CVE-2025-53772 IIS WebDeploy RCE | HawkTrace
https://hawktrace.com/blog/cve-2025-53772
The Gentlemen Hackers interview: Thomas Dullien aka Halvar Flake - YouTube
https://youtu.be/rf_lN754ZBU
Three Lazarus RATs coming for your cheese – Fox-IT International blog
https://blog.fox-it.com/2025/09/01/three-lazarus-rats-coming-for-your-cheese/
Security Research Device - Apple Security Research
https://security.apple.com/research-device/
Analyzing NotDoor: Inside APT28’s Expanding Arsenal
https://lab52.io/blog/analyzing-notdoor-inside-apt28s-expanding-arsenal/
Hackers breach fintech firm in attempted $130M bank heist
https://www.bleepingcomputer.com/news/security/hackers-breach-fintech-firm-in-attempted-130m-bank-heist/
Hackers use new HexStrike-AI tool to rapidly exploit n-day flaws
https://www.bleepingcomputer.com/news/security/hackers-use-new-hexstrike-ai-tool-to-rapidly-exploit-n-day-flaws/
GitHub - alex3O/BYOVD-DriverKiller: Driver Reverse & Exploitation
https://github.com/alex3O/BYOVD-DriverKiller
Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations
https://thehackernews.com/2025/09/salesloft-takes-drift-offline-after.html
urlscan-cli - Use urlscan from the command line - Blog - urlscan.io
https://urlscan.io/blog/2025/09/02/cli-announcement/
Google fixes actively exploited Android flaws in September update
https://www.bleepingcomputer.com/news/security/google-fixes-actively-exploited-android-flaws-in-september-update/
RE//verse 2026: Call for Speakers @ Sessionize.com
https://sessionize.com/reverse-2026
US offers $10 million bounty for info on Russian FSB hackers
https://www.bleepingcomputer.com/news/security/us-offers-10-million-bounty-for-info-on-russian-fsb-hackers/
Secondary Context Path Traversal in Omnissa Workspace ONE UEM › Searchlight Cyber
https://slcyber.io/assetnote-security-research-center/secondary-context-path-traversal-in-omnissa-workspace-one-uem/
Threat Actors Weaponize HexStrike AI to Exploit Citrix Flaws Within a Week of Disclosure
https://thehackernews.com/2025/09/threat-actors-weaponize-hexstrike-ai-to.html
Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack
https://thehackernews.com/2025/09/android-security-alert-google-patches.html
Cloudflare hit by data breach in Salesloft Drift supply chain attack
https://www.bleepingcomputer.com/news/security/cloudflare-hit-by-data-breach-in-salesloft-drift-supply-chain-attack/
Disney to pay $10M to settle claims it collected kids’ data on YouTube
https://www.bleepingcomputer.com/news/security/disney-to-pay-10m-to-settle-claims-it-collected-kids-data-on-youtube/
Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack
https://thehackernews.com/2025/09/cloudflare-blocks-record-breaking-115.html
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
https://thehackernews.com/2025/09/iranian-hackers-exploit-100-embassy.html
DLL Sideloading for Initial Access – Red Team Operator's Guide | Print3M
https://print3m.github.io/blog/dll-sideloading-for-initial-access
Why You Suck at Bug Bounty Hunting (And How To Fix It) - YouTube
https://youtu.be/NH4VCau_5xI