A practitioner’s guide to classifying every asset in your attack surface
TLDR: This article details methods and tools (from DNS records and IP addresses to HTTP analysis and HTML content) that...
Read more →Category: Mix
Hive Five 223 – Career Dreamer
I just returned from a whirlwind weekend trip to New York with my family, and let me tell you, it...
Read more →
The Ongoing Risks of Hardcoded JWT Keys — API Security
In early May 2025, Cisco released software fixes to address a flaw in its IOS XE Software for Wireless LAN...
Read more →
The link between security maturity and bug bounty success
What defines a security maturity posture? A security maturity posture refers to an organization’s ability to detect, manage, and mitigate...
Read more →
Reverse Engineering Granola to Get Notes In Obsidian · Joseph Thacker
I love granola.ai. Everyone I know is using it for meeting transcription. I’ve been using it to transcribe my calls...
Read more →![[tl;dr sec] #278 - North Korean IT Workers, How Sentinel One Defends Itself, How Threat Actors Use Claude](https://cybernoz.com/wp-content/uploads/2025/05/tldr-sec-278-North-Korean-IT-Workers-How-Sentinel.png "[tl;dr sec] #278 - North Korean IT Workers, How Sentinel One Defends Itself, How Threat Actors Use Claude 6")
[tl;dr sec] #278 – North Korean IT Workers, How Sentinel One Defends Itself, How Threat Actors Use Claude
Several posts on DPRK IT workers infiltrating companies, Sentinel One on fighting off threat actors, Anthropic shares how attackers were...
Read more →
How Attackers Are Exploiting Business Logic
As businesses rely more on APIs, attackers are quick to turn that trust into opportunity. Among the most dangerous and...
Read more →
AI Solution Factories | Daniel Miessler
Everyone is trying to figure out whether developers are screwed or not. Some say they are, and others say more...
Read more →Hive Five 222 – How to Move Fast
In July 1995, Tatu Ylonen sent the following e-mail to IANA: From ylo Mon Jul 10 11:45:48 +0300 1995 From:...
Read more →![[tl;dr sec] #277 - Cybersecurity (Anti)Patterns, $64K from Deleted Files, New from Meta AI Security](https://cybernoz.com/wp-content/uploads/2025/05/tldr-sec-277-Cybersecurity-AntiPatterns-64K-from-Deleted-Files.png "[tl;dr sec] #277 - Cybersecurity (Anti)Patterns, $64K from Deleted Files, New from Meta AI Security 10")
[tl;dr sec] #277 – Cybersecurity (Anti)Patterns, $64K from Deleted Files, New from Meta AI Security
How to avoid Busywork Generators, bug bounty story of secrets in deleted files, new AI security tools and evals from...
Read more →
What’s New & How It Helps You
As we have entered Q2 2025, let’s dive into key improvements and new features introduced on the Intigriti platform in...
Read more →Introducing the Glazing Score · Joseph Thacker
ChatGPT has been lying to users to make them happy as a part of OpenAI’s effort to “improve personality”, and...
Read more →