Title: Roast my resume– Security Analyst https://limewire.com/d/vXFZE#5hsZo0QX1W

Title: Roast my resume– Security Analyst https://limewire.com/d/vXFZE#5hsZo0QX1W

Transparent AiTM Proxying in the PhishU Framework https://phishu.net/blogs/blog-transparent-aitm-proxy-framework.html

Microsoft Entra OAuth Consent Grant Attack Simulation in the PhishU Framework https://phishu.net/blogs/blog-microsoft-entra-oauth-consent-grant-phishu-framework.html

ClickFix in the PhishU Framework https://phishu.net/blogs/blog-clickfix-in-the-phishu-framework.html

Testing AprielGuard Against 1,500 Adversarial Attacks https://www.lasso.security/blog/how-aprielguard-performed-against-1500-adversarial-attacks

PROTOCOLO DELTA SWORD: Full Disclosure de Persistência Zero-Day e Omissão Corporativa (Google/Samsung) https://drive.google.com/drive/folders/1S5BTn5KxTmDEgrkjr2pIk3xanL05C9PG

Navia breach exposed HackerOne employee PII due to a BOLA-style access in third-party system https://thecybersecguru.com/news/hackerone-data-breach-navia-solutions/

We scanned 900 MCP configs on GitHub. 75% had security problems. https://orchesis.ai/blog/mcp-scan

Alleged OVHcloud data of 1.6M customers and 5.9M websites posted on popular forum for sale. CEO Comments https://thecybersecguru.com/news/ovhcloud-data-breach-2026/

e open-sourced 209 security tests for multi-agent AI systems (MCP, A2A, L402/x402 protocols) https://www.cteinvest.com/blog/209-tests-ai-agent-security-what-we-built.html

Remote Command Execution in Google Cloud with Single Directory Deletion https://flatt.tech/research/posts/remote-command-execution-in-google-cloud-with-single-directory-deletion/

BoxPwnr: AI Agent Benchmark (HTB, TryHackMe, BSidesSF CTF 2026 etc.) https://0ca.github.io/BoxPwnr-Traces/stats/index.html

EmEditor Supply Chain Analysis: Why "Publisher Authorization" isn't the silver bullet we think it is https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/when-trust-becomes-the-attack-vector-analysis-of-the-emeditor-supply-chain-compr/4499552

LLVM Adventures: Fuzzing Apache Modules https://pwner.gg/blog/2026-03-20-apatchy

Lookout's LLM-assistance findings in DarkSword iOS exploit kit: a source-by-source breakdown of what each research team actually said https://blog.barrack.ai/darksword-llm-ios-exploit

Roundcube Webmail: three more sanitizer bypasses enable email tracking and phishing https://nullcathedral.com/posts/2026-03-18-roundcube-round-two-three-more-sanitizer-bypasses/

A Copy-Paste Bug That Broke PSpice AES-256 Encryption https://jtsylve.blog/post/2026/03/18/PSpice-Encryption-Weakness

OpenSIPS SQL Injection to Authentication Bypass (CVE-2026-25554) https://aisle.com/blog/opensips-sql-injection-aisle-deep-dive-sql-injection-authentication-bypass

BYOUD - Bring Your Own Unwind Data - By KlezVirus https://klezvirus.github.io/posts/Byoud/

I built a zero-knowledge CLI password manager from scratch. AES-256-GCM, Argon2id, 22 secret types, MCP support.... https://aaravmaloo.github.io/apm