Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization [CVE-2025-49113]
https://fearsoff.org/research/roundcube![Roundcube ≤ 1.6.10 Post-Auth RCE via PHP Object Deserialization [CVE-2025-49113]](/image/screenshot/2a0da79a1652b75b544fc730e4eb23c4.webp)
Dynamically Instrumenting Beacon With BeaconGate | Cobalt Strike
https://www.cobaltstrike.com/blog/instrumenting-beacon-with-beacongate-for-call-stack-spoofing
1 unread message
https://bishopfox.com/blog/2025-red-team-tools-c2-frameworks-active-directory-network-exploitation
Fireside Chat: Gentleman Hackers with Thomas Dullien - YouTube
https://youtu.be/qllU_B_Rmis?si=zgAFL5jy3QDPP0AN
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
https://thehackernews.com/2025/06/popular-chrome-extensions-leak-api-keys.html
Introduction to Threat Intelligence ETW
https://undev.ninja/introduction-to-threat-intelligence-etw/
ViLE gang members sentenced for DEA portal breach, extortion
https://www.bleepingcomputer.com/news/security/vile-gang-members-sentenced-for-breaching-law-enforcement-portal/
epf.atc23.pdf
https://cs.brown.edu/~vpk/papers/epf.atc23.pdf
BladedFeline: Whispering in the dark
https://www.welivesecurity.com/en/eset-research/bladedfeline-whispering-dark/
RedTeam Pentesting - Blog - The Ultimate Guide to Windows Coercion Techniques in 2025
https://blog.redteam-pentesting.de/2025/windows-coercion/
Hacker arrested for breaching 5,000 hosting accounts to mine crypto
https://www.bleepingcomputer.com/news/security/hacker-arrested-for-breaching-5-000-hosting-accounts-to-mine-crypto/
Interlock ransomware claims Kettering Health breach, leaks stolen data
https://www.bleepingcomputer.com/news/security/interlock-ransomware-claims-kettering-health-breach-leaks-stolen-data/
Hacker selling critical Roundcube webmail exploit as tech info disclosed
https://www.bleepingcomputer.com/news/security/hacker-selling-critical-roundcube-webmail-exploit-as-tech-info-disclosed/
Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware
https://thehackernews.com/2025/06/iran-linked-bladedfeline-hits-iraqi-and.html
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
https://www.mobile-hacker.com/2025/06/05/analysis-of-spyware-that-helped-to-compromise-a-syrian-army-from-within/
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
https://thehackernews.com/2025/06/critical-cisco-ise-auth-bypass-flaw.html
Germany fines Vodafone $51 million for privacy, security breaches
https://www.bleepingcomputer.com/news/security/germany-fines-vodafone-51-million-for-privacy-security-breaches/
YARA-X is stable!
https://virustotal.github.io/yara-x/blog/yara-x-is-stable/
Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands
https://thehackernews.com/2025/06/bitter-hacker-group-expands-cyber.html
Ukraine claims it hacked Tupolev, Russia’s strategic warplane maker
https://www.bleepingcomputer.com/news/security/ukraine-claims-it-hacked-tupolev-russias-strategic-warplane-maker/
Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal - SecurityWeek
https://www.securityweek.com/controversial-firms-cellebrite-and-corellium-announce-200-million-acquisition-deal/
Old AT&T data leak repackaged to link SSNs, DOBs to 49M phone numbers
https://www.bleepingcomputer.com/news/security/old-atandt-data-leak-repackaged-to-link-ssns-dobs-to-49m-phone-numbers/