Author Archives: SANS Internet Storm Center, InfoCON: green

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop?, (Wed, Jan 28th)

Posted on by

I was looking for possible exploitation of CVE-2026-21962, a recently patched WebLogic vulnerability. While looking for related exploit attempts in our data, I came across the following request:

Continue reading Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop?, (Wed, Jan 28th)

Posted in Uncategorized

Scanning Webserver with /$(pwd)/ as a Starting Path, (Sun, Jan 25th)

Posted on by

Based on the sensors reporting to ISC, this activity started on the 13 Jan 2026. My own sensor started seeing the first scan on the 21 Jan 2026 with limited probes. So far, this activity has been limited to a few scans based on the reports available in ISC [;5];Â; ;(select Match Partial URL and Draw):

Continue reading Scanning Webserver with /$(pwd)/ as a Starting Path, (Sun, Jan 25th)

Posted in Uncategorized

Is AI-Generated Code Secure?, (Thu, Jan 22nd)

Posted on by

The title of this diary is perhaps a bit catchy but the question is important. I don’t consider myself as a good developer. That’s not my day job and I’m writing code to improve my daily tasks. I like to say “I’m writing sh*ty code! It works for me, no warranty that it will for for you”. Today, most of my code (the skeleton of the program) is generated by AI, probably like most of you.

Continue reading Is AI-Generated Code Secure?, (Thu, Jan 22nd)

Posted in Uncategorized