Updates | MITRE ATT&CK®
https://attack.mitre.org/resources/updates/
SK Telecom warns customer USIM data exposed in malware attack
https://www.bleepingcomputer.com/news/security/sk-telecom-warns-customer-usim-data-exposed-in-malware-attack/
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
https://thehackernews.com/2025/04/lotus-panda-hacks-se-asian-governments.html
Microsoft Entra account lockouts caused by user token logging mishap
https://www.bleepingcomputer.com/news/microsoft/microsoft-entra-account-lockouts-caused-by-user-token-logging-mishap/
Cookie-Bite attack PoC uses Chrome extension to steal session tokens
https://www.bleepingcomputer.com/news/security/cookie-bite-attack-poc-uses-chrome-extension-to-steal-session-tokens/
Marks & Spencer confirms a cyberattack as customers face delayed orders
https://www.bleepingcomputer.com/news/security/marks-and-spencer-confirms-a-cyberattack-as-customers-face-delayed-orders/
SSD Advisory - Linux kernel hfsplus slab-out-of-bounds Write - SSD Secure Disclosure
https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/
Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms' sites
https://securityaffairs.com/176776/hacking/japan-s-financial-services-agency-warns-of-unauthorized-trades.html
SSL.com Scrambles to Patch Certificate Issuance Vulnerability - SecurityWeek
https://www.securityweek.com/ssl-com-scrambles-to-patch-certificate-issuance-vulnerability/
MalwareBazaar | SHA256 76f69eda4404d2b34e8c169dc5caff15db494cba09bb837ecfeab11c430131db (AsyncRAT)
https://bazaar.abuse.ch/sample/76f69eda4404d2b34e8c169dc5caff15db494cba09bb837ecfeab11c430131db/
PSA: Don’t let The Elder Scrolls Online delete your files and folders! | Gamer Horizon
https://gamerhorizon.com/2015/01/28/psa-dont-let-elder-scrolls-online-delete-files-folders/
Hackers abuse Zoom remote control feature for crypto-theft attacks
https://www.bleepingcomputer.com/news/security/hackers-abuse-zoom-remote-control-feature-for-crypto-theft-attacks/
Active! Mail RCE flaw exploited in attacks on Japanese orgs
https://www.bleepingcomputer.com/news/security/active-mail-rce-flaw-exploited-in-attacks-on-japanese-orgs/
Windows Defender antivirus bypass in 2025 - part 2
https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-2/
ZAP – ZAP Wins Inaugural DefectDojo Award for Open-Source Cybersecurity
https://www.zaproxy.org/blog/2025-04-22-zap-wins-inaugural-defectdojo-award-for-open-source/
Microsoft Recall on Copilot+ PC: testing the security and privacy implications | by Kevin Beaumont | Apr, 2025 | DoublePulsar
https://doublepulsar.com/microsoft-recall-on-copilot-pc-testing-the-security-and-privacy-implications-ddb296093b6c
Proxying Your Way to Code Execution – A Different Take on DLL Hijacking - Black Hills Information Security, Inc.
https://www.blackhillsinfosec.com/a-different-take-on-dll-hijacking/
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet
https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet