VulnCheck Update: New Exploits, Detections, and Scanner for F5 BIG-IP

Just published: a step-by-step walkthrough of Artificial (Hack The Box) where I walk through a web-to-root chain: abusing a TensorFlow model upload for RCE to get a web reverse shell, discovering a sqlite users.db and cracking hashes for SSH access, extracting weakly protected backup credentials, then abusing the Backrest backup/restore flow (and restic) to restore /root and claim root. If you want a practical example of how exposed application data, weakly protected credentials, and misconfigured backup tooling turn limited access into full system compromise, this one’s for you. 🔗: https://lnkd.in/gxn3s__T #InfoSec #CyberSecurity #Pentesting #HackTheBox #CTF #ApplicationSecurity

I've seen at least five "AI + Web3" pitches this week. My question is always the same: "What does this actually do that a normal database and an API call can't?" The silence I get back is... telling. We have so many real infrastructure problems to solve (like private key security!). Can we please focus on those before we just glue two buzzwords together?

⚠️ A First in Cyber History: Large-Scale Attack Fully Driven by AI Researchers have confirmed a major milestone, the first large-scale cyberattack orchestrated almost entirely by AI, with minimal human touch. The automated agent carried out reconnaissance, exploitation, lateral movement, and data targeting at machine speed… executing thousands of actions per second across global networks. Key points from the report: • Attackers used an AI model to autonomously chain exploits and adapt in real time • Targets included high-value enterprises and critical infrastructure orgs • The operation showed “human-level reasoning at superhuman scale,” accelerating every phase of the kill chain • Defenders struggled because the attack evolved faster than traditional detection and response cycles 👉 Full article with details: 🔗 https://lnkd.in/gKyHWPrr At AllSecurityNews.com, we track the newest trends shaping cyber defense, especially how AI is now being used by both defenders and adversaries. Explore more in-depth coverage: 🔗 https://lnkd.in/dVPjyxrn #CyberSecurity #AI #ThreatIntel #IncidentResponse #Automation #Infosec #AllSecurityNews

Sysdig and Snyk are using ‘AI echolocation’ to make static code scans & runtime signals work together. By correlating Snyk’s code vulnerabilities with Sysdig’s live runtime data, real risks echo back with AI-powered context from MCP servers. AI + MCPs = real context in real-time. Discover how it all functions here: 👉 https://okt.to/W14RZM

A recent npm supply chain attack compromised 18 popular packages. This post explains how Cloudflare’s graph-based machine learning model, which analyzes 3.5 billion scripts daily, was built to detect and block exactly this kind of threat automatically. https://cfl.re/48MENDW

Model Context Protocol (MCP) is taking off fast — with thousands of servers now linking AI models to tools, APIs, and data sources. But behind the excitement lies a serious gap: almost no supply chain control. Each MCP server is software that can contain vulnerabilities, hidden dependencies, or malicious code. Most are unvetted, yet they now sit at the center of how AI systems access critical enterprise data. Read our latest blog exploring how this uncontrolled growth of MCP servers is creating a new layer of supply chain risk — and what organizations must do to regain visibility and trust: https://lnkd.in/ggdZ_YZC #MCPSecurity #MCPSupplyChain #AgenticSecurity

Announcing pqc-flow: A production-ready Post-Quantum Cryptography detector for network flows. After NIST finalized the first PQC standards (ML-KEM, ML-DSA, and SLH-DSA) in 2024, we asked: “How do we measure PQC adoption across live traffic—without storing payloads?  The answer: pqc-flow—a passive flow analyzer that detects quantum-resistant algorithms in SSH, TLS, and QUIC handshakes.  🛠️ Technical highlights:  • Custom SSH parser: extracts kex_algorithms from SSH_MSG_KEXINIT (no nDPI patches)  • Custom TLS parser: reads supported_groups extension (0x000a) from ClientHello  • AF_PACKET TPACKET_V3: zero-copy capture, sub-100ms export latency  • Bidirectional flow tracking with canonical 5-tuple normalization  • JSONL output: ts_us, MAC addresses, PQC flags, algorithm names  🎯 Detection coverage:  ✅ OpenSSH sntrup761x25519 (9.0+)  ✅ Chrome X25519Kyber768 (experimental, code 0x11ec)  ✅ Cloudflare Kyber variants (0xfe31, 0x6399)  ✅ NIST ML-KEM hybrids (0x2001+)  📊 Real-world validation:  We captured Canary Chrome browsing sessions and found 25 out of 27 TLS connections (92.6%) used Kyber hybrid key exchange. AWS infrastructure: 100% PQC-enabled. AWS-managed endpoints using ALB/CloudFront consistently negotiated hybrids. The quantum-safe internet is already rolling out.  Perfect for:  • Security compliance (CISA PQC mandates)  • Network cryptographic inventory  • Legacy system identification  • Migration progress tracking  The tool outputs flow metadata only, no payload capture, no privacy concerns. Suitable for regulated environments.  Repository: https://lnkd.in/gAuME-R5  License: GPL-3.0 Looking for contributors interested in IKEv2/IPsec parsers, QUIC direct parsing.  #Cryptography #PostQuantum #NetworkMonitoring #Security #OpenSource #C #Linux #NIST

Open-source and self-hosted AI models are especially vulnerable to tokenization drift, which occurs when the system that breaks text into tokens changes unexpectedly. This can lead to increased costs, reduced reliability, and hidden vulnerabilities. Continuous vigilance is essential for safeguarding your business from these risks. Learn more about effective protection strategies: https://bit.ly/3JGHIDL

𝐓𝐡𝐞 𝐀𝐈 𝐬𝐮𝐩𝐩𝐥𝐲 𝐜𝐡𝐚𝐢𝐧 𝐢𝐬 𝐜𝐫𝐚𝐜𝐤𝐢𝐧𝐠 𝐮𝐧𝐝𝐞𝐫 𝐧𝐞𝐰 𝐩𝐫𝐞𝐬𝐬𝐮𝐫𝐞. Agentic apps don’t fail because of bad models, they fail because they inherit decades of software supply chain risk and amplify it with new AI-specific vulnerabilities. From poisoned models to prompt injections and compromised MCP servers, the weakest link in AI security now spans code, data, and reasoning itself. Read Xin Jin’s deep dive on how to build secure agentic systems before the chain breaks: 👉 https://lnkd.in/gyJ4dxSS