Fake SBI Reward APK Targets Victims with Trojan via WhatsApp

The Combined Cipher Machine

https://www.schneier.com/blog/archives/2025/03/the-combined-cipher-machine.html

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

https://krebsonsecurity.com/2025/02/u-s-soldier-charged-in-att-hack-searched-can-hacking-be-treason/

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

https://krebsonsecurity.com/2025/02/notorious-malware-spam-host-prospero-moves-to-kaspersky-lab/

Chinese espionage tools deployed in RA World ransomware attack

https://www.bleepingcomputer.com/news/security/chinese-espionage-tools-deployed-in-ra-world-ransomware-attack/

Hacker leaks account data of 12 million Zacks Investment users

https://www.bleepingcomputer.com/news/security/hacker-leaks-account-data-of-12-million-zacks-investment-users/

CISA Identifies Five New Vulnerabilities Currently Being Exploited

https://www.schneier.com/blog/archives/2025/03/cisa-identifies-five-new-vulnerabilities-currently-being-exploited.html

CVE-2025-26776 (CVSS 10) in Chaty Pro Plugin Exposes Thousands of WordPress Sites to Takeover

https://securityonline.info/cve-2025-26776-cvss-10-in-chaty-pro-plugin-exposes-thousands-of-wordpress-sites-to-takeover/

CVE-2025-25012 (CVSS 9.9): Critical Code Execution Vulnerability Patched in Elastic Kibana

https://securityonline.info/cve-2025-25012-cvss-9-9-critical-code-execution-vulnerability-patched-in-elastic-kibana/

CVE-2024-12284 in NetScaler Console Exposes Systems to Unauthorized Command Execution

https://securityonline.info/cve-2024-12284-in-netscaler-console-exposes-systems-to-unauthorized-command-execution/

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS

https://www.bleepingcomputer.com/news/security/hackers-exploit-authentication-bypass-in-palo-alto-networks-pan-os/

Everyday Ghidra: How Platform Choice Influences Ghidra’s Binary Analysis

https://www.reddit.com/r/netsec/comments/1isfypx/everyday_ghidra_how_platform_choice_influences/

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

http://www.kitploit.com/2024/09/dockerspy-dockerspy-searches-for-images.html

ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again

http://www.kitploit.com/2024/09/modtracer-modtracer-finds-hidden-linux.html

Psobf - PowerShell Obfuscator

http://www.kitploit.com/2024/09/psobf-powershell-obfuscator.html

BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook

http://www.kitploit.com/2024/09/byosi-evade-edrs-simple-way-by-not.html

60-pages guide on how to use Bettercap on Android

https://www.reddit.com/r/netsec/comments/1iun5by/60pages_guide_on_how_to_use_bettercap_on_android/

Trying to Exploit My Old Android Device, take 1

https://www.reddit.com/r/netsec/comments/1h2a0kx/trying_to_exploit_my_old_android_device_take_1/

Introduction to Fuzzing Android Native Components

https://www.reddit.com/r/netsec/comments/1h262yg/introduction_to_fuzzing_android_native_components/

New TryHackMe Room: AI Security Fundamentals – Learn AI Security and Pentesting

https://www.reddit.com/r/netsec/comments/1h2sj8v/new_tryhackme_room_ai_security_fundamentals_learn/

Everyday Ghidra: Ghidra Data Types — Creating Custom GDTs From Windows Headers — Part 2

https://www.reddit.com/r/netsec/comments/1h18g21/everyday_ghidra_ghidra_data_types_creating_custom/

TEMPEST Engineer - TS/SCI/CI-Poly

Company: CrowdCyber

Location: Annapolis Junction, MD

Technical Writer II - Cyber - TS/SCI/FSP

Company: CrowdCyber

Location: Annapolis Junction, MD

Reverse Engineer - TS/SCI

Company: CrowdCyber

Location: Maryland

Windows Cyber Software Engineer - TS

Company: CrowdCyber

Location: Chantilly, VA

HPC System Administrator - TS/SCI/FSP

Company: CrowdCyber

Location: Annapolis Junction, MD

Windows Reverse Engineer - Top Secret - Full Scope

Email Us to talk about our Candidates!

