Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2024/06/11/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/
From Limited file read to full access on Jenkins (CVE-2024-23897) | Ahmed Sherif
https://xphantom.nl/posts/crypto-attack-jenkins/
VirusTotal - File - ca0dfda9a329f5729b3ca07c6578b3b6560e7cfaeff8d988d1fe8c9ca6896da5
https://www.virustotal.com/gui/file/ca0dfda9a329f5729b3ca07c6578b3b6560e7cfaeff8d988d1fe8c9ca6896da5
Sitting Ducks DNS attacks let hackers hijack over 35,000 domains
https://www.bleepingcomputer.com/news/security/sitting-ducks-dns-attacks-let-hackers-hijack-over-35-000-domains/
Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
https://thehackernews.com/2024/08/hackers-distributing-malicious-python.html
New Android Banking Trojan BingoMod Steals Money, Wipes Devices
https://thehackernews.com/2024/08/new-android-banking-trojan-bingomod.html
Our audit of Homebrew | Trail of Bits Blog
https://blog.trailofbits.com/2024/07/30/our-audit-of-homebrew/
BingoMod Android RAT steals money from victims' bank accounts and wipes data
https://securityaffairs.com/166410/malware/bingomod-android-rat.html
UK takes down major 'Russian Coms' caller ID spoofing platform
https://www.bleepingcomputer.com/news/security/uk-takes-down-russian-comms-caller-id-spoofing-platform-used-to-scam-170-000-people/
Credit card users get mysterious shopify-charge.com charges
https://www.bleepingcomputer.com/news/security/credit-card-users-get-mysterious-shopify-chargecom-charges/
CISA Names First Chief Artificial Intelligence Officer | CISA
https://go.dhs.gov/3bq
Hardwear.io USA 2024: Building A Silicon Analysis Toolkit - Hash Salehi - YouTube
https://www.youtube.com/watch?v=e2nz3vUUs30
Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware
https://thehackernews.com/2024/08/google-chrome-adds-app-bound-encryption.html
What is this charge for? — Shopify
http://shopify-charge.com
FBI warns of scammers posing as crypto exchange employees
https://www.bleepingcomputer.com/news/security/fbi-warns-of-scammers-posing-as-crypto-exchange-employees/
APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike
https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/
Hackers abuse free TryCloudflare to deliver remote access malware
https://www.bleepingcomputer.com/news/security/hackers-abuse-free-trycloudflare-to-deliver-remote-access-malware/
Facebook Ads Lead to Fake Websites Stealing Credit Card Information
https://thehackernews.com/2024/08/facebook-ads-lead-to-fake-websites.html
StackExchange abused to spread malicious PyPi packages as answers
https://www.bleepingcomputer.com/news/security/stackexchange-abused-to-spread-malicious-pypi-packages-as-answers/
BingoMod Android RAT Wipes Devices After Stealing Money - SecurityWeek
https://www.securityweek.com/bingomod-android-rat-wipes-devices-after-stealing-money/
Cencora confirms patient health info stolen in February attack
https://www.bleepingcomputer.com/news/security/cencora-confirms-patient-health-info-stolen-in-february-attack/
EM Fault Injection : Successful glitching the NXP LPC2388 - YouTube
https://youtu.be/tcqLgjmzUzM
Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique
https://thehackernews.com/2024/08/over-1-million-domains-at-risk-of.html
LayeredSyscall - Abusing VEH to Bypass EDRs | White Knight Labs
https://whiteknightlabs.com/2024/07/31/layeredsyscall-abusing-veh-to-bypass-edrs/
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances - SecurityWeek
https://www.securityweek.com/exploited-vulnerability-could-impact-20k-internet-exposed-vmware-esxi-instances/