John Carroll
Exploitation

CVE-2026-34910

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. https://github.com/gadievron/raptor

1 min read John Carroll

I can't talk about it because of disclosure commitments, but all you really need to know is that you need to check out Raptor.

GitHub - gadievron/raptor: Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we configure the agent for adversarial thinking, and perform research or attack/defense operations.
Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confiā€¦
GitHubgadievron
Tagged
Exploitation
Related
Synology DSM 7.3.2
Post

Synology DSM 7.3.2

Chaining three issues to gain root from a low privileged user.

25 Jan 2026 · 4 min read
HP Aruba Privileged Escalation Dec 2025
Post

HP Aruba Privileged Escalation Dec 2025

The HP Aruba VIA VPN client for Linux contains a local privilege escalation vulnerability that allows any unprivileged local user to gain root access. - CVE-2025-37186

26 Dec 2025 · 4 min read
Ghosted.
Post

Ghosted.

Ghosted Domains coming to haunt you, one more check for your scanners, vendor assurance, OSINT, Supply chain, Appsec and all the rest of that good stuff.

19 Sep 2025 · 23 min read