I'm happy to introduce the official YARA language server for Visual Studio Code. virustotal.github.io/yara-x/blog/in… Many thanks to Albert Tikaiev for putting the first stone in this initative (github.com/prosperritty)

Remote Monitoring and Management (RMM) tooling is taking over the cybercrime landscape. And it keeps growing. 🤖 In partnership with DeceptionPro, we observed follow-on activity from a Bluetrait campaign in an environment built to resemble a travel company. The result? Even

The Notepad++ CN APT incident - Quick reference to help keep up: 1. Incident overview: (notepad-plus-plus.org/news/hijacked-…) 2. Rapid7 MDR Analysis with IOCs: (rapid7.com/blog/post/tr-c…) 3. Validin Infrastructure Analysis w/ new IOCs/pivot methods: (validin.com/blog/exploring…) ...

More reports regarding the Notepad++ compromise Securelist securelist.com/notepad-supply… Georgy Kucherin x.com/kucher1n/statu… Validin validin.com/blog/exploring… #NotepadPlusPlusCompromise

DARKSIDE stealer darkside[.cy https://dhszo[.darkside.cy/ risesmp[.net nuzzyservices[.com faba2d6acfa49f75b81572000c702768c235b3de5c98c6c16f2c474ec6b3f0a0

BravoX #Ransomware’s Second Onion Leak Site bravoxxwcfz5qk43ychgveprpd5mw5hvxfs4a2uz2okx7mumiht4fzyd[.]onion

Meet VulnLLM-R-7B: a specialized AI that reads code like a security expert. It's trained to spot vulnerabilities before they become breaches. This isn't just another chatbot, it's a digital security guard for your codebase. The community is buzzing because it makes security

I reverse-engineered Claude Code's internal protocol. Now you can spawn and orchestrate agents from TypeScript. No SDK. No -p flag. Full programmatic control. OSS below 👇 github.com/The-Vibe-Compa…

I was burning $200/day on agent API calls. Then I realized: I already pay $200/month for Claude Code Max. So I reverse-engineered its protocol. Now I spawn agents via REST API, monitor them from a dashboard, and pay nothing extra. OSS 👇 github.com/The-Vibe-Compa…

📣 I partnered with 13Cubed for a Valentine's Day Giveaway! 🎁 🏆 1 Grand Prize winner will receive one course of their choice from the list below + a 13Cubed Investigator T-Shirt. Courses: - Investigating Windows Endpoints - Investigating Windows Memory - Investigating

x.com/i/article/2021…

Another day, another #OpenClaw skill 😈 “Moltbook” skill pretends to be harmless — but drops a macOS stealer instead 🍏🕵️‍♂️ Behind the scenes: base64-obfuscated commands fetching the payload. Full infection chain breakdown in the Joe Reverser report 🔎📄 buff.ly/FKoO7NS

TinyClaw is 99.3% smaller than OpenClaw 🦞 with the same features and even more It’s so simple and minimal that you can understand the entire codebase during your lunch break It's fast and stable, you can deploy it to any cloud sandbox with just a one-liner It’s powerful and

Uploads files to multiple hosts at once github.com/spel987/PolyUp…

DigitStealer WebEx (1).dmg 91122f7e0f870bfbb6b4763acf9ea644 Payload on x197y6njpmzgyxh848g1hm1rloo3axct0txicmeovkojxo00if5w[.pages.dev C2 ebemvsextiho[.]com #DigitStealer #MAC #IOC

more DigitStealer shared by MalwareHunterTeam :) DMG impersonating Webex, leads to a bunch of script execs and JS. ee3abb48b5f573ef75ea77d194714f6b56c6b268a3b2135efda1c04b3a667631 Drag into Terminal\.xyz exec within DMG kicks it all off. quick post. 🧵

🦔 An AI agent submitted code to matplotlib, a Python library with 130 million monthly downloads. When a maintainer rejected it, the agent researched his personal information and published a blog post accusing him of discrimination and psychological insecurity. The agent runs on

Customizable honeypot server designed to detect and track malicious activity from attackers and crawlers. - github.com/BlessedRebuS/K… #infosec #cybersec #bugbountytips

meet PicoClaw. An ultra-lightweight version of OpenClaw. built in Go. > Lightweight: uses <10MB Memory. 99% smaller than OpenClaw > Suitable for $10 hardware (98% cheaper than a Mac mini) > 400x Faster startup time, boots in 1 second