Over 29,000 Exchange servers unpatched against high-severity flaw
https://www.bleepingcomputer.com/news/security/over-29-000-exchange-servers-unpatched-against-high-severity-flaw/
GitHub - praetorian-inc/ChromeAlone: A tool to transform Chromium browsers into a C2 Implant
https://github.com/praetorian-inc/chromealone
Conferences/BlackHat_USA_2025_Slides at main · onhexgroup/Conferences · GitHub
https://github.com/onhexgroup/Conferences/tree/main/BlackHat_USA_2025_Slides
Connex Credit Union data breach impacts 172,000 members
https://www.bleepingcomputer.com/news/security/connex-credit-union-discloses-data-breach-impacting-172-000-people/
Details emerge on WinRAR zero-day attacks that infected PCs with malware
https://www.bleepingcomputer.com/news/security/details-emerge-on-winrar-zero-day-attacks-that-infected-pcs-with-malware/
GitHub - hunters-sec/CVE-2025-55188-7z-exploit: 7z exploit POC versions prior to 25.01
https://github.com/hunters-sec/CVE-2025-55188-7z-exploit
Quentin%20Roland%20Wilfried%20Bécard%20-%20Turning%20your%20Active%20Directory%20into%20the%20attacker’s%20C2%20modern%20Group%20Policy%20Objects%20enumeration%20and%20exploitation.pdf
https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Quentin%20Roland%20Wilfried%20B%C3%A9card%20-%20Turning%20your%20Active%20Directory%20into%20the%20attacker%E2%80%99s%20C2%20modern%20Group%20Policy%20Objects%20enumeration%20and%20exploitation.pdf
Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
https://www.bleepingcomputer.com/news/security/netherlands-citrix-netscaler-flaw-cve-2025-6543-exploited-to-breach-orgs/
しばらくお待ちください...
https://thehackernews.com/2025/08/winrar-zero-day-under-active.html
'Chairmen' of $100 million scam operation extradited to US
https://www.bleepingcomputer.com/news/security/us-charges-ghanaians-linked-to-theft-of-100-million-in-romance-scams-bec-attacks/
BadCam: Turning Linux Webcams Into BadUSB Attack Tools - Eclypsium | Supply Chain Security for the Modern Enterprise
https://eclypsium.com/blog/badcam-now-weaponizing-linux-webcams/
Flaws in Major Automaker's Dealership Systems Allowed Car Hacking, Personal Data Theft - SecurityWeek
https://www.securityweek.com/flaws-in-major-automakers-dealership-systems-allowed-car-hacking-personal-data-theft/
Fight Chat Control - Protect Digital Privacy in the EU
https://fightchatcontrol.eu/
Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada - SecurityWeek
https://www.securityweek.com/russian-hackers-exploited-winrar-zero-day-in-attacks-on-europe-canada/
Odyssey Stealer Malware Attacks macOS Users
https://www.forcepoint.com/blog/x-labs/odyssey-stealer-attacks-macos-users
ipcz bug can allow renderer duplicate browser process handle to escape sandbox [412578726] - Chromium
https://issues.chromium.org/issues/412578726![ipcz bug can allow renderer duplicate browser process handle to escape sandbox [412578726] - Chromium](/image/screenshot/b6af5b485b3c3a518fde03461d4186a2.webp)
MuddyWater’s DarkBit ransomware cracked for free data recovery
https://www.bleepingcomputer.com/news/security/muddywaters-darkbit-ransomware-cracked-for-free-data-recovery/
Sleepless Strings - Template Injection in Insomnia
https://tantosec.com/blog/2025/06/insomnia-api-client-template-injection/
MacOS hacking part 8: dlopen() code loading + finding target PIDs. Simple C (Intel, ARM) examples - cocomelonc
https://cocomelonc.github.io/macos/2025/08/10/malware-mac-8.html