If Claude Can Find serious cybersecurity Bug, Who Collects the Bounty?
Bug bounty programs vs. $20/month reasoning — when the brutal question becomes: why pay five-figure bounties if a Claude Code subscription already finds entire classes of bugs? #BugBounty #VulnerabilityResearch #OffSec #AppSec #Infosec #AI #LLM #SecurityResearch #CyberSecurity https://red.anthropic.com/2026/zero-days/
And it's out!
Zack Whittaker and I have released our report on the pilot survey we conducted to increase awareness about threats security researchers and journalists who report on cybersecurity and cybercrime experience.
We are grateful to all those who responded to the survey and shared a bit of their experiences. Based on what we found in a pilot survey with a non-random sample, I really think we need to do a bigger study that can also do a deeper dive into some questions.
You can read the report in html or download the .pdf version:
pdf: https://databreaches.net/wp-content/uploads/security-researcher-journalist-threats-survey-2026.pdf
In conjunction with the release of the report, I've also added a new "Threats" category to DataBreaches.net.
You can also read some overview comments from Zack at
https://this.weekinsecurity.com/new-survey-reveals-how-security-researchers-and-journalists-experience-legal-and-criminal-threats/
My post explaining how this all started is at https://databreaches.net/2026/02/02/threats-results-of-a-pilot-survey-on-threats-and-a-new-category-on-databreaches-net/
#cybersecurity #securityresearch #legalthreats #threats #criminals #databreach #vulernabilities #malware #lawsuit #survey
@zackwhittaker @campuscodi @amvinfe @jgreig @dangoodin @GossiTheDog @lawrenceabrams @euroinfosec
📢 CFP Update: #EuroSec2026 Deadline Extended
The submission deadline for EuroSec 2026 (co-located with #EuroSys2026, Edinburgh) has been postponed.
More time to submit your work on #InfoSec, #SystemsSecurity & #ComputerSecurity.
🗓 New deadline: February 10, 2026 (AoE)
🔗 https://eurosec26.hotcrp.com/
Secure adversary research gives SOC teams the context alerts alone can’t. It reduces blind spots, strengthens detection logic, and supports faster, intelligence-driven response without increasing operational risk.
Learn how hands-on, secure research strengthens SOC outcomes from triage through remediation.
Security researchers discovered 1,862 Moltbot AI assistant servers exposed without authentication on the internet. The viral GitHub project requires access to emails, messages, banking, and system commands to function. 22% of enterprise customers have employees running it without IT approval, creating shadow AI deployments with full privileges. Supply chain attack tests compromised 16 developers across 7 countries within 8 hours. #AISecRisk #ShadowIT #SecurityResearch
https://www.implicator.ai/moltbot-punched-through-every-security-wall-attackers-followed/
Hacker communities are reshaping vulnerability discovery — collaboration, incentives, and scale are accelerating security research. The crowd is becoming a force multiplier. 🧠⚡️ #BugBounty #SecurityResearch
New research reveals Predator spyware’s advanced anti-analysis tech 🕵️♂️
Malware learns from failed attacks & hides traces via crash log suppression 🧬
Used by state-backed actors, Predator refines itself to evade detection ⚠️
🔗 https://www.securityweek.com/predator-spywares-granular-anti-analysis-features-exposed/
#TechNews #Cybersecurity #Privacy #Spyware #Malware #Infosec #Surveillance #Intellexa #Cytrox #DataSecurity #ThreatIntel #APT #DigitalSafety #HumanRights #SecurityResearch #Cyber #ẞecurity #Predator #Virus #Hacking
The GCVE vulnerability database, developed by Luxembourg’s CIRCL, is now publicly available and designed to remain CVE-compatible.
It aggregates advisories from 25+ centralized and decentralized sources, correlates naming conventions, and supports machine-based analysis for security teams and researchers.
The launch reflects ongoing conversations around redundancy, governance, and long-term stability in vulnerability disclosure frameworks.
How do you evaluate new vulnerability data sources before integrating them into your pipeline?
Source: https://www.inside-it.ch/europaeische-cve-alternative-ist-lanciert-20260121
Follow @technadu for objective cybersecurity reporting.
