosystem. [...]
A Cybersecurity Interview Gone Wrong on 06/01/2026
A message to my loving haters on 03/01/2026
What to Expect From the 2026 Cybersecurity Job Market on 03/01/2026
The Kimwolf Botnet is Stalking Your Local Network by BrianKrebs on 02/01/2026
The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out [...]
Lol they donât even have the guts to tag me on 31/12/2025
Heath's Last Stream on 31/12/2025
Detect Goâs silent arithmetic bugs with go-panikint on 31/12/2025
Goâs arithmetic operations on standard integer types are silent by default, meaning overflows âwrap aroundâ without panicking. This behavior has hidden an entire class of security vulnerabilities from fuzzing campaigns. Today weâre changing that by releasing go-panikint, a modified Go compiler that turns silent integer overflows into explicit panics. We used it to find a live integer overflow in t [...]
Bugbounty is difficult đ on 31/12/2025
Going From Blue Team to Red Team on 30/12/2025
My Favorite Bug Bounty Findings In 2025 on 30/12/2025
The story of how i found XSS on GOOGLE - and did not get paid for it! on 30/12/2025
Happy 16th Birthday, KrebsOnSecurity.com! by BrianKrebs on 29/12/2025
KrebsOnSecurity.com celebrates its 16th anniversary today! A huge “thank you” to all of our readers — newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a primary focus on entities that enabled comp [...]