MUHSIN

Brutus: Open-source credential testing tool for offensive security Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with dependency headaches and integration gaps, Brutus ships as a single binary with zero external dependencies and native support for the JSON-based reconnaissance pipelines that define offensive security. Solving a real workflow problem Credential testing should...

ai generated image Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers' OAuth credentials. One such package, named "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit," mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then siphon it to servers under the attackers' control. "The attack represents a new...

The security of crypto projects depends heavily on protecting sensitive data stored in their databases. Yet, many projects overlook a simple but critical vulnerability: weak credentials. The GoBruteforcer botnet exploits this gap, targeting crypto project databases and causing significant damage. This post explores how this botnet operates, why weak credentials remain a problem, and what steps crypto projects can take to defend themselves. GoBruteforcer botnet targeting login credentials What...