⤷ Title: The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:43:46 +0000
════════════════════════
⌗ Tags: #Malware #APT31 #cryptography #CVE_2026 #go #Golang #infosec #Linux Security #malware #Open Source Security #Rekoobe #supply chain attack
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:43:46 +0000
════════════════════════
⌗ Tags: #Malware #APT31 #cryptography #CVE_2026 #go #Golang #infosec #Linux Security #malware #Open Source Security #Rekoobe #supply chain attack
Daily CyberSecurity
The Cryptography Trojan: Malicious Go Module Impersonates Foundational Library to Steal Passwords and Deploy Root Backdoors
Socket uncovers a malicious Go module mimicking golang.org/x/crypto. It steals passwords via ReadPassword and deploys the Rekoobe backdoor on Linux systems.
⤷ Title: Dohdoor: New Stealth Backdoor Targets US Healthcare and Education
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:37:10 +0000
════════════════════════
⌗ Tags: #Malware #Cisco Talos #cyber_espionage #DLL Sideloading #DNS_over_HTTPS #DoH #Dohdoor #Education Sector #healthcare security #infosec #Lazarus Group #UAT_10027
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:37:10 +0000
════════════════════════
⌗ Tags: #Malware #Cisco Talos #cyber_espionage #DLL Sideloading #DNS_over_HTTPS #DoH #Dohdoor #Education Sector #healthcare security #infosec #Lazarus Group #UAT_10027
Daily CyberSecurity
Dohdoor: New Stealth Backdoor Targets US Healthcare and Education
Cisco Talos uncovers "Dohdoor," a stealthy backdoor used by UAT-10027. It abuses DNS-over-HTTPS via Cloudflare to spy on U.S. healthcare and education sectors.
⤷ Title: The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:33:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Credential Harvesting #Evasion Tactics #Google Firebase #Google Translate #Group_IB #GTFire #infosec #phishing #SaaS Abuse #threat intelligence #web app
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:33:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Credential Harvesting #Evasion Tactics #Google Firebase #Google Translate #Group_IB #GTFire #infosec #phishing #SaaS Abuse #threat intelligence #web app
Daily CyberSecurity
The GTFire Scheme: How Cybercriminals are Weaponizing Google’s Trusted Services for Global Phishing
Group-IB uncovers "GTFire," a massive credential-harvesting operation abusing Google Firebase and Translate to bypass security filters in 100+ countries.
⤷ Title: OCRFix: When Fake CAPTCHAs, AI, and Blockchains Collide to Build a Botnet
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:27:28 +0000
════════════════════════
⌗ Tags: #Malware #AI SEO Poisoning #BNB Smart Chain #botnet #ClickFix #CYJAX #EtherHiding #infosec #OCRFix #PowerShell Malware #social engineering #Tesseract OCR
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:27:28 +0000
════════════════════════
⌗ Tags: #Malware #AI SEO Poisoning #BNB Smart Chain #botnet #ClickFix #CYJAX #EtherHiding #infosec #OCRFix #PowerShell Malware #social engineering #Tesseract OCR
Daily CyberSecurity
OCRFix: When Fake CAPTCHAs, AI, and Blockchains Collide to Build a Botnet
CYJAX uncovers "OCRFix," a stealthy campaign using fake Tesseract OCR sites, ClickFix social engineering, and EtherHiding to bypass security via blockchain.
⤷ Title: CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:22:54 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Command Injection #CVE_2026_27728 #CWE_78 #infosec #Monitoring Security #NetworkPathMonitor #OneUptime #Patch Alert #rce #Remote Code Execution #SaaS Security #Traceroute
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:22:54 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Command Injection #CVE_2026_27728 #CWE_78 #infosec #Monitoring Security #NetworkPathMonitor #OneUptime #Patch Alert #rce #Remote Code Execution #SaaS Security #Traceroute
Daily CyberSecurity
CVE-2026-27728 (CVSS 10): Critical Command Injection Flