Elastic Security Labs shares details about the SADBRIDGE loader and GOSAR backdoor, malware used in campaigns targeting Chinese-speaking victims. elastic.co/security-labs/…

Understanding Current CastleLoader Campaigns catalyst.prodaft.com/public/report/…

What is WMI Abuse? vpnunlimited.com/es/help/cybers…

Snort is the world's leading open source intrusion prevention system (IPS). Snort IPS uses a set of rules to help define malicious activity on the network. It uses these rules to find packets that match them and generate alerts for users. github.com/snort3/snort3/…

Michael Schena, a U.S. State Dept. employee with access to classified information, was sentenced to four years in prison for conspiring to transmit national defense information to individuals allegedly linked to the Chinese government. europapress.es/internacional/…

This file is a key artifact that is automatically created after file encryption on the compromised system. Yurei Ransomware.

Shellcode injection, as observed in debugging environments such as IDA Pro or OllyDbg. type of analysis is key to detecting evasion techniques such as Process Hollowing Thread Hijacking, or NtUnmapViewOfSection widely used in campaigns such as Kimsuky/APT43 Yurei ransomware load

Una base de datos estudiantes de la Universidad de Piura (Universidad de Piura) fue comprometida y publicada en un foro clandestino. 📂 Data expuesta: - 1,714 estudiantes afectados - Nombres, DNI, correos, direcciones y fechas de nacimiento, fotos.

Gatito FBI actor digital vinculado a la filtración del sistema SIDPOL de la PNP, donde expuso más de 80 GB de denuncias confidenciales. Opera en Telegram y foros Doxbin, difundiendo tmb doc Ministerio de Salud. Representa un riesgo crítico por exposición de datos.

QKD distributes keys using quantum states; any eavesdropping alters the signal and is detected, ensuring secure distribution (it does not encrypt the data itself). It does not eliminate hackers.. fortinet.com/lat/resources/….

DeadManPE informally accessed a UCV API that exposes academic data It's key to review our external and internal endpoints, tokens, and validations to prevent this type of breach from being reflected in our environment USE:OAuth2 JWT with expiration audit tokens Yara & Sigma rules

F5 publicó parches, guías de mitigación y herramientas de diagnóstico reforzado. Se recomienda inventariar activos, actualizar versiones y revisar logs de autenticación. Integrar eventos en SIEM y seguir avisos técnicos (KB13080, KB13426) para endurecimiento. F5 SIRT o CCN-CERT

OrcaC2 framework in Go, code on GitHub. Its Orca Puppet agent features: Remote command execution, Interactive shell, File transfer, Screenshots, Keystroke logging, Process management, UAC bypass, Traffic injection and tunneling support. github.com/Ptkatz/OrcaC2

Typical phishing scam impersonating Cloudflare. The pattern seen in the screenshot ("Important Security Notice... Review Security Settings") matches recent campaigns that steal credentials and then redirect to the real site to avoid suspicion. mailguard.com.au/blog/cloudflar…

New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App thehackernews.com/2025/07/new-ma… via The Hacker News

Hacktivists tampered with Canadian industrial systems, cyber agency warns therecord.media/canada-ics-hac… The Record From Recorded Future News

SolarWinds patched three critical vulnerabilities: CVE-2025-40549 CVE-2025-40548 CVE-2025-40547 The flaws affect SolarWinds Serv-U 15.5.2.2.102. The company released version 15.5.3 to address them. securityaffairs.com/184916/securit…

getdigiloop.com/article/latam/….

amazon.com/Understanding-…

A new family of Trojans with clicker functionality has emerged. They share a common characteristic: they are managed from the hxxps[:]//dllpgd[.]click server, or are loaded and executed by command from it. This type of malware infects smartphones running the Android operating..