Linux Cyber Software Engineer - Top Secret - Full Scope

Email Us to talk about our Candidates!

Apple iOS Cyber Software Engineer - Top Secret SCI

Email Us to talk about our Candidates!

Mobile Android Cyber Software Engineer - Top Secret - Poly

Email Us to talk about our Candidates!

Windows Vulnerability Researcher - Top Secret - Full Scope Poly

Email Us to talk about our Candidates!

Google now pays $250,000 for KVM zero-day vulnerabilities

https://www.bleepingcomputer.com/news/security/google-now-pays-250-000-for-kvm-zero-day-vulnerabilities/

Bug Bounty: An Economic Disadvantage for Researchers?

https://www.digitaloperatives.com/2023/07/29/bug-bounty-an-economic-disadvantage-for-researchers/

Google Pixel Titan M with Persistence - Zero click Up to $1,000,000

https://bughunters.google.com/about/rules/6171833274204160/android-and-google-devices-security-reward-program-rules

Facebook Full Mobile Remote Code Execution exploit is $300,000

https://www.facebook.com/whitehat/payout_guidelines/mobile_rce

When Can A Quantum Computer Steal Your Money? When There Is A Data Point At 256 On The Graph Below

https://proof-of-quantum.com/

Microsoft Edge Developer VM Remote Code Execution

https://www.reddit.com/r/netsec/comments/1isdwc6/microsoft_edge_developer_vm_remote_code_execution/

Reinventing PowerShell in C/C++

https://www.reddit.com/r/netsec/comments/1it1knv/reinventing_powershell_in_cc/

Achieving RCE in famous Japanese chat tool with an obsolete Electron feature

https://www.reddit.com/r/netsec/comments/1it7p4j/achieving_rce_in_famous_japanese_chat_tool_with/

New Java Runtime Reverse Engineering Tool (Injected DLL, Runtime Bytecode & Heap Analysis)

https://www.reddit.com/r/netsec/comments/1itp2lr/new_java_runtime_reverse_engineering_tool/

Malware Analysis of Fake Banking Reward APK Targeting WhatsApp Users

https://www.reddit.com/r/netsec/comments/1i5su0v/malware_analysis_of_fake_banking_reward_apk/

Operation Triangulation: What You Get When Attack iPhones of Researchers

https://media.ccc.de/v/37c3-11859-operation_triangulation_what_you_get_when_attack_iphones_of_researchers

Our Polymorphic Reverse Shell Generator beat EVERY AV!

https://m.youtube.com/watch?v=9kAq-OO72Uk

How Hackers Hide From Memory Scanners

https://youtu.be/WYuhJzngfVc?si=KYvedCuIOsItE7sc

How Hackers Exploit Vulnerable Drivers

https://youtu.be/ELVdDwvELKY?feature=shared

DEF CON 31 - Weaponizing Plain Text ANSI Escape Sequences as a Forensic Nightmare - STÖK

https://m.youtube.com/watch?v=3T2Al3jdY38&feature=youtu.be

FX of Phenoelit - @41414141

https://twitter.com/41414141

vx-underground - @vx-underground

https://twitter.com/vx-underground

BTCillustrated - @BTCillustrated

https://www.twitter.com/btcillustrated

Halvar Flake - @halvarflake

https://twitter.com/halvarflake

Dave Aitel - @daveaitel

https://twitter.com/daveaitel

Fabric is an open-source framework for augmenting humans using AI.

https://github.com/danielmiessler/fabric

OpenAI Is Not Training on Your Dropbox Documents—Today

https://www.schneier.com/blog/archives/2023/12/openai-is-not-training-on-your-dropbox-documents-today.html

AI-Powered Fuzzing: Breaking the Bug Hunting Barrier

https://security.googleblog.com/2023/08/ai-powered-fuzzing-breaking-bug-hunting.html?m=1

