How LLM-as-a-Judge Evaluation Improves Threat Intelligence ift.tt/Ffgh8NB #systemweakness #cybersecurity #ethicalhacking

Introducing GoExec! falconops.com/blog/introduci…

🤖 Awesome Cybersecurity Agentic AI A list of resources across MCP servers, research, tools, frameworks, datasets, and communities. By Raphael Bottino 🔗 github.com/raphabot/aweso… #cybersecurity #ai

Oh, you had me for this Executive Summary! Security Response Congrats Michael.Gorelik and team for the discovery.:) msrc.microsoft.com/update-guide/v…

Details published research.checkpoint.com/2025/stealth-f…. To summarize: the "WorkingDirectory" problem within .url files. Oh, .url files, my old friend (I previously discovered another .url/IE 0day itw last year).. My thoughts/opinion: no organization should allow any inbound .url files in

Additional Suspected #StealthFalcon domains: bodyneedonline[.]com globaldentaltourism[.]net advantrades[.]com

We interviewed #Se7en, the founder of #Exodus #Market, a platform for selling #infostealers #logs. Read the full interview here deepdarkcti.com/interview-5-ex…

Haifei Li Security Response Thanks Haifei Li , this one is still within the Forms remote code execution category and requires 1 click ;-) Next month we will have something much scarier that should be patched.

⚠️ New threat detected: @​yoti-web-share/[email protected] ⚠️ The code is suspicious as it collects environment variables, compresses them, and sends them via DNS queries to a hardcoded server. This behavior indicates potential data exfiltration, ... socket.dev/npm/package/@y…

Smells like authenticated (as any user) RCE as SYSTEM. So not quite MS17-010 levels of bad (as that requires no authentication), but definitely "Domain User becomes Domain Admin in one step" levels of bad, if this is weaponized.

Cybersecurity Alert: Registered on June 7th, wwdc25[.]com hosts a #scam site impersonating the official WWDC25 event. It promotes a fake #cryptocurrency giveaway to steal funds. Do not send any cryptocurrency to the wallet addresses listed! Details at bit.ly/4mN0RCK

ConnectWise rotating code signing certificates over security concerns - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

♦️ Meta ad leads to a website that impersonates "TradingView" and downloads an MSI signed by "LLC Torgovyi Dom Energia" (now revoked). ⚠️ Final URL is different from the one shown in the ad. https://apps-download-pc[.]com/ (malicious site is only displayed if you come from

DanaBot malware operators exposed via C2 bug added in 2022 - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Open-source intelligence is no longer a peripheral tool, say RAND experts. These data sources may now offer critical insights into adversaries' activities, public sentiment, and emerging trends. bit.ly/43Xsbpj

From #NoodleRAT to #AcidPour, Linux malware authors are increasingly targeting cloud environments. Using five ELF-based malware families as examples, we show how of ELF malware's evolution presents a significant attack surface through machine learning. bit.ly/4mTnAND

Hey, for folks tracking today's Microsoft bugs, there's one more interesting entry that was published later today, so you might have missed it. CVE-2025-32717 is a bug I recently discovered and received a very quick patch. It's rated "Critical" and it's an easy heap-based buffer

#StealthFalcon used a .url file that exploited a zero-day vulnerability (xxx..pdf.url CVE-2025-33053) to execute malware from an actor-controlled WebDAV server. P2:Sophos Lover research.checkpoint.com/2025/stealth-f…

file://\\XXX.XXX@XX/../../../...url