Sprocket Security

Everyone focuses on the click. Attackers focus on what happens after. That’s where credentials get used, sessions get hijacked, and access turns into real impact. Most teams never test that part. Great breakdown by Christopher Lyons 👏 #socialengineering #phishing #killchain https://hubs.la/Q04fkl2n0

AI isn't just a tool attackers are using. It's becoming a target itself. This month we're covering what that means for offensive security teams, why legacy authentication protocols are still a critical liability, and how the way most organizations define their attack surface is leaving them exposed. Check out what's inside our Offensive Security Newsletter this month to see how threats are evolving and why testing models need to as well.

Most teams still think of XSS as a “contained” issue. Nick Berrie just showed why that mindset is dangerously outdated. In his latest deep dive, Nick breaks down how self-propagating XSS can turn modern widget frameworks into worm vectors across multi-tenant platforms spreading through legitimate APIs, evading controls, and persisting in ways most defenses aren’t built to catch. This isn’t theoretical. This is how today’s attack surface actually behaves. When your platform is interconnected, one vulnerable tenant can become everyone’s problem. Exactly why point-in-time testing keeps missing the mark. Continuous testing isn’t a “nice to have” anymorel; it’s the only way to catch attacks that evolve and propagate like this. Great work, Nick 👏 - this is the kind of research security teams need to be paying attention to! #CyberSecurity #AppSec #Pentesting #XSS #SecurityResearch #OffensiveSecurity https://hubs.la/Q04f2wbS0

Sprocket Security was back at the Crazy Legs race this weekend for our second year running! 🏃 Between the 8K, the 2-mile walk, and a very Wisconsin post-race celebration at the Memorial Union, it was a perfect day with the team and families. We're already looking forward to next year to get an even bigger group!

We’re always excited to see our team out in the community - especially when they’re sharing real-world insights from the field. At the Midwest OT Cybersecurity Summit 2026, our own Juan Pablo Gomez Postigo took the stage to present: “Lost in Transliteration: Hidden Passwords in a Multilingual World” A topic that highlights how something as simple as language and character sets can introduce unexpected risk - and how attackers think differently when approaching authentication. JP’s session is a great example of what we focus on every day at Sprocket: - Looking beyond surface-level vulnerabilities - Understanding how real attackers operate - Uncovering issues traditional testing often misses The event itself brought together practitioners across industries to tackle real OT security challenges, with hands-on sessions and community-driven discussions. #MOCS2026

We're proud to welcome Connor Moore as our Head of Sales. Connor is a pivotal leadership hire and will lead our global sales organization as we enter our next phase of growth. We're a company built on Custom Excellence, Accountability, and Transparency. Since our first conversations with Connor, it was clear that he is a leader who embodies our values and will help drive the company forward for years to come. We couldn't be more excited to have him on board. Join us in welcoming Connor to the team

In just a couple of hours, we’re going live to break down one of the biggest shifts in cybersecurity right now: AI is becoming the new attack surface. As organizations rapidly adopt AI tools, most aren’t asking a critical question: Are these systems actually secure? In our upcoming Hacker Happy Hour “AI as the New Attack Surface,” our testing team will share what they’re seeing in the field when AI is in scope: from real vulnerabilities to how attackers are thinking about exploiting them. Register here https://lnkd.in/ejMrHSWi This isn’t theoretical. AI expands your attack surface in ways most security programs aren’t built to handle new inputs, new integrations, new paths to exploitation. If you’re using AI, you need to be testing it. Join us live. #webinar #ethicalhacking #ai

NTLMv1 is “deprecated”… yet we still find it in real environments. In his latest research, Hunter Wade walks through how attackers can crack NTLMv1-SSP using rainbow tables and why this isn’t just theoretical. A few takeaways: NTLMv1 relies on weak cryptography that can be broken with precomputed tables. Once authentication is coerced, hashes can be recovered and cracked offline. Modern datasets and tooling make this faster and more accessible than ever.  The real issue: it’s still enabled in production environments. This is exactly where many security programs fall short. It’s not enough to know something is “legacy” - you need to validate: 👉 Is it still exploitable today? 👉 What’s the real impact? Read the full blog https://lnkd.in/enSWQFA7

Greg Anderson and Michael Dane took the Sprocket colors to Marco Island for Innovate Cybersecurity Summit and you still have a chance to connect with them today before the end of the event! Greg and Mike have been on the floor all week sharing how Sprocket is helping organizations stay ahead of evolving threats and the energy in the room has been incredible. If you're here at the conference, don't miss your chance to stop by, say hello, and learn what we've been building. #innovatesummit #pentesting #offsec

🚨 Breach alert! 🚨 Vercel got breached and it started with a small AI tool called Context.ai. One compromised OAuth app → hijacked Google Workspace account → access to Vercel's internal systems. The supply chain doesn't have to be your direct vendor. It can be a tool your employee signed up for last Tuesday. If you use Vercel: rotate env vars ASAP Google Workspace admins: check for the IOC OAuth app Vercel published Everyone: inventory your third-party OAuth exposure You can't protect what you can't see. Full incident details: https://lnkd.in/eHqsp8AR #CyberSecurity #AttackSurface #SupplyChainRisk