#SideWinder #APT group disguises as the Ministry of Foreign Affairs domain. #C2: mofa-gov-np[.]org-liv[.]net nic-svc[.]net org-liv[.]net threatbook.io/domain/mofa-go… threatbook.io/domain/nic-svc… threatbook.io/domain/org-liv… Hash: 9b76d98c2641512c66e8f2f99b2d0bda86ec1a4809420b74feadfb8f4f7dbf48

#APT36 #Phishing websites: indiandefence[.]directory kashmiraxxack[.]exposed #Sha256: 8b0ea6a9e427ac3288663e2f33bc3df5ea01bfdaead81d4b6595b00a6b7c4301 (Advisory Notice Movement of Troops.ppam) It is related to military movements. #C2: 93.127.133.58:17241|19821|21817|23221|27425

Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…

Can’t sleep. Watching Gaza get decimated from afar. We’ve collectively failed you all. I’m reading your goodbye posts and praying for you, but so ashamed. I can’t even say forgive us, because the world doesn’t deserve to be forgiven. حسبنا الله ونعم الوكيل

Outstanding! Nguyen Hoang Thach (Thach Nguyen Hoang 🇻🇳) of STARLabs SG used a single integer overflow to exploit #VMware ESXi - a first in #Pwn2Own history. He earns $150,000 and 15 Master of Pwn points. #P2OBerlin

🇵🇸💔People from Gaza are posting final messages...

The least you can do is repost. Say free 🇵🇸

I am done not speaking up on this matter. Enough is enough Stop the genocide in Gaza!!

"Circular.rar" seen from Pakistan: 7fe0e88514fe4f1a74360b905be923c61dff84b576a96c3550a02a46b9ae95e3 -> "Circular.chm": 243e4d1e53a805f61d2c4e8cabdd02e99a51fba37101b3e0535f219383871091 www.ntplugnplay[.]com

#FOFA #ThreatHunting | #APT #bitter Query: t.ly/hrgTo IoCs: pastebin.com/WE7bjsat Mikhail Kasimov Cyber Team Ginkgo Michael Koczwara MalwareHunterTeam ref: x.com/malwrhuntertea…

Confirmed! Former Master of Pwn winner Manfred Paul used an integer overflow to exploit #Mozilla Firefox (renderer only). His excellent work earns him $50,000 and 5 Master of Pwn points. #Pwn2Own #P2OBerlin

Pwn2Own Berlin 2025 comes to a close. We awarded $1,078,750 for 28 unique 0-days. Congrats to starlabs for winning Master of Pwn with $320,000. Thanks to offensivecon for hosting, and thanks to all who participated. Can't wait to see you next year! #Pwn2Own #P2OBerlin

The German Government sold 49,858 BTC for $2.89B, at an average price of $57,900. If they had held it, their BTC would now be worth $5.24B. Opportunity cost: $2.35 Billion

Some people (even some "big name" sites) are shouting in recent days that the official RVTools sites got pwned and spreading BumbleBee. Meanwhile in reality it seems there is nothing else than the usual fake sites in Google & etc spreading shit. RVTools, WinMTR, Zenmap... 🤷‍♂️

Strange that nobody has mentioned Lazarus. 🙊🙊

#Sidewinder #APT is dropping its favorite RTF file while launching multiple phishing campaigns. Target countries: 🇱🇰 🇧🇩 🇵🇰 🇳🇵 🇲🇲 🇲🇻 🇮🇩 We have consolidated all infra and are available at: pastebin.com/VFbNag7T Mikhail Kasimov (for update if any new infra) #Malware #ioc

The #Lazarus #APT group used a file disguised as a Python package for poisoning. #C2 #IOC: 144.172.101.45:1224 144.172.103.97:1224 216.126.229.166:1224 threatbook.io/ip/144.172.101… threatbook.io/ip/144.172.103… threatbook.io/ip/216.126.229…

🇮🇳🐍Potential Sidewinder Cobalt Strike Redirectors in Action 🐍185.159.128.117 0/94 in VT 🔥Suspect Domain: islamabadpolice[.]net 0/94 in VT - hosted on Cloudflare Spoofing legit domain: fir.islamabadpolice[.]gov[.]pk 🐍31.15.17.230 0/94 in VT 🔥Suspect Domain:

#TransparentTribe