🚨 PANIX v2.0 Released! 🚨 Test & upgrade your Linux security with: - 31 persistence modules & 50+ techniques - Easily revert changes post-testing - Map to MITRE ATT&CK - 10+ fresh additions: LD_PRELOAD, PAM backdoors, rootkits, and more! 🔗 github.com/Aegrah/PANIX

#ElasticSecurityLabs has discovered PUMAKIT, a new #linux #malware with advanced stealth mechanisms. The kernel rootkit is capable of privilege escalation, anti-debugging measures, and more. Get the details here: go.es.io/4g9LIHP

The beacons have been lit by Mika Ayenson, Miguel Garzon, and Samir! This new research combines Beacon Object Files, Elastic AI Assistant, and Detonate to explore detection capabilities. Check it out: go.es.io/427o76x #ElasticSecurityLabs #detectionengineering #ai

We’re adding a new section to Elastic’s HackerOne Bounty Program! Today, we’re opening our SIEM and EDR rules for testing. We’re excited to have another way to thank our community for their efforts on our #detectionengineering. Get more details here: go.es.io/4hdKQCI

in a year period we had 50% increase in Elastic Defend endpoint behavior rules (coverage as well - 1000+) 💪 for all the 3 supported platforms Windows, macOS and Linux H/T DefSecSentinel Ruben Groenewoud Mika Ayenson Shashank and all the team ofc github.com/elastic/protec…

we've got a lot of good stuff for you this coming week! kicking it off tomorrow.

#IoT devices like Wi-Fi cameras are convenient, but exploitable. Take a look at how some of the most popular baby cameras can be abused: go.es.io/4jxG6bV

Great find and write-up from the team Unit 42. I wrote a small unsafe PyYAML loader script to remotely load and execute the YAML deserialization payload. I also built out a Python+Flask C2 Server on an "attacker" VM to handle all communication as specified in the loader and

This hurts... Please don't: - Let AI create infographics - Post them with AI created slop text - Claim you created the infographic - Delete any comments with constructive feedback - Let rundll3.exe or certufl.exe run, it probably isn't good despite what the infographic says.

o3 and o4-mini are super good at coding, so we are releasing a new product, Codex CLI, to make them easier to use. this is a coding agent that runs on your computer. it is fully open source and available today; we expect it to rapidly improve.

The best code editor is Google sheets?!!? 🫨 youtube.com/shorts/SdUvZjj…

🧑‍🍳Now we're cooking with🔥 Stay tuned...

You can access our #detectionengineering repos, but how about a closer look? The 2025 State of Detection Engineering at Elastic is a new #report from #ElasticSecurityLabs detailing how we create and assess our prebuilt rules. Check it out: go.es.io/4jnrXhA

Introducing Minos - A new classifier for detecting refusals from LLMs. A potentially very useful tool for redteamers and jailbreakers - it's a binary classifier that will return the likelihood of a final response in a chat being a refusal. huggingface.co/NousResearch/M… Built on

New research from our #ElasticSecurityLabs team: we dive into how infostealers are leveraging a stolen Shellter evasion tool to deploy data-stealing malware. Learn more & get our unpacker: go.es.io/4ldCM72 #malware #rhadamanthys #ghostpulse

MaaS Appeal: An Infostealer Rises From The Ashes elastic.co/security-labs/…

New research on NOVABLIGHT, a NodeJS infostealer sold as MaaS! Discover its tactics, from credential theft & cryptowallet compromise to advanced obfuscation & anti-analysis techniques: go.es.io/459JGDA #ElasticSecurityLabs #infostealer

We just shipped automated security reviews in Claude Code. Catch vulnerabilities before they ship with two new features: - /security-review slash command for ad-hoc security reviews - GitHub Actions integration for automatic reviews on every PR

our livestream tomorrow at 10 am PDT will be longer than usual, around an hour. we have a lot to show and hope you can find the the time to watch!