06/10
06/11
06/12
6 Posts

Chinese hackers breached 20,000 FortiGate systems worldwide

https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/
Chinese hackers breached 20,000 FortiGate systems worldwide
6 Posts

Progressive Web Apps (PWAs) Phishing | mr.d0x

https://mrd0x.com/progressive-web-apps-pwa-phishing/
Progressive Web Apps (PWAs) Phishing | mr.d0x
5 Posts

Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap | NCC Group Research Blog | Making the world safer and more secure

https://research.nccgroup.com/2024/06/11/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/
Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap | NCC Group Research Blog | Making the world safer and more secure
5 Posts

Pure Storage confirms data breach after Snowflake account hack

https://www.bleepingcomputer.com/news/security/pure-storage-confirms-data-breach-after-snowflake-account-hack/
Pure Storage confirms data breach after Snowflake account hack
5 Posts

City of Cleveland shuts down IT systems after cyberattack

https://www.bleepingcomputer.com/news/security/city-of-cleveland-shuts-down-it-systems-after-cyberattack/
City of Cleveland shuts down IT systems after cyberattack
5 Posts

New Warmcookie Windows backdoor pushed via fake job offers

https://www.bleepingcomputer.com/news/security/new-warmcookie-windows-backdoor-pushed-via-fake-job-offers/
New Warmcookie Windows backdoor pushed via fake job offers
4 Posts

Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing - SecurityWeek

https://www.securityweek.com/patch-tuesday-remote-code-execution-flaw-in-microsoft-message-queuing/
Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing - SecurityWeek
4 Posts

Gitloker attacks abuse GitHub notifications to push malicious OAuth apps

https://www.bleepingcomputer.com/news/security/gitloker-attacks-abuse-github-notifications-to-push-malicious-oauth-apps/
Gitloker attacks abuse GitHub notifications to push malicious OAuth apps
4 Posts

Aanhoudende statelijke cyberspionagecampagne via kwetsbare edge devices | Nieuwsbericht | Nationaal Cyber Security Centrum

https://www.ncsc.nl/actueel/nieuws/2024/juni/10/aanhoudende-statelijke-cyberspionagecampagne-via-kwetsbare-edge-devices
Aanhoudende statelijke cyberspionagecampagne via kwetsbare edge devices | Nieuwsbericht | Nationaal Cyber Security Centrum
4 Posts

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/
TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers
4 Posts

Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale

https://thehackernews.com/2024/06/chinese-actor-secshow-conducts-massive.html
Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale
4 Posts

Pure Storage admits breach related to Snowflake workspace • The Register

https://go.theregister.com/feed/www.theregister.com/2024/06/11/pure_storage_snowflake_breach/
Pure Storage admits breach related to Snowflake workspace • The Register
4 Posts

Noodle RAT Reviewing the New Backdoor Used by Chinese-Speaking Groups | Trend Micro (US)

https://www.trendmicro.com/en_us/research/24/f/noodle-rat-reviewing-the-new-backdoor-used-by-chinese-speaking-g.html
Noodle RAT Reviewing the New Backdoor Used by Chinese-Speaking Groups | Trend Micro (US)
3 Posts

Moar Infosec Diagrams Pwease 🥹 - Jamie Williams - Medium

https://medium.com/@jwillyamz/moar-infosec-diagrams-pwease-8e7841109109
Moar Infosec Diagrams Pwease 🥹 - Jamie Williams - Medium
3 Posts

GitHub - dhinakg/aeota: AEA OTA/IPSW decryption

https://github.com/dhinakg/aeota
GitHub - dhinakg/aeota: AEA OTA/IPSW decryption
3 Posts

Cylance confirms data breach linked to 'third-party' platform

https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/
Cylance confirms data breach linked to 'third-party' platform
3 Posts

Netgear WNR614 flaws allow device takeover, no fix available

https://www.bleepingcomputer.com/news/security/netgear-wnr614-flaws-allow-device-takeover-no-fix-available/
Netgear WNR614 flaws allow device takeover, no fix available
3 Posts

SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver - SecurityWeek

https://www.securityweek.com/sap-patches-high-severity-vulnerabilities-in-financial-consolidation-netweaver/
SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver - SecurityWeek
3 Posts

An Introduction to Chrome Exploitation - Maglev Edition :: — uf0

https://www.matteomalvica.com/blog/2024/06/05/intro-v8-exploitation-maglev/
An Introduction to Chrome Exploitation - Maglev Edition :: — uf0
3 Posts

Going Native - Malicious Native Applications

https://www.protexity.com/post/going-native-malicious-native-applications
Going Native - Malicious Native Applications
3 Posts

BlackBerry Cylance Data Offered for Sale on Dark Web - SecurityWeek

https://www.securityweek.com/blackberry-cylance-data-offered-for-sale-on-dark-web/
BlackBerry Cylance Data Offered for Sale on Dark Web - SecurityWeek
3 Posts

The First Decade of Corporate Ransomware - YouTube

https://youtube.com/watch?v=Ap8gWBNQ24g
The First Decade of Corporate Ransomware - YouTube
3 Posts

Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs

https://www.bleepingcomputer.com/news/microsoft/microsoft-june-2024-patch-tuesday-fixes-51-flaws-18-rces/
Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
3 Posts

Arm warns of actively exploited flaw in Mali GPU kernel drivers

https://www.bleepingcomputer.com/news/security/arm-warns-of-actively-exploited-flaw-in-mali-gpu-kernel-drivers/
Arm warns of actively exploited flaw in Mali GPU kernel drivers
3 Posts

MalwareBazaar | SHA256 9a5538a418f9949f3064574d25e233510e4e49cac490238d0532f0ada0c7e587

https://bazaar.abuse.ch/sample/9a5538a418f9949f3064574d25e233510e4e49cac490238d0532f0ada0c7e587/
MalwareBazaar | SHA256 9a5538a418f9949f3064574d25e233510e4e49cac490238d0532f0ada0c7e587
3 Posts

Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs

https://www.elastic.co/security-labs/dipping-into-danger
Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs
3 Posts

Analyzing the security properties of a ZKTeco biometric terminal | Securelist

https://securelist.com/biometric-terminal-vulnerabilities/112800/
Analyzing the security properties of a ZKTeco biometric terminal | Securelist
3 Posts

23andMe data breach under joint investigation in two countries | Malwarebytes

https://www.malwarebytes.com/blog/news/2024/06/23andme-data-breach-under-joint-investigation-in-two-countries
23andMe data breach under joint investigation in two countries | Malwarebytes
3 Posts

JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens

https://www.bleepingcomputer.com/news/security/jetbrains-warns-of-intellij-ide-bug-exposing-github-access-tokens/
JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens
3 Posts

BrowserBruter: A powerful web form fuzzing automation tool

https://meterpreter.org/browserbruter-a-powerful-web-form-fuzzing-automation-tool/
BrowserBruter: A powerful web form fuzzing automation tool
3 Posts

Arm Warns of Exploited Kernel Driver Vulnerability - SecurityWeek

https://www.securityweek.com/arm-warns-of-exploited-kernel-driver-vulnerability/
Arm Warns of Exploited Kernel Driver Vulnerability - SecurityWeek
3 Posts

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

https://thehackernews.com/2024/06/arm-warns-of-actively-exploited-zero.html
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers