GoldMelody’s Hidden Chords: Initial Access Broker In-Memory IIS Modules Revealed
https://unit42.paloaltonetworks.com/initial-access-broker-exploits-leaked-machine-keys/
New ServiceNow flaw lets attackers enumerate restricted data
https://www.bleepingcomputer.com/news/security/new-servicenow-flaw-lets-attackers-enumerate-restricted-data/
How to Install Gemini CLI on Android using Termux
https://www.mobile-hacker.com/2025/07/09/how-to-install-gemini-cli-on-android-using-termux/
Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks
https://thehackernews.com/2025/07/chinese-hacker-xu-zewei-arrested-for.html
GitHub - Wh04m1001/CVE-2025-48799
https://github.com/Wh04m1001/CVE-2025-48799
ASP.NET | Open-source web framework for .NET
http://ASP.NET
Bitcoin Depot breach exposes data of nearly 27,000 crypto users
https://www.bleepingcomputer.com/news/security/bitcoin-depot-breach-exposes-data-of-nearly-27-000-crypto-users/
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
https://thehackernews.com/2025/07/microsoft-patches-130-vulnerabilities.html
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
https://thehackernews.com/2025/07/us-sanctions-north-korean-andariel.html
Treasury sanctions North Korean over IT worker malware scheme
https://www.bleepingcomputer.com/news/legal/treasury-sanctions-north-korean-over-it-worker-malware-scheme/
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
https://thehackernews.com/2025/07/gold-melody-iab-exploits-exposed-aspnet.html
Red Team - Compromising Critical Infrastructure by Reversing SCADA Software | vrls.ws
https://vrls.ws/posts/2025/04/red-team-compromising-critical-infrastructure-by-reversing-scada-software/
Office of Public Affairs | Justice Department Announces Arrest of Prolific Chinese State-Sponsored Contract Hacker | United States Department of Justice
https://www.justice.gov/opa/pr/justice-department-announces-arrest-prolific-chinese-state-sponsored-contract-hacker
Ingram Micro starts restoring systems after ransomware attack
https://www.bleepingcomputer.com/news/security/ingram-micro-starts-restoring-systems-after-ransomware-attack/
Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday - SecurityWeek
https://www.securityweek.com/microsoft-patches-130-vulnerabilities-for-july-2025-patch-tuesday/
CVE-2025-49699 - Security Update Guide - Microsoft - Microsoft Office Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49699
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
https://thehackernews.com/2025/07/donot-apt-expands-operations-targets.html
Log in to X / X
https://x.com/iok
Off-By-One 2025 Day 1: Sergei Volokitin: Exploitation Against the Clock: Xiaomi S3 Smartwatch - YouTube
https://www.youtube.com/watch?v=55yciJgP3Uk
Ruckus Networks leaves severe flaws unpatched in management devices
https://www.bleepingcomputer.com/news/security/ruckus-networks-leaves-severe-flaws-unpatched-in-management-devices/