AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security
https://www.oligo.security/blog/airborne
How to Find Origin IP of any Website Behind a WAF | by coffinxp | InfoSec Write-ups
https://infosecwriteups.com/how-to-find-origin-ip-of-any-website-behind-a-waf-c85095156ef7
exploits/MsTelnetServer_NTLM_Guest.txt at master · hackerhouse-opensource/exploits · GitHub
https://github.com/hackerhouse-opensource/exploits/blob/master/MsTelnetServer_NTLM_Guest.txt
EDR Analysis: Leveraging Fake DLLs, Guard Pages, and VEH for Enhanced Detection - RedOps - English
https://redops.at/en/blog/edr-analysis-leveraging-fake-dlls-guard-pages-and-veh-for-enhanced-detection
France ties Russian APT28 hackers to 12 cyberattacks on French orgs
https://www.bleepingcomputer.com/news/security/france-ties-russian-apt28-hackers-to-12-cyberattacks-on-french-orgs/
TheWizards APT group uses SLAAC spoofing to perform adversary-in-the-middle attacks
https://www.welivesecurity.com/en/eset-research/thewizards-apt-group-slaac-spoofing-adversary-in-the-middle-attacks/
Hannibal Stealer Malware Targets Crypto Wallets, VPNs, and Browser Data
https://securityonline.info/hannibal-stealer-malware-targets-crypto-wallets-vpns-and-browser-data/
.NET GAC and NIC hijacking for lateral movement - ...
https://williamknowles.io/net-gac-and-nic-hijacking-for-lateral-movement/
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
https://thehackernews.com/2025/04/chinese-hackers-abuse-ipv6-slaac-for.html
RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control
https://thehackernews.com/2025/04/ransomhub-went-dark-april-1-affiliates.html
Data Only Attack: Neutralizing EtwTi Provider - CNO Development Labs
https://web.archive.org/web/20210521094629/https://public.cnotools.studio/bring-your-own-vulnerable-kernel-driver-byovkd/exploits/data-only-attack-neutralizing-etwti-provider
Bitly | bit.ly/4jySkl1
https://bit.ly/MV2025CFP
Talks | SteelCon
https://www.steelcon.info/the-event/talk-schedule/
UK retailer Co-op shuts down some IT systems after hack attempt
https://www.bleepingcomputer.com/news/security/uk-retailer-co-op-shuts-down-some-it-systems-after-hack-attempt/
FBI shares massive list of 42,000 LabHost phishing domains
https://www.bleepingcomputer.com/news/security/fbi-shares-massive-list-of-42-000-labhost-phishing-domains/
Ascension discloses new data breach after third-party hacking incident
https://www.bleepingcomputer.com/news/security/ascension-discloses-new-data-breach-after-third-party-hacking-incident/
SonicWall: SMA100 VPN vulnerabilities now exploited in attacks
https://www.bleepingcomputer.com/news/security/sonicwall-sma100-vpn-vulnerabilities-now-exploited-in-attacks/
ThreatBook
https://threatbook.io/ip/185.174.102.21
Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations
https://thehackernews.com/2025/04/indian-court-orders-action-to-block.html
ksmbd: fix use-after-free in session logoff · torvalds/linux@2fc9fef · GitHub
https://github.com/torvalds/linux/commit/2fc9feff45d92a92cd5f96487655d5be23fb7e2b
Rust-for-Malware-Development/WaitingThreadHijacking at main · Whitecat18/Rust-for-Malware-Development · GitHub
https://github.com/Whitecat18/Rust-for-Malware-Development/tree/main/WaitingThreadHijacking
Commvault says recent breach didn't impact customer backup data
https://www.bleepingcomputer.com/news/security/commvault-says-recent-breach-didnt-impact-customer-backup-data/