04/01

Critical auth bypass bug in CrushFTP now exploited in attacks

https://www.bleepingcomputer.com/news/security/critical-auth-bypass-bug-in-crushftp-now-exploited-in-attacks/
Critical auth bypass bug in CrushFTP now exploited in attacks

Sliver EDR Bypass: Customizing Open Source Tools - Cyber Security Services - London

https://fortbridge.co.uk/research/reforging-sliver-how-simple-code-edits-can-outmaneuver-edr/
Sliver EDR Bypass: Customizing Open Source Tools - Cyber Security Services - London

Apple backports zero-day patches to older iPhones and Macs

https://www.bleepingcomputer.com/news/security/apple-backports-zero-day-patches-to-older-iphones-and-macs/
Apple backports zero-day patches to older iPhones and Macs

Apple fined €150 million over App Tracking Transparency issues

https://www.bleepingcomputer.com/news/apple/apple-fined-150-million-over-app-tracking-transparency-issues/
Apple fined €150 million over App Tracking Transparency issues

Google rolls out easy end-to-end encryption for Gmail business users

https://www.bleepingcomputer.com/news/security/google-rolls-out-easy-end-to-end-encryption-for-gmail-business-users/
Google rolls out easy end-to-end encryption for Gmail business users

VMware Workstation auto-updates broken after Broadcom URL redirect

https://www.bleepingcomputer.com/news/software/vmware-workstation-auto-updates-broken-after-broadcom-url-redirect/
VMware Workstation auto-updates broken after Broadcom URL redirect

Grifter – Darknet Diaries

https://darknetdiaries.com/episode/157
Grifter – Darknet Diaries

OffensiveCon25 :: pretalx

https://cfp.offensivecon.org/offensivecon25/
OffensiveCon25 :: pretalx

NSO's Zero-Click: iPhone Exploit Unveiled - Tech News

https://securityexpress.info/nsos-zero-click-iphone-exploit-unveiled/
NSO's Zero-Click: iPhone Exploit Unveiled - Tech News

New Windows 11 trick lets you bypass Microsoft Account requirement

https://www.bleepingcomputer.com/news/microsoft/new-windows-11-trick-lets-you-bypass-microsoft-account-requirement/
New Windows 11 trick lets you bypass Microsoft Account requirement

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

https://thehackernews.com/2025/04/over-1500-postgresql-servers.html
Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing

https://thehackernews.com/2025/04/lucid-phaas-hits-169-targets-in-88.html
Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing

North Korean IT worker army expands operations in Europe

https://www.bleepingcomputer.com/news/security/north-korean-it-worker-army-expands-operations-in-europe/
North Korean IT worker army expands operations in Europe

China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

https://thehackernews.com/2025/04/china-linked-earth-alux-uses-vargeit.html
China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices

https://thehackernews.com/2025/04/apple-fined-150-million-by-french.html
Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices

Analyzing open-source bootloaders: Finding vulnerabilities faster with AI | Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2025/03/31/analyzing-open-source-bootloaders-finding-vulnerabilities-faster-with-ai/
Analyzing open-source bootloaders: Finding vulnerabilities faster with AI | Microsoft Security Blog