this mf woke up one day and was like, ok let's turn printf("hello world\n"); into std::cout << "hello world" << std::endl;

Extraneous shellcode execution. Anyone have the password to share?

New RE Blog Post: kandji.io/blog/drivereasy Recently, related DPRK attributed Swift apps have been covered in blog posts detailing their behavior, which have been great! In this post, we focus more on the Swift RE specifics of one of these apps and compare it to the others. :)

The malicious JS deployed by Lazarus in the ByBit hack, 0/61 on VT.

#WinOS #ValleyRAT DLL Hijacking Shellcode decryption + EnumFontsW callback function 8010.helloqu[.]com:7777 8010.helloqu[.]com:80

Paged Out! #6 is out! pagedout.institute Totally free, 80 pages, best issue so far! 'nuff said, enjoy! (please RT to help spread out the news!)

Thread Execution Hijacking is one of the well-known methods that can be used to run implanted code. In this blog we introduce a new injection method, that is based on this classic technique, but much stealthier - Waiting Thread Hijacking. Read More : research.checkpoint.com/2025/waiting-t…

Looks like #APT36 #TransparentTribe #Poseidon #Mythic Agent

I took a look at this LNK uploaded from Taiwan. It leads to a simple Python backdoor: C2: https://eip.netask.workers[.]dev dmpdump.github.io/posts/Python_B…

Our team at Silent Push has been hard at work on the largest report we’ve ever made public – and along with Reuters – today we’re explaining how North Korean threat actors associated with the “Contagious Interview” subgroup created 3 front companies...🧵