admin 
In March 2026, I conducted a penetration test against a social media-style web application (referred to as TargetApp.io). The engagement was authorized by the platform’s owner and spanned approximately two weeks. The most critical vulnerability was discovered on the second day. While the test began as a traditional black-box assessment, simulating an external attacker with … Read more
Burp Suite Learning Series — Blog #6 Continue reading on OSINT Team »
Author: Berend Watchus. Independent AI & Cyber Sec. Researcher. Trendwatcher. [Publication for: OSINT Team] April 2, 2026 Google AI Mode Is Not GDPR Compliant — According to Google AI Author: Berend Watchus. Independent AI & Cybersecurity Researcher. April 2, 2026. There is a legal right you almost certainly don’t know you have. Under GDPR Article 16, every EU citizen has the … Read more
Why Java Backend Development Will Look Completely Different by 2026 Continue reading on OSINT Team »
Data Hostage: How a Preprint Bartered 100,000 Bulk Unreleased Cybersecurity Scenarios for Peer Review Acceptance Author: Berend Watchus Independent AI & Cybersecurity Researcher [Publication for: OSINT Team] https://arxiv.org/abs/2604.01079 Automated Generation of Cybersecurity Exercise Scenarios Data Hostage: How a Preprint Bartered 100,000 Bulk Unreleased Cybersecurity Scenarios for Peer Review Acceptance A structural integrity analysis of arXiv:2604.01079 https://arxiv.org/abs/2604.01079 … Read more
Inside The Breach #3 Part 2 of an ongoing series where I work through the MITRE ATT&CK Evaluations APT29 dataset in Splunk and document everything I find, including the dead ends. #Note: Before I get into the findings, a quick context on why I am doing this. I am learning advanced threat hunting by working through real adversary … Read more
That Text Message Code is not Protecting You Anymore. Here’s What Actually Works Continue reading on OSINT Team »
A recently discovered information disclosure vulnerability in Wing FTP Server (CVE-2025–47813) has been confirmed to be actively exploited in real-world attacks, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added it to the Known Exploited Vulnerabilities (KEV) catalog. Although this vulnerability is rated CVSS 4.3 (Medium), it poses risks beyond simple information leakage, … Read more
Videos/Webinars/Podcasts/Conferences/Training:2 AI Prompts That Let Me Research FASTThe Intel Lab | March 30, 2026https://www.youtube.com/watch?v=XqhkFGej03M Under-16s Social Media Ban: OSINT implicationsOSINT Combine | April 14, 2026https://www.linkedin.com/posts/osint-opensourceintelligence-digitalinvestigations-share-7443034419990347776-W-HGalso: https://us02web.zoom.us/webinar/register/WN_93ppnvK7ST2L-deAUj7x4w#/registration OSINT: Oh the Places You’ll Go (Justin Brown)SAINTCON | March 31, 2026https://www.youtube.com/watch?v=I7WpSDOme1w Articles/Blogs (Corporate or Personal):My Reflection After the Debate During the OSINT Shadows ConferenceJakub Karmowski | March 31, … Read more
This is Part 1 of an ongoing series where I work through the MITRE ATT&CK Evaluations APT29 dataset in Splunk. No vendor tools. No shortcuts. Just logs, SPL, and a methodology built over two years of self-teaching. When I first ingested the APT29 Day 1 dataset into Splunk and saw 196,071 events staring back at … Read more