#GCVE #VulnerabilityManagement #ThreatIntel #CVE #SecurityResearch #EUInfosec
As AI adoption in SOCs accelerates, benchmarks are becoming de facto decision tools — yet many still evaluate models in controlled, exam-like settings.
Recent research highlights consistent issues:
• Security workflows reduced to MCQs
• Little measurement of detection or containment outcomes
• Heavy reliance on LLMs judging other LLMs
These findings reinforce the need for workflow-level, outcome-driven evaluation before operational deployment.
Thoughtful discussion encouraged. Follow @technadu for practitioner-focused AI and security analysis.
#SOC #ThreatHunting #AIinInfosec #LLMs #SecurityResearch #DetectionEngineering
Recent research into sleeper browser extensions across Chrome, Edge, and Firefox highlights a persistent issue: delayed-activation threats.
By embedding code inside images and activating only after updates, these extensions avoided early detection while maintaining prolonged access to browser data.
The findings reinforce the importance of continuous monitoring, extension inventory management, and permission reviews - especially for widely used consumer tools.
Follow @technadu for objective, research-driven cybersecurity reporting.
Thoughtful discussion welcome.
#InfoSec #ThreatIntelligence #BrowserSecurity #PrivacyEngineering #ExtensionRisk #CyberDefense #SecurityResearch #DigitalTrust
Recent joint law enforcement actions in Ukraine and Germany underscore the operational complexity behind ransomware groups like Black Basta.
Investigators report targeting individuals allegedly involved in credential recovery and access enablement - often an overlooked but critical layer of ransomware operations. Seized devices and cryptocurrency assets are still under analysis.
For defenders, the case reinforces the importance of credential protection, monitoring access paths, and understanding ransomware supply chains.
Follow @technadu for continued, objective coverage of ransomware activity and cybercrime trends.
Discussion welcome.
#InfoSec #Ransomware #ThreatIntelligence #CyberCrime #DigitalForensics #SOC #IncidentResponse #SecurityResearch
⏰ CFP Reminder: #EuroSec2026 — < 3 weeks left!
Less than three weeks remain to submit to the 19th European Workshop on Systems Security, co-located with #EuroSys2026 in Edinburgh 🇬🇧
If you’re working on new ideas, early results, or practical insights in #InfoSec, #SystemsSecurity, or #ComputerSecurity, we’d love to see your submission.
🗓 Deadline: Feb 3, 2026 (AoE)
🔗 https://eurosec26.hotcrp.com/
#CFP #SecurityResearch #Systems #Networking
WOMEN AND EXTREMISM DESERVE MORE PRECISE ANALYSIS.
Our latest FACT vs FICTION edition highlights why simplified assumptions can limit prevention and risk assessment.
Evidence based knowledge supports more effective responses.
Source: https://extremism.gwu.edu/sites/g/files/zaxdzs5746/files/Women-of-Jan6_Matfess-and-Margolin.pdf
#Extremism #Gender #SecurityResearch #SCENOR
Follow SCENOR for regular FACT vs FICTION updates.
Malwatcher: A self-hosted platform for verifying IOCs by centralizing online tools into one interface
Check ✅️ it out:
https://github.com/R4z1xx/malwatcher
The pcTattletale founder’s guilty plea marks the first U.S. federal conviction of a stalkerware operator in over ten years.
This case reinforces:
• Legal accountability for spyware misuse
• Growing scrutiny of consumer surveillance tools
• The role of infosec and law enforcement collaboration
An important precedent for privacy enforcement in the spyware ecosystem.
Read more via TechNadu and follow for objective infosec coverage:
https://www.technadu.com/founder-of-pctattletale-spyware-app-pleads-guilty-in-federal-stalkerware-case/617772/
#Infosec #Privacy #Stalkerware #CyberLaw #DigitalSurveillance #SecurityResearch
🚨 New research & tool release: OID-See - Giving Your OAuth Apps the Side-Eye
OAuth risk in Entra isn’t a table problem.
It’s a relationship problem.
After spending far too long staring at consent screens, Graph responses, and metadata that technically tells the truth while still being wildly misleading, I ended up building something I couldn’t find anywhere else:
OID-See - essentially BloodHound for OAuth in Entra.
