❗The CERT-UA investigation has identified three new malware samples, indicating an evolution in the UAC-0099 group's tactics, techniques, and procedures cip.gov.ua/en/news/vam-po…

1/ We've just released a new report uncovering new infrastructure tied to multiple activity clusters linked to the Israeli spyware vendor #Candiru across several countries. Full report: recordedfuture.com/research/track…

Project Ire, an autonomous AI agent, automates what’s considered the gold standard in malware classification: fully reverse engineering a software file without any clues about its origin or purpose: msft.it/6017sMSiW To identify malware at scale, Project Ire uses

The FBI arrested two Chinese nationals on Saturday on charges alleging they knowingly exported to China tens of millions of sensitive microchips used in artificial intelligence (#AI) applications, in violation of the Export Control Reform Act. Details: justice.gov/usao-cdca/pr/t…

US laptop farmers are helping North Korean IT workers infiltrate American companies...part of a criminal scheme that earns North Korea hundreds of millions of dollars a year. #DPRK #NorthKorea Team: Isaac Yee V Salazar Teele Rebane Jerry Simonson Nick Leimbach

Today we released a new stable version of DRAKVUF Sandbox v0.19.0 🎉– a project that leverages the DRAKVUF system for agentless malware analysis. Detailed release notes can be found on our Github: github.com/CERT-Polska/dr…

APT 🤝 ˢᵃᶜᵃᵖᵒᵒᵖᶦᵉ 🤝Cybercrime

#ESETresearch has discovered a zero-day vulnerability in WinRAR, exploited in the wild by Russia-aligned #RomCom 🏴‍☠️ Anton Cherepanov welivesecurity.com/en/eset-resear… 1/7

I am back to posting to ADSecurity.org in my free time (which I have again). I plan on adding new content relating to Active Directory & Azure AD (now Entra ID). First up is "Entra & Azure Managed Access Revisited". This article expands on one I wrote years ago about

Trump describes upcoming talks with Putin as a 'feel-out meeting' news.sky.com/story/ukraine-…

cool job alert 🚨

Justice Department Announces Coordinated Disruption Actions Against BlackSuit (Royal) Ransomware Operations Law Enforcement Seizes Servers, Domains, and Approximately $1 Million In Laundered Proceeds Owned By BlackSuit (Royal) Ransomware “The BlackSuit ransomware gang’s

Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🚀 We've shared an IDA Pro decryption script for Matanbuchus 3.0, capable of decrypting ChaCha20 strings & resolving APIs/modules/syscalls using MurmurHash3. Fresh IOCs also available! 👉Check it out: github.com/prodaft/malwar… #threatintel #malware #IOC

1/ An unnamed source recently compromised a DPRK IT worker device which provided insights into how a small team of five ITWs operated 30+ fake identities with government IDs and purchased Upwork/LinkedIn accounts to obtain developer jobs at projects.

Hey this is super cool, my Unit 42 colleagues released this Malware analysis tutorial featuring Donut Generate Shellcode 🫶 unit42.paloaltonetworks.com/donut-malware-… github.com/PaloAltoNetwor…

I keep seeing reports of attackers going after #ESX hosts – exporting VMs, cloning domain controllers, grabbing NTDIS files. Not really surprising. ESX often ends up being the quiet corner of the network where no one’s looking. Thing is: we’ve had some solid ways to deal with

ShinyHunters have released their exploit tool for SAP NetWeaver Visual Composer (CVE-2025-31324). While analysing the Base64-encoded Java payload, I spotted an unusual marker string: "Pwner274576528033300"