Self-Operating Computer Framework: framework to enable multimodal models to operate a computer

https://github.com/OthersideAI/self-operating-computer

Threat Intel Bot - specialized GPT for the latest APT threat intelligence.

https://chat.openai.com/g/g-Vy4rIqiCF-threat-intel-bot

Trojaned AI Tool Leads to Disney Hack

https://www.schneier.com/blog/archives/2025/03/trojaned-ai-tool-leads-to-disney-hack.html

Russian Cybercriminals Impersonate EFF in Targeted Attack on Albion Online Players

https://securityonline.info/russian-cybercriminals-impersonate-eff-in-targeted-attack-on-albion-online-players/

B2B Business Email Compromise: A Sophisticated Scheme Exploiting Trusted Relationships

https://securityonline.info/b2b-business-email-compromise-a-sophisticated-scheme-exploiting-trusted-relationships/

North Korean IT Workers Pose as Developers on GitHub to Infiltrate Global Companies

https://securityonline.info/north-korean-it-workers-pose-as-developers-on-github-to-infiltrate-global-companies/

RANsacked: Over 100 Security Flaws Found in LTE/5G Network Implementations

https://www.reddit.com/r/netsec/comments/1itt6y4/ransacked_over_100_security_flaws_found_in_lte5g/

Cencora’s $75 Million Ransom: A New High in Cyber Extortion

https://securityonline.info/cencoras-75-million-ransom-a-new-high-in-cyber-extortion/

FBI warns against using unlicensed crypto transfer services

https://www.bleepingcomputer.com/news/security/fbi-warns-against-using-unlicensed-crypto-transfer-services/

iOS v17.4 Beta 2 Nerfs (Some) Progressive Web Apps for EU Users

https://www.nobsbitcoin.com/ios-v17-4-beta2-undermines-progressive-web-apps-pwas-for-eu-users/

CoinCenter: Broad, Ambiguous, or Delegated: Constitutional Infirmities of the Bank Secrecy Act

https://www.coincenter.org/broad-ambiguous-or-delegated-constitutional-infirmities-of-the-bank-secrecy-act/

The Invisible Cost Of War In The Age Of Quantitative Easing

https://bitcoinmagazine.com/culture/how-the-fed-hides-costs-of-war

Subaru Starlink flaw let hackers hijack cars in US and Canada

https://www.bleepingcomputer.com/news/security/subaru-starlink-flaw-let-hackers-hijack-cars-in-us-and-canada/

Cloudflare CDN flaw leaks user location data, even through secure chat apps

https://www.bleepingcomputer.com/news/security/cloudflare-cdn-flaw-leaks-user-location-data-even-through-secure-chat-apps/

Windows 11 is adding a 'Share' button to the Start menu and Taskbar

https://www.bleepingcomputer.com/news/microsoft/windows-11-is-adding-a-share-button-to-the-start-menu-and-taskbar/

Australia Threatens to Force Companies to Break Encryption

https://www.schneier.com/blog/archives/2024/09/australia-threatens-to-force-companies-to-break-encryption.html

Matthew Green on Telegram’s Encryption

https://www.schneier.com/blog/archives/2024/08/matthew-green-on-telegrams-encryption.html

Tor needs 200 new WebTunnel bridges to fight censorship

https://www.bleepingcomputer.com/news/security/tor-needs-200-new-webtunnel-bridges-to-fight-censorship/

EFF: The U.K. Government Is Very Close To Eroding Encryption Worldwide

https://www.eff.org/deeplinks/2023/07/uk-government-very-close-eroding-encryption-worldwide

Meta plans retention 'hooks' for Threads as more than half of users leave app

https://www.reuters.com/business/media-telecom/meta-plans-retention-hooks-threads-more-than-half-users-leave-app-2023-07-28/?taid=64c3b01ee6cfe30001c4540f&utm_campaign=trueAnthem:+Trending+Content&utm

Learn about NOSTR - Earn Zaps! ⚡️

https://nostr-resources.com/#get-started

As 'Threads' Continues To Face-Plant, House Judiciary Demands Answers Over Censorship

https://www.zerohedge.com/technology/threads-continues-face-plant-house-judiciary-demands-answers-over-censorship