It maps:
• OAuth apps & service principals
• Delegated scopes and app permissions
• Consent, assignments, and reachability
• Trust signals (and trust illusions)
• Persistence and impersonation paths
…into a graph-backed analysis model that lets you reason about what an app can actually become when chained, not just whether it looks risky in isolation.
Why this exists
I kept running into the same issues:
• “Verified publisher” isn’t always the signal we think it is
• Microsoft-shaped metadata can lull defenders into false trust
• offline_access ≠ impersonation, but does equal persistence
• Apps without assignment requirements are exposed by default
• Spreadsheets hide abuse paths - graphs expose them
So I stopped trying to answer “is this app bad?”
and started asking “what does this enable if it’s abused?”
What OID-See is (and isn’t)
✅ Graph-only by default (no token scraping, no SaaS, no data exfil)
✅ You run it yourself, get a JSON, analyse it locally
✅ Explainable scoring, externalised logic, no magic
❌ Not a CSPM replacement
❌ Not an EDR, SWG, or token replay tool
It’s about clarity, not control theatre.
📖 Blog (deep dive, philosophy, and war stories):
👉 https://cirriustech.co.uk/blog/oidsee/
🧰 Tool & source (v1.0.0):
👉 https://github.com/OID-See/OID-See/tree/v1.0.0
If you’re an Entra admin, cloud security engineer, or anyone who’s ever said
“it’s just a harmless SSO integration” - this one’s for you.
And yes… the name is intentional.
You probably should be giving your OAuth apps the side-eye. 👀
#Entra #AzureAD #OAuth #OIDC #IdentitySecurity #SecurityResearch #AttackSurface #Graph #BloodHound #OIDSee
Security researchers have revealed a phishing campaign that abused Google Cloud’s email automation to deliver legitimate-looking enterprise notifications from trusted domains.
The attack chain demonstrates how cloud trust, familiar formatting, and multi-stage redirection can work together to bypass both technical controls and user skepticism.
This raises broader questions about how defenders evaluate risk in automated cloud workflows.
What lessons should security teams take from this case?
Share your insights, and follow TechNadu for vendor-neutral cybersecurity analysis.
Source: https://thehackernews.com/2026/01/cybercriminals-abuse-google-cloud-email.html
#InfoSec #PhishingCampaigns #CloudAbuse #EmailSecurity #ThreatDetection #SecurityResearch
📢 CFP: #EuroSec2026
The 19th European Workshop on Systems Security is co-located with #EuroSys2026 in Edinburgh 🇬🇧
Join researchers & practitioners discussing the latest in #SystemsSecurity and #ComputerSecurity.
🗓 Deadline: Feb 3, 2026 (AoE)
🔗 https://eurosec26.hotcrp.com/
For details and submission guidelines, visit: https://eurosec-workshop.github.io/
🛡️ FINAL CHANCE TO REGISTER for tomorrow’s training in Dublin for faith communities.
The event covers threat assessments, the Faith Guardian reporting tool, identification of vulnerabilities in Places of Worship and guidance on counter-narratives.
➡ https://docs.google.com/forms/d/e/1FAIpQLSd-4RfzUx6c2qvrQy4pw2W561kVf0Kut_Z5O0P_UcsLIy80Tw/viewform
#PARTESSCOM #FaithCommunities #SecurityResearch #CounterExtremism #ThreatAssessment #PlacesOfWorship #CommunitySafety
A new Chrome zero-day has been patched, but notable for its lack of a CVE and absence of public technical information. Identified only by a bug tracker ID, the flaw carries a high-severity rating and is already being exploited in the wild. Trends point toward a likely memory corruption vector.
The same update resolves two medium-risk issues tied to small bug-bounty awards.
How do you feel about delayed transparency during active exploitation windows?
Source:
https://www.securityweek.com/google-patches-mysterious-chrome-zero-day-exploited-in-the-wild/
Share your perspective and follow us for more threat intelligence and vulnerability insights.
#infosec #zeroday #chromesecurity #cybersecurity #vulnerabilitymanagement #patching #securityresearch #browsersecurity #threatintel #technadu
