CVE-2025-32717 - Security Update Guide - Microsoft - Microsoft Word Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32717
Dissecting CVE-2024-12695: Exploiting Object.assign() in V8 | Bugscale SA
https://bugscale.ch/blog/dissecting-cve-2024-12695-exploiting-object-assign-in-v8/
Google Cloud and Cloudflare hit by widespread service outages
https://www.bleepingcomputer.com/news/technology/google-cloud-and-cloudflare-hit-by-widespread-service-outages/
Evade Modern AVs in 2025 | MochaByte
https://mochabyte.xyz/posts/Evade-Modern-AVs-in-2025/
GitLab patches high severity account takeover, missing auth issues
https://www.bleepingcomputer.com/news/security/gitlab-patches-high-severity-account-takeover-missing-auth-issues/
Defense-Through-Offense Mindset: From a Taiwanese Hacker to the Engine of China’s Cybersecurity Industry
https://nattothoughts.substack.com/p/defense-through-offense-mindset-from
NTLM reflection is dead, long live NTLM reflection! – An in-depth
https://www.synacktiv.com/publications/ntlm-reflection-is-dead-long-live-ntlm-reflection-an-in-depth-analysis-of-cve-2025
GitHub - trustedsec/specula
https://github.com/trustedsec/specula
Trend Micro fixes critical vulnerabilities in multiple products
https://www.bleepingcomputer.com/news/security/trend-micro-fixes-six-critical-flaws-on-apex-central-endpoint-encryption-policyserver/
Fog ransomware attack uses unusual mix of legitimate and open-source tools
https://www.bleepingcomputer.com/news/security/fog-ransomware-attack-uses-unusual-mix-of-legitimate-and-open-source-tools/
“Localhost tracking” explained. It could cost Meta 32 billion.
https://www.zeropartydata.es/p/localhost-tracking-explained-it-could
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted - The Citizen Lab
https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/
MalwareBazaar | link-storjshare-io
https://bazaar.abuse.ch/browse/tag/link-storjshare-io/
Palo Alto Networks Patches Privilege Escalation Vulnerabilities - SecurityWeek
https://www.securityweek.com/palo-alto-networks-patches-privilege-escalation-vulnerabilities/
How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation – Sean Heelan's Blog
https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
https://www.bleepingcomputer.com/news/security/password-spraying-attacks-target-80-000-microsoft-entra-id-accounts/
Stack Cutting
https://tradecraftgarden.org/stackcutting.html
RedTeam Pentesting - Blog - A Look in the Mirror - The Reflective Kerberos Relay Attack
https://blog.redteam-pentesting.de/2025/reflective-kerberos-relay-attack/
GitHub - HackingLZ/IndicatorOfCanary: Canary Detection
https://github.com/HackingLZ/IndicatorOfCanary
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
https://www.bleepingcomputer.com/news/security/zero-click-ai-data-leak-flaw-uncovered-in-microsoft-365-copilot/
The Evolution of Linux Binaries in Targeted Cloud Operations
https://unit42.paloaltonetworks.com/elf-based-malware-targets-cloud/
GitHub - Stryker-Defense-Inc/strykerapp: Magic tool for pentest from your android device!
https://github.com/Stryker-Defense-Inc/strykerapp
Microsoft Edge now offers secure password deployment for businesses
https://www.bleepingcomputer.com/news/microsoft/microsoft-edge-now-offers-secure-password-sharing-for-businesses/
Millions of Vulnerabilities: One Checklist to Kill The Noise
https://securityautopsy.com/millions-of-vulnerabilities-one-checklist-to-kill-the-noise/
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
https://thehackernews.com/2025/06/over-80000-microsoft-entra-id-accounts.html