Aircrack Cheat Sheet

https://raw.githubusercontent.com/Ignitetechnologies/Mindmap/main/aircrack/Aircrack-ng%20%20UHD.png

How a Load Balancer Works

https://pbs.twimg.com/media/F5-ByLvXkAASw3j?format=jpg&name=4096x4096

Process Injection

https://4.bp.blogspot.com/-ixv5E0LMZCw/WWi5yRjL-_I/AAAAAAAAAnk/WO99S4Yrd8w6lfg6tITwUV02CGDFYAORACLcBGAs/s1600/Process%2BInjection%25281%2529.png

Argument Map on Restricting Encryption

https://www.argumentenfabriek.nl/wp-content/uploads/2021/11/EN-Argumentenkaart-inperking-encryptie.pdf

OSCP Enumeration Cheat Sheet

https://pbs.twimg.com/media/F2HWy_LWgAI5hT1?format=jpg&name=4096x4096

Google Chrome's new post-quantum cryptography may break TLS connections

https://www.bleepingcomputer.com/news/security/google-chromes-new-post-quantum-cryptography-may-break-tls-connections/

Companies, countries battle to develop quantum computers | 60 Minutes

https://youtu.be/K4ssT6Dzmnw

An Efficient Quantum Factoring Algorithm

https://arxiv.org/abs/2308.06572

You Can’t Rush Post-Quantum-Computing Cryptography Standards

https://www.schneier.com/blog/archives/2023/08/you-cant-rush-post-quantum-computing-standards.html?utm_source=dlvr.it&utm_medium=twitter

Supercomputer makes calculations in blink of an eye that take rivals 47 years

https://www.telegraph.co.uk/business/2023/07/02/google-quantum-computer-breakthrough-instant-calculations/

The Human Rights Foundation Announces 20 Btc Bounty Challenge For Bitcoin Development

https://bitcoinmagazine.com/business/human-rights-foundation-announces-20-btc-bounty-challenge-for-bitcoin-development

Open-Sourcing the Design Guide: 2 BTC to port the Bitcoin UI Kit from Figma to an open-source Penpot project.

https://hrfbounties.org/

Serverless Payjoin: 2 BTC to deploy a production-ready version 2 payjoin protocol which may send and receive Payjoin transactions without requiring a sender or recipient to operate a public server.

https://hrfbounties.org/

E2EE Group Chats: 2 BTC for the creation of end to end encrypted group chats powered by any popular Nostr client that does not leak metadata

https://hrfbounties.org/

Silent payments: 2 BTC for a mobile wallet which can send and receive Silent Payments in a private manner without requiring the user to run a full node

https://hrfbounties.org/

SHA-1 gets SHAttered

https://evervault.com/blog/sha-1-gets-shattered

Dancing Offbit: The Story of a Single Character Typo that Broke a ChaCha-Based PRNG

https://research.nccgroup.com/2023/08/22/dancing-offbit-the-story-of-a-single-character-typo-that-broke-a-chacha-based-prng/

Building Intuition for Lattice-Based Signatures – Part 2: Fiat-Shamir with Aborts

https://research.nccgroup.com/2023/08/17/building-intuition-for-lattice-based-signatures-part-2-fiat-shamir-with-aborts/

Demystifying Multivariate Cryptography

https://research.nccgroup.com/2023/08/18/demystifying-multivariate-cryptography/

Vulnerability allows an attacker to extract a full private key from a wallet implementing Lindell17 2PC protocol, by extracting a single bit in every signature attempt (256 in total)

https://www.fireblocks.com/blog/lindell17-abort-vulnerability-technical-report/

US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’

https://www.securityweek.com/us-senator-wyden-accuses-microsoft-of-cybersecurity-negligence/

The 10 Humorous But Immutable Laws of Cloud Security

https://www.digitaloperatives.com/2023/07/18/the-10-humorous-but-immutable-laws-of-cloud-security/