11/25
11/26
11/27
8 Posts

Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on Security

https://krebsonsecurity.com/2025/11/meet-rey-the-admin-of-scattered-lapsus-hunters/
Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’ – Krebs on Security
6 Posts

TROOPERS25: Revisiting Cross Session Activation attacks - YouTube

https://m.youtube.com/watch?v=7bPzqEiO6Tk&list=PL1eoQr97VfJmSBNAP-n5cs81ScoZ0lKrF&index=33&pp=iAQB
TROOPERS25: Revisiting Cross Session Activation attacks - YouTube
4 Posts

How NTLM is being abused in 2025 cyberattacks | Securelist

https://securelist.com/ntlm-abuse-in-2025/118132/
How NTLM is being abused in 2025 cyberattacks | Securelist
4 Posts

Mythic for Developers - YouTube

https://www.youtube.com/playlist?list=PLJK0fZNGiFU_iJI2A8S5OdloTDexi5zs8
Mythic for Developers - YouTube
3 Posts

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

https://thehackernews.com/2025/11/fbi-reports-262m-in-ato-fraud-as.html
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
3 Posts

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist

https://thehackernews.com/2025/11/qilin-ransomware-turns-south-korean-msp.html
Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist
3 Posts

shell-exec - npm Package Security Analysis - Socket

https://socket.dev/npm/package/shell-exec/overview/1.1.3
shell-exec - npm Package Security Analysis - Socket
3 Posts

ASUS warns of new critical auth bypass flaw in AiCloud routers

https://www.bleepingcomputer.com/news/security/asus-warns-of-new-critical-auth-bypass-flaw-in-aicloud-routers/
ASUS warns of new critical auth bypass flaw in AiCloud routers
3 Posts

Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City - SecurityWeek

https://www.securityweek.com/russian-hackers-target-us-engineering-firm-because-of-work-done-for-ukrainian-sister-city/
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City - SecurityWeek
3 Posts

Exploiting CVE-2025-21479 on a Samsung S23

https://xploitbengineer.github.io/CVE-2025-21479
Exploiting CVE-2025-21479 on a Samsung S23
3 Posts

FlexibleFerret: macOS Malware Deploys in Fake Job Scams

https://www.jamf.com/blog/flexibleferret-malware-continues-to-adapt/
FlexibleFerret: macOS Malware Deploys in Fake Job Scams
3 Posts

In-Depth Analysis: Water Gamayun APT Multi-Stage Attack Uncovered

https://www.zscaler.com/blogs/security-research/water-gamayun-apt-attack
In-Depth Analysis: Water Gamayun APT Multi-Stage Attack Uncovered
3 Posts

Bloody Wolf: A Blunt Crowbar Threat To Justice | Group-IB Blog

https://www.group-ib.com/blog/bloody-wolf/
Bloody Wolf: A Blunt Crowbar Threat To Justice | Group-IB Blog
3 Posts

Microsoft to secure Entra ID sign-ins from script injection attacks

https://www.bleepingcomputer.com/news/microsoft/microsoft-to-secure-entra-id-sign-ins-from-external-script-injection-attacks/
Microsoft to secure Entra ID sign-ins from script injection attacks
3 Posts

Microsoft: Security keys may prompt for PIN after recent updates

https://www.bleepingcomputer.com/news/microsoft/microsoft-fido2-security-keys-may-prompt-for-pin-after-recent-windows-updates/
Microsoft: Security keys may prompt for PIN after recent updates