Newsletter 2026-03-11
Another week another round of articles i deemed interesting
I wasn’t aware until now that nuclei also has an OSINT tag and can check user accounts on platforms.
Jean-Francois Maes outlines a system that could make it possible to use commercial LLMs with a private upstream system for pentests. Strictly speaking, there would be two upstream systems. The first one anonymizes confidential information on the way in and deanonymizes it on the way back. The second upstream system then checks whether the first one was successful before it goes into the commercial LLM.
- [LinkedIn] https://www.linkedin.com/pulse/interception-layer-terrible-idea-might-actually-work-maes-0ufde/
An interesting reminder that extreme caution is required even when using GitHub secrets.
Along with that, two articles on the HackerBot-Claw campaign, which has already attacked several well-known GitHub repositories.
- https://orca.security/resources/blog/hackerbot-claw-github-actions-attack/
- https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation
Unit42 presents a very comprehensive analysis of indirect prompt injections that are already being used by attackers in this way and also directly categorizes them into different severity levels.
A different perspective on recruiting new members for Lapsus$ and the like.
There’s a new training environment in GOAD. It includes two Windows Server 2025 (DC+Server) and one Ubuntu Server. All in one domain.
Fitting with the current world situation and the sharp increase in cyberspace activities around Iran, CTRL-Alt-Intel took a look at Muddy Water.
Niels Provos presents a sandbox environment for AI agents on his blog.
To wrap things up, an exploit write-up against Qemu <v9.1.0-rc0 from December last year.
Read you next time