Attacks & Vulnerabilities
|
Claw Chain: Cyera Research Unveil Four Chainable Vulnerabilities in OpenClaw (5 minute read)
OpenClaw contains four chained flaws: a TOCTOU write escape that enables host changes, env-var leakage of secrets, a loopback bug that grants owner rights, and a TOCTOU read escape that exposes files. Attackers can move from a malicious plugin or prompt to data theft, privilege escalation, and persistence on widely exposed OpenClaw instances, so patching and secret rotation cannot wait.
|
Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt (2 minute read)
An attacker used a stolen token to access Grafana's GitHub environment and download its codebase, then demanded payment to keep the data private. Grafana invalidated the credentials, added extra security controls, and refused to pay. Reports link the extortion attempt to the CoinbaseCartel group, which focuses on data theft and extortion across multiple sectors.
|
|
Mythos for Offensive Security: XBOW's Evaluation (10 minute read)
Anthropic gave XBOW early access to Mythos Preview, which XBOW ran through internal pentest-style benchmarks, live workflows, and source-audit scenarios to see how well it drives real vulnerability discovery. Mythos Preview sharply reduces false negatives on XBOW's web exploit benchmark and is especially strong at reading and reasoning about source code, including native targets and reverse engineering firmware and Chromium components. It struggles more with live-site validation, edge-case command safety, and cost efficiency, so XBOW positions it as one strong model among several rather than a single default engine.
|
Runtime Instrumentation of Qt6 Apps with Frida - Part 1: Getting Visibility (10 minute read)
Using HackPass on Qt6/Windows to show how to instrument thick clients with Frida by tracing every readable QString buffer. Tapping QMetaObject::activate to log live signal emissions, walking QMetaObject structures to enumerate methods and Q_INVOKABLEs for internal classes like VaultManager and PolicyClient, and then invoking those Q_INVOKABLEs directly through qt_static_metacall so you can lock the vault, drive app state, and script interactions without touching the UI.
|
A Framework for AI Threat Readiness (12 minute read)
Recent advancements in AI-driven vulnerability discovery have caused a fundamental shift in vulnerability remediation. Teams can begin preparing by eliminating critical risks, reducing their exposed attack surface, and scanning any remaining exposed surface. Teams can then focus on accelerating their patching timelines, performing proactive, deep-code scans with AI, and responding to threats in real time. This guide includes a breakdown of each step, automations that could be useful to teams, and relevant metrics.
|
|
Endpoint Compromise Should Trigger Identity Response (Sponsor)
Modern infostealers turn endpoint access into identity compromise fast. See why isolating a host is no longer enough, and how correlating endpoint telemetry with logged-in cloud identities enables immediate session revocation, account disablement, and faster containment before stolen credentials drive lateral movement, BEC, or broader SaaS abuse elsewhere. Read the blog.
|
vmm (GitHub Repo)
vmm lets you run container images as lightweight virtual machines on macOS, providing full Linux VM isolation with the familiar Docker workflows.
|
|
Running Codex Safely at OpenAI (5 minute read)
At OpenAI, Codex is deployed with the goals of keeping the agent inside clear technical boundaries, letting developers move quickly on low-risk actions, and making high-risk actions explicit. OpenAI deploys Codex in a tightly controlled sandbox and uses an auto-approval subagent for actions that cross the sandbox boundary, a tightly controlled network and authentication policy, and custom rules to allow fine-grained decisions on shell commands. Centralized configs and related are distributed to devices to standardize policies.
|
Where OpenClaw Security Is Heading (8 minute read)
OpenClaw detailed its layered defense roadmap for its agentic AI assistant, covering fs-safe (a shared library enforcing root-bounded filesystem primitives against traversal and absolute-path writes), Proxyline (a Node-process routing layer that pushes SSRF policy to egress through a configured filtering proxy rather than pre-fetch URL validation), and ClawHub trust signals that block install of releases marked malicious or quarantined. Command approval now parses inner chains inside bash -c wrappers via Tree-sitter to defeat allowlist bypasses, with contextual approval and OpenAI Auto Review aimed at reducing prompt fatigue that drives users into YOLO mode. A 148-rule OpenGrep precise rulepack tied to past GHSAs runs on PR diffs for regression and variant detection, with CodeQL alongside for deeper semantic coverage.
|
Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total (4 minute read)
Pwn2Own Berlin 2026 closed with 47 zero-days and $1,298,250 in payouts as DEVCORE claimed Master of Pwn with 50.5 points and $505,000 (highlighted by splitline's two-bug SharePoint chain for $100,000), STARLabs SG's Nguyen Hoang Thach took $200,000 for a VMware ESXi memory corruption with cross-tenant code execution, OpenAI Codex fell a third time to Satoki Tsuji via an external control flaw, Anthropic's Claude Code hit a collision for $20,000, and Viettel Cyber Security escalated privileges on fully patched Windows 11 via integer overflow.
|
|
|
Love TLDR? Tell your friends and get rewards!
|
|
Share your referral link below with friends to get free TLDR swag!
|
|
|
|
|
Track your referrals here.
|
|
|
|
