YARA-X is stable!
https://virustotal.github.io/yara-x/blog/yara-x-is-stable/
Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker
https://www.bleepingcomputer.com/news/security/ukraine-claims-it-hacked-tupolev-russias-strategic-warplane-maker/
Postgresql JDBC Attack and Stuff | 素十八
https://su18.org/post/postgresql-jdbc-attack-and-stuff/
XSS like you’ve never seen before - YouTube
http://youtube.com/watch?v=RLyhPGsEMz4
Coinbase breach tied to bribed TaskUs support agents in India
https://www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/
Volunteer | AppSecVillage
https://www.appsecvillage.com/volunteer
Hacker targets other hackers and gamers with backdoored GitHub code
https://www.bleepingcomputer.com/news/security/hacker-targets-other-hackers-and-gamers-with-backdoored-github-code/
Cisco warns of ISE and CCP flaws with public exploit code
https://www.bleepingcomputer.com/news/security/cisco-warns-of-ise-and-ccp-flaws-with-public-exploit-code/
Spying On Screen Activity Using Chromium Browsers | mr.d0x
https://mrd0x.com/spying-with-chromium-browsers-screensharing/
About the security content of Safari 18.4 - Apple Support
https://support.apple.com/en-us/122379#:~:text=Impact%3A%20A%20website%20may%20be%20able%20to%20bypass%20Same%20Origin%20Policy
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
https://thehackernews.com/2025/06/hpe-issues-security-patch-for-storeonce.html
Hewlett Packard Enterprise warns of critical StoreOnce auth bypass
https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-warns-of-critical-storeonce-auth-bypass/
BidenCash carding market domains seized in international operation
https://www.bleepingcomputer.com/news/security/bidencash-carding-market-domains-seized-in-international-operation/
API Hacking - Cracking JWT Tokens · Learn my offensive security tradecraft
https://www.ghostlulz.com/blog/api-hacking-cracking-jwt-tokens
Understanding Syscalls: Direct, Indirect, and Cobalt Strike Implementation - d01a
https://d01a.github.io/syscalls/
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
https://thehackernews.com/2025/06/chaos-rat-malware-targets-windows-and.html
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
https://thehackernews.com/2025/06/google-exposes-vishing-group-unc6040.html
FBI warns of NFT airdrop scams targeting Hedera Hashgraph wallets
https://www.bleepingcomputer.com/news/security/fbi-warns-of-nft-airdrop-scams-targeting-hedera-hashgraph-wallets/
Root Shell on Credit Card Terminal
https://stefan-gloor.ch/yomani-hack
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
https://thehackernews.com/2025/06/malicious-pypi-npm-and-ruby-packages.html
Malware development part 3 - anti-debugging – 0xPat blog – Red/purple teamer
https://0xpat.github.io/Malware_development_part_3/
Pre Account Takeover · Learn my offensive security tradecraft
https://www.ghostlulz.com/blog/pre-account-takeover
Google: Hackers target Salesforce accounts in data extortion attacks
https://www.bleepingcomputer.com/news/security/google-hackers-target-salesforce-accounts-in-data-extortion-attacks/
Kerberos AS-REP roasting attacks: What you need to know
https://www.bleepingcomputer.com/news/security/kerberos-as-rep-roasting-attacks-what-you-need-to-know/