Really excited to announce the release of Kali Linux 2024.2! kali.org/blog/kali-linu… A lot in this release, including the t64 transition, which is a really big deal and has been a lot of work. Special shout out to Arnaud for leading that effort. We also have Gnome 46 desktop,

Scathing report on Medibank cyberattack highlights unenforced MFA - Lawrence Abrams bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

VMware fixes critical vCenter RCE vulnerability, patch now - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

AMD investigates breach after data for sale on hacking forum - Lawrence Abrams bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

#UPDATE - This is the PoC that was shared for the OwnCloud 0-Day.

Plugins on WordPress.org backdoored in supply chain attack - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

@instacyber enjoy this photo :D... my current collection of antivirus from when I was in charge of antivirus comparisons for IT magazines

💡HoneyDB Provides Real Time Data of Honeypot Activity darkwebinformer.com/honeydb-provid… This post is better formatted on the website. HoneyDB is a dynamic and robust open-source threat intelligence platform designed to bolster cybersecurity defenses by leveraging the power of

A threat actor claims to be selling an iOS RCE exploit. According to the threat actor, the exploit requires no user interaction (ZeroClick), and provides full control over devices running iOS 17.x.x and iOS 18.x.x. #DarkWeb #exploir #ios #rce #selling

🚨A Threat Actor Alleged 0-Day Vulnerability in Popular WordPress Plugin dailydarkweb.net/a-threat-actor… #DarkWeb #WordPress #Vulnerability #BrokenAccess #CybersecurityNews

Phishing with a fake reCAPTCHA github.com/JohnHammond/re…

I’m building incredibly in-depth course work for Command and Control operations as well as detection engineering. This is NOT entry level. Live instruction + lifetime access to materials. Until it launches, once a week I will give away access to someone who retweets and follows

I use Log4shell canaries in my passwords and I have one per website. It’s been crazy interesting the sites that I have gotten pings for and where the pings are from. I think it’s cool. It would be a fun talk to put together and a good story to tell but not useful…

McDonald's uses an AI bot called "Olivia" for hiring. A pair of hackers found they could access every conversation job applicants had with it—including all the personal info they shared—by exploiting security flaws as basic as using the password "123456". wired.com/story/mcdonald…

Fact #Fortinet

As promised, our #SharePoint adventure with CVE-2025-53770 and CVE-2025-53771, including payloads and vulnerability checker! blog.leakix.net/2025/07/using-…