AI browser risks demonstrated by PoC sidebar spoofing attack
submitted by /u/NISMO1968 [link] [comments]
Articles tagged with: #incident
Clear filter
Bypassing ASLR and Hijacking Control
Published an article explaining how to exploit buffer overflow and hijack RIP in a PIE/ASLR binary. https://0x4b1t.github.io/articles/buffer-overflow-to-control-hijacking-in-aslr-enabled-binary/ submitted by /u/Kris3c [link] [comments]
Developer to Red Team path (Maldev + Adversary Emulation) - planning CPTS, need guidance
Hey everyone, I'm currently working as a software developer, but my long-term goal is to move into Red Teaming, focusing on malware development and adversary emulation. I've started self-learning cybersecurity concepts and now planning to take the CPTS certification (from Hack the Box). My plan is to build a strong foundation in penetration testing and then slowly move toward red team operations and maldev. My questions: Is CPTS a good starting point for someone with a dev background? After...
Why am I getting so many Policy updated emails from different companies that i have accounts in?
Is it because of a recent cyber hack or because of GenAI integration? I got so many I am not even kidding. And suspiciously all of them were in the past few weeks. submitted by /u/AccomplishedBear7606 [link] [comments]
Vault Viper Exploits Online Gambling Websites Using Custom Browser to Install Malicious Program
Southeast Asia's online gambling ecosystem has become a breeding ground for sophisticated cyber threats, with criminal networks leveraging seemingly legitimate platforms to distribute malicious software to millions of unsuspecting users. A recently uncovered operation demonstrates how threat actors exploit the region's thriving illegal gambling market by deploying a weaponized browser disguised as a privacy tool.
CTF compilation
Bitkavach is proud to launch its very first CTF event! Whether you're a complete beginner or a seasoned pro, dive in to crack puzzles, breach systems, and have a jolly good time with the hacker community. Don't miss out - register now! submitted by /u/DullExercise8354 [link] [comments]
5 Deception Solutions that are Changing the Cybersecurity Game
Cyber attackers are using new ways to breach systems, making threats hard to detect. Traditional tools like firewalls alone can't keep up. That's where cyber deception steps in! Using traps and decoys that lure and mislead attackers, deception technology allows security teams to capture attackers even before intrusion, speed up the response, and reduce damage. Why Deception Technology Matters
New Phishing Attack Bypasses Using UUIDs Unique to Bypass Secure Email Gateways
A sophisticated phishing campaign leveraging randomly generated Universal Unique Identifiers (UUIDs) has emerged, successfully bypassing Secure Email Gateways (SEGs) and evading perimeter defenses. The attack employs an advanced JavaScript-based phishing script combining random domain selection, dynamic UUID generation, and server-driven page replacement to steal credentials. Unlike conventional phishing operations relying on static redirects, this campaign
New CoPhish attack steals OAuth tokens via Copilot Studio agents
A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.
Malicious NuGet Packages Mimic as Popular Nethereum Project to Steal Wallet Keys
A sophisticated supply chain attack has emerged targeting cryptocurrency developers through the NuGet package ecosystem. Cybersecurity researchers have uncovered malicious packages impersonating Nethereum, a widely trusted .NET library for Ethereum blockchain interactions with tens of millions of downloads. The counterfeit packages, identified as Netherеum.All and NethereumNet, employ advanced obfuscation techniques to exfiltrate sensitive wallet credentials
YouTube Ghost Malware Network With 3,000+ Malicious Videos Attacking Users to Deploy Malware
A sophisticated malware distribution campaign leveraging over 3,000 malicious YouTube videos has been uncovered, targeting users seeking pirated software and game cheats. The YouTube Ghost Network represents a coordinated ecosystem of compromised accounts that exploit platform features to distribute information-stealing malware while creating false trust through fabricated engagement. Active since 2021, the network has dramatically
New Text Message Based Phishing Attack from China Targeting Users Around the Globe
A sophisticated text message phishing campaign originating from China has emerged as one of the most extensive cybersecurity threats targeting users worldwide. The operation, attributed to a threat collective known as the Smishing Triad, represents a massive escalation in SMS-based fraud, impersonating services across banking, healthcare, law enforcement, e-commerce, and government sectors. What began as
Account takeover exploit write-up for Magento SessionReaper
submitted by /u/AdAccording4827 [link] [comments]
Decoding PIN-Protected BitLocker Through TPM SPI Analysis To Decrypt And Mount The Disks
BitLocker keys without PIN protection, where attackers could exploit stolen laptops, researchers now delve into PIN-secured setups, targeting insider threats seeking SYSTEM-level access. This technique involves intercepting TPM communications via SPI bus analysis, revealing how even PIN-hardened BitLocker can yield to physical probing with known credentials. While no true bypass occurs, the method unlocks drives
New Malware Attack Using Variable Functions and Cookies to Evade and Hide Their Malicious Scripts
A sophisticated malware campaign targeting WordPress sites has emerged, utilizing PHP variable functions and cookie-based obfuscation to evade traditional security detection mechanisms. The attack represents an evolution in obfuscation techniques, where threat actors fragment malicious code across multiple HTTP cookies and dynamically reconstruct executable functions at runtime. This approach makes static analysis significantly more challenging,
Docker Hub Incident Report - October 20, 2025
Docker experienced significant disruptions due to a widespread outage in AWS's US-East-1 region on October 20, 2025. Developers worldwide rely on Docker as part of their daily workflow, and we regret the disruption this caused. In this post, we want to provide transparency about what happened, what we have learned, and how we are strengthening
TransparentTribe Attack Linux-Based Systems of Indian Military Organizations to Deliver DeskRAT
TransparentTribe, a Pakistani-nexus intrusion set active since at least 2013, has intensified its cyber espionage operations targeting Linux-based systems of Indian military and defense organizations. The campaign, initially documented in July 2025 by CYFIRMA with activity traced back to June 2025, has evolved significantly with the development of a sophisticated Golang-based remote access trojan dubbed
AI+Cybersecurity Certification
Hi all, I'm looking into a new path for my cybersecurity career and was wondering if anyone here has explored AI Security certifications or learning paths. I'm almost done with my OSCP, and I've mostly been focused on offensive security so far (labs, Hack The Box, homelab work, etc.). Recently though, I've been really interested in how AI and cybersecurity intersect. I'm still junior in the field (less than 2 years of experience), so I don't qualify yet for management-level certs like AAISM or...
Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation
The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42. "Although these domains are registered through a Hong Kong-based registrar and use Chinese nameservers, the attack infrastructure is
Warlock Ransomware Actors Exploiting Sharepoint ToolShell Zero-Day Vulnerability in New Attack Wave
The cybersecurity landscape experienced a significant shift in July 2025 when threat actors associated with Warlock ransomware began exploiting a critical zero-day vulnerability in Microsoft SharePoint. Discovered on July 19, 2025, the ToolShell vulnerability, tracked as CVE-2025-53770, became a primary vector for deploying the notorious Warlock ransomware across multiple organizations globally. This exploitation marked a