Mark Your Calendar: APT41 Innovative Tactics | Google Cloud Blog
https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics
BadSuccessor (@YuG0rd) previous-keys PoC with minikerberos-getDmsa (@skelsec) for all AD users and computers · GitHub
https://gist.github.com/snovvcrash/a1ae180ab3b49acb43da8fd34e7e93df
Project Zero: The Windows Registry Adventure #8: Practical exploitation of hive memory corruption
https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-8-exploitation.html
Interlock ransomware gang deploys new NodeSnake RAT on universities
https://www.bleepingcomputer.com/news/security/interlock-ransomware-gang-deploys-new-nodesnake-rat-on-universities/
Czechia blames China for Ministry of Foreign Affairs cyberattack
https://www.bleepingcomputer.com/news/security/czechia-blames-china-for-ministry-of-foreign-affairs-cyberattack/
Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack
https://thehackernews.com/2025/05/czech-republic-blames-china-linked.html
Microsoft wants Windows to update all software on your PC
https://www.bleepingcomputer.com/news/microsoft/microsoft-wants-windows-to-update-all-software-on-your-pc/
Apple blocked over $9 billion in App Store fraud in five years
https://www.bleepingcomputer.com/news/apple/apple-blocked-over-9-billion-in-apap-store-fraud-since-2020/
Automated Malware Analysis Report for buRkQrW8ve.exe - Generated by Joe Sandbox
https://www.joesandbox.com/analysis/1700622/0/html
Microsoft introduces new Windows backup tool for businesses
https://www.bleepingcomputer.com/news/microsoft/microsoft-introduces-new-windows-backup-tool-for-businesses/
MalwareBazaar | AgidCert
https://bazaar.abuse.ch/browse/tag/AgidCert/
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch
https://thehackernews.com/2025/05/251-amazon-hosted-ips-used-in-exploit.html
A walk down the learning curve - Google スライド
https://docs.google.com/presentation/d/1_3Iu74UijAjfSLHzqWDkDEaIwoB6WBSo9-mY5e0u0HM/edit?usp=drivesdk
From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign
https://thehackernews.com/2025/05/from-infection-to-access-24-hour.html
ThreatBook
https://threatbook.io/domain/24hrkpop.com
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File
https://thehackernews.com/2025/05/microsoft-onedrive-file-picker-flaw.html
Mimo Hackers Exploit CVE-2025-32432 in Craft CMS to Deploy Cryptominer and Proxyware
https://thehackernews.com/2025/05/mimo-hackers-exploit-cve-2025-32432-in.html
Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor
https://www.bleepingcomputer.com/news/security/botnet-hacks-9-000-plus-asus-routers-to-add-persistent-ssh-backdoor/
Dark Partners cybercrime gang fuels large-scale crypto heists
https://www.bleepingcomputer.com/news/security/dark-partners-cybercrime-gang-fuels-large-scale-crypto-heists/
Dissecting the macOS 'AppleProcessHub' Stealer: Technical Analysis of a Multi-Stage Attack
https://www.kandji.io/blog/macos-appleprocesshub-stealer
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage | Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog/2025/05/27/new-russia-affiliated-actor-void-blizzard-targets-critical-sectors-for-espionage/