Project Zero: Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)
https://googleprojectzero.blogspot.com/2025/01/windows-exploitation-tricks-trapping.html
Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog
https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
New Syncjacking attack hijacks devices using Chrome extensions
https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/
DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
https://thehackernews.com/2025/01/deepseek-ai-database-exposed-over-1.html
Police seizes Cracked and Nulled hacking forum servers, arrests suspects
https://www.bleepingcomputer.com/news/security/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects/
Exploring Heap Exploitation Mechanisms: Understanding the House of Force Technique
https://www.darkrelay.com/post/exploring-heap-exploitation-mechanisms-understanding-the-house-of-force-technique
New Aquabotv3 botnet malware targets Mitel command injection flaw
https://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/
Major GitHub outage affects pull requests and other services
https://www.bleepingcomputer.com/news/technology/major-github-outage-affects-pull-requests-and-other-services/
Tear Down The Castle - Part 2 | dfir.ch
https://dfir.ch/posts/tear_down_castle_part_two/
Solana Pump.fun tool DogWifTool compromised to drain wallets
https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/
DeepSeek exposes database with over 1 million chat records
https://www.bleepingcomputer.com/news/security/deepseek-ai-exposed-databases-with-user-chat-history-api-keys/
Tria stealer targets Android users for SMS exfiltration and financial gain | Securelist
https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
https://thehackernews.com/2025/01/google-over-57-nation-state-threat.html
404: NOT_FOUND
https://iotsrg.org/blog/unlocking-full-shell-functionality-uart-rx-mitigation-bypass-on-tl-wr841n
Lightning AI Studio Vulnerability Allowed RCE via Hidden URL Parameter
https://thehackernews.com/2025/01/lightning-ai-studio-vulnerability.html
Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics
https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/
「情報セキュリティ10大脅威 2025」を決定 | プレスリリース | IPA 独立行政法人 情報処理推進機構
https://www.ipa.go.jp/pressrelease/2024/press20250130.html
ペネトレーションテストはどこまでやればいい? | LAC WATCH
https://www.lac.co.jp/lacwatch/service/20250130_004261.html
Adversarial Misuse of Generative AI | Google Cloud Blog
https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
https://thehackernews.com/2025/01/unpatched-php-voyager-flaws-leave.html
DeepSeek database left open, exposing sensitive info • The Register
https://go.theregister.com/feed/www.theregister.com/2025/01/30/deepseek_database_left_open/