Hacktron AI

Introducing Hacktron Whitebox: get white-box security assessments with audit-ready reports without waiting on a traditional pentest cycle. AI tooling has roughly tripled the rate of code shipped in the last 12 months. But the penetration testing industry has not kept pace. Traditional pentests still often take weeks, sometimes months, to scope, schedule, run, and finalize. Hacktron Whitebox compresses that cycle with AI-assisted security assessment. Because it works with source-code context, it can reason about the areas black-box testing often misses: business logic, auth boundaries, payment flows, service-to-service trust decisions, and how complex vulnerabilities actually become reachable in production. We also want to be clear: automated security testing still produces false positives. That is why every Hacktron Whitebox assessment is reviewed by human security researchers. After AI validates code-level reachability and impact, our team manually validates and deduplicates findings, confirms severity, and turns the results into reports that are useful for both engineers and auditors. The outcome: a faster, more cost-effective security assessment that does not compromise on quality. This is not just checkbox compliance. Hacktron Whitebox helps teams generate pentest-ready evidence for SOC 2, ISO 27001, customer security reviews, and security questionnaires, while giving engineers actionable findings they can fix quickly. Find out more: https://lnkd.in/en5rAKEa

The latest stable release of Next.js patches CVE-2026-44578, a vulnerability found autonomously by Hacktron Whitebox. Here's how it works, and why Server-Side Request Forgery (SSRF) vulnerabilities are a common target for attackers.

This week, several Laravel Lang packages were compromised with malicious code that could run automatically through Composer and potentially steal secrets or enable remote code execution. To protect yourself, check whether you used any affected dependencies, update to a safe version, rotate exposed secrets, review CI/CD logs, and rebuild affected environments from clean images.

Hacktron leads in average severity and probability of exploitation.

The Berkeley Vulnerability Initiative by Corban Villa of the UC Berkeley Electrical Engineering & Computer Sciences (EECS) Security Group compared agentic vulnerability discovery systems on key metrics like average severity and breadth of vulnerability classes. Hacktron AI leads in average severity and EPSS, meaning that on average, the vulnerabilities we found were more critical and weaponizable. AISLE covers the most CWE types and Anthropic disclosed the highest absolute count of critical severity vulnerabilities. Very proud of the work we've done at Hacktron, as well as that of our peers at Anthropic and AISLE. AI has sped up vulnerability discovery, but coverage and signal remain to be important metrics we optimize for, so that we deliver the best value to our customers. More details here: https://lnkd.in/eC76G_aK

I said "make no mistakes".

When your VPN opens your private network to the public! An auth bypass in Palo Alto PAN-OS CAS Auth (CVE-2026-0265) that lets an attacker connect to the company's GlobalProtect VPN. CAS is Palo Alto's cloud SSO broker. Instead of talking to your IdP directly, the firewall redirects through Palo Alto's cloud, which handles IdP auth and sends back a signed JWT. The firewall then verifies the JWT signature and logs you in. Contained within the CAS implementation was a textbook JWT algorithm confusion vulnerability. The verification function trusts the alg header from the JWT itself. Switch RS256 to HS256, and the public signing certificate becomes the HMAC secret key. After configuring CAS on our instance (this was the toughest part of the journey), we got Claude to forge a JWT, and POST it to /SAML20/SP/ACS to get a session cookie which can be used to connect to the VPN. It was game over. Your private network was public. If you're running CAS-enabled PAN-OS, update the appliance immediately. https://lnkd.in/e5GwiRXp

What can go wrong? https://lnkd.in/g3yK6fHX

🚨 Patch Alert 🚨 This is a critical auth bypass affecting GlobalProtect VPN. Unlike the buffer overflow this isn't limited to PAN OS. Will be disclosing full details later next week on @HacktronAI blog. https://lnkd.in/g3yK6fHX