A self-hostable open-source invoice generator app.

We talked about infected USB sticks before [1]. The EDR on a customer site picked up malicious behavior, including the commands: cmd.exe /c ""D:\rootdir\x943368.bat" and xcopy "C:\Windows\System32\printui.exe" "C:\Windows \System32" /Y This behavior aligns with the tactics

''Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses'' #infosec #pentest #redteam #blueteam thehackernews.com/2024/12/hacker…

Have you heard of the rarely observed #LOLBAS technique abusing cdb.exe? A new backdoor called Squidoor utilizes this technique, and is in the toolkit of a suspected Chinese threat actor targeting multiple countries and sectors. bit.ly/3Fauuwk

A 1024-bit DKIM key (used for email authentication) can be cracked in under 4 days using a cheap, simple cloud server. Upgrade all DKIM keys to 2048-bit right NOW! Read more: alitajran.com/upgrade-dkim-1… #Microsoft365 #ExchangeOnline #DKIM

Super L33t h@cker technique right here... Open up the search box on Windows 11... Then... Type in "password" Enjoy as you're presented with numerous word documents, excel, pdf, etc. All from SharePoint, OneDrive, etc. Thanks Microsoft. 🙄 I've found admin credentials this

🤓 I believe we need a structured approach to handling AI security incidents. That’s why I’m proposing DFAIIR (Digital Forensic & AI Investigation Response). Working on a project around this, but wanted to get some opinions. #Infosec what do you think?

''iDRAC to Domain Admin'' #infosec #pentest #redteam #blueteam infosecwriteups.com/idrac-to-domai…

LLMs and Agents offer a powerful combination for driving automation. In our new #blog, ☠️ Brandon outlines how he harnesses the power of #angenticAI to autonomously map a network. Read it now! trustedsec.odoo.com/r/7d0

🚨 We published a report on RESURGE, a new malware variant affecting Ivanti Connect Secure & exploiting CVE-2025-0282. RESURGE contains distinctive commands that pose significant risk of adversary access. Take action to secure your systems. Learn more 👉 cisa.gov/news-events/an…

🔥 Hackers got hacked. BlackLock, a top ransomware gang in 2025, just got owned—by threat hunters who found a fatal flaw in their infrastructure. exposing... ➡️ Real IPs behind their hidden servers ➡️ Command history showing OPSEC fails ➡️ Credentials, configs, and MEGA storage

Leveled up my meme game for this one

You can find this on national dailies, but it is FAKE.

Red teams + LLM is resulting in game changing r&d (in real time) like I have never witnessed before. Techniques, tools, streamlining.. the innovation behind the scenes is insane right now.

If you ever think there are no more bugs left to find… this Linux kernel bug was just patched yesterday and existed for 5 YEARS

“The Heart of every Incident: Incident Coordination” by ⁦Moritz Oettle (@moettle.bsky.social)⁩ dfir-delight.de/p/incident-coo…

Thread: Beware of CBEX & Ponzi Schemes!

BREAKING. From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.

I jumped heavily into learning about SCCM tradecraft and wrote a detailed write-up with custom examples, covering the most interesting vulnerabilities that combine commonality and impact from low-privilege contexts, and what you can do to prevent them :) logan-goins.com/2025-04-25-scc…

1/2 From startup to trusted partner, we’ve grown by helping businesses protect what matters most. 💼✨ Stay tuned, updates for 2025 are coming soon! Ready to scale securely? Let’s build your custom cybersecurity plan.