I Backdoored Cursor AI - YouTube
https://youtu.be/FYok3diZY78
GitHub - xforcered/RemoteMonologue: Weaponizing DCOM for NTLM Authentication Coercions
https://github.com/xforcered/RemoteMonologue
Hackers lurked in Treasury OCC’s systems since June 2023 breach
https://www.bleepingcomputer.com/news/security/hackers-lurked-in-treasury-occs-systems-since-june-2023-breach/
Bypass WDAC WinDbg Preview - Cerbersec
https://cerbersec.com/2025/04/07/bypass-wdac-windbg-preview.html
Windows Remote Desktop Protocol: Remote to Rogue | Google Cloud Blog
https://cloud.google.com/blog/topics/threat-intelligence/windows-rogue-remote-desktop-protocol
[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start?
http://mdanilor.github.io/posts/hevd-0/![[Cracking Windows Kernel with HEVD] Chapter 0: Where do I start?](/image/screenshot/a172963b5a786fa8082642565631a06b.webp)
[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash?
http://mdanilor.github.io/posts/hevd-1/![[Cracking Windows Kernel with HEVD] Chapter 1: Will this driver ever crash?](/image/screenshot/fea8c0794c63cf71735f8d53ed55511d.webp)
[Cracking Windows Kernel with HEVD] Chapter 2: Is there a way to bypass kASLR, SMEP and KVA Shadow?
http://mdanilor.github.io/posts/hevd-2/![[Cracking Windows Kernel with HEVD] Chapter 2: Is there a way to bypass kASLR, SMEP and KVA Shadow?](/image/screenshot/e5771b51ebd36b7ccc53018e38126836.webp)
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
https://thehackernews.com/2025/04/google-releases-android-update-to-patch.html
New Mirai botnet behind surge in TVT DVR exploitation
https://www.bleepingcomputer.com/news/security/new-mirai-botnet-behind-surge-in-tvt-dvr-exploitation/
A miner and the ClipBanker Trojan being distributed via SourceForge | Securelist
https://securelist.com/miner-clipbanker-sourceforge-campaign/116088/
Microsoft: Windows CLFS zero-day exploited by ransomware gang
https://www.bleepingcomputer.com/news/security/microsoft-windows-clfs-zero-day-exploited-by-ransomware-gang/
GitHub - mr-r3b00t/crime-mapper: A tool for mapping cyber crime
https://github.com/mr-r3b00t/crime-mapper
WhatsApp flaw can let attackers run malicious code on Windows PCs
https://www.bleepingcomputer.com/news/security/whatsapp-flaw-can-let-attackers-run-malicious-code-on-windows-pcs/
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk - SecurityWeek
https://www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk/
Fake Microsoft Office add-in tools push malware via SourceForge
https://www.bleepingcomputer.com/news/security/fake-microsoft-office-add-in-tools-push-malware-via-sourceforge/
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2025-patch-tuesday-fixes-exploited-zero-day-134-flaws/
The 'Invisibility Cloak' - Slash-Proc Magic | dfir.ch
https://dfir.ch/posts/slash-proc/
Malicious VSCode extensions infect Windows with cryptominers
https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-infect-windows-with-cryptominers/
Hiding Linux Processes with Bind Mounts – Righteous IT
https://righteousit.com/2024/07/24/hiding-linux-processes-with-bind-mounts/