Edit, the new command-line text editor on Windows github.com/microsoft/edit

🚀✨ Super pumped to drop ScriptHostTest — your 🔑 to assessing WDAC & AppLocker controls like a boss! 💪🛡️ 👉 Check it out here: github.com/MHaggis/notes/… Why you NEED this tool: • ⚡ Quickly verify if your script execution policies are 🔒 locked down • 🕵️‍♂️ Test multiple script

Also made a quick video on how to install TitanHide in Windows Sandbox using the SandboxBootkit project. It takes about 3 minutes end-to-end.

In this short STRT blog, we’ll show how flexible XWorm is. It can deliver its payload/loader in different formats and scripting languages, including through phishing campaigns that trick users into clicking on harmful attachments. 😉 blog: splunk.com/en_us/blog/sec…

Splunk Threat Research Team takes a close look at recent XWorm malware samples spotted in the wild and shows how this threat uses a mix of different stagers and loaders to sneak past defences and carry out its attacks. splunk.com/en_us/blog/sec…

In this #Splunk STRT blog, we analyze a campaign using a weaponized Inno Setup installer + HijackLoader to deliver Redline Stealer. We cover TTPs and Splunk detection ideas to help you spot this threat. 🙂 splunk.com/en_us/blog/sec…

Stoked to present the research #STRT did with our Talos friends alongside Nasreddine Bencherchali and John Levy! And it includes a sweet demo at the end. Come say Hi :)

blog.viettelcybersecurity.com/sharepoint-too…

⚠️ Someone hacked the Amazon AI coding assistant to inject a data-wiping prompt! It was merged via a pull request due to misconfigured GitHub workflows, it went live on the VSC marketplace and it stayed undetected for 6 days. The prompt was designed to "clear a system to a

LOLRMM.io now tracks over 290 RMMs, with new ones being added regularly. These tools provide legitimate functionality but are frequently repurposed by attackers. Read here: buff.ly/oNbWfa6 If you're not using them in your setup, why allow them to run?

I updated the #Rhadamanthys custom format converter (for XS modules), to support the latest version (0.9.x): github.com/hasherezade/hi…

Picture Paints a Thousand "Codes": STRT analyzed a Quasar RAT campaign using image steganography to hide payloads inside harmless-looking images. 🔍 In our latest blog: How it works Key TTPs Detection for #Splunk & #Cisco NTDR Read: splunk.com/en_us/blog/sec… #int3 Demo tool:

Splunk's Teoderick Contreras (Br3akp0int) examines a .NET loader that uses steganography to hide its malicious stager and payload within an image file. This malicious .NET loader has been utilized by various RATs and information stealers. splunk.com/en_us/blog/sec…

Ohhhh, sneaky masquerading trick found in the wild and noted by JAMESWT The Threat Actor replaces / with "ん", a Japanese character +2 cat pictures

HijackLoader is spreading via fake downloads and SEO poisoning, even bypassing popular ad-blockers. Our new blog reveals how this stealthy malware operates and how you can defend against it. bit.ly/4ltEWyy

Mastering Socket Programming in C In this article, we’ll get into the world of socket programming in C, exploring its concepts, API calls, and practical implementations. Whether you’re a beginner or looking to refresh your knowledge, this post will provide you with a solid

Some threat actors are bold enough to submit their malware as false positive to antivirus companies. This also happened with AppSuite PDF Editor. Our technical deep-dive is out 📝 gdatasoftware.com/blog/2025/08/3… #GDATA #GDATATechblog #AppSuite

1997: Nmap was first released as a simple port scanner via an article in issue 51 of Phrack magazine which included the source code. That's right - 28 years of Nmap!

⚠️ RL researchers have detected the first self-replicating worm (Shai-hulud) compromising popular #npm packages with cloud token-stealing #malware. It has compromised hundreds of packages & organizations, including #CrowdStrike: bit.ly/4grhGAh

We looked at #BlockBlasters malware last week and had it reported to Steam some time ago. Here are some findings. 🧵 (article is in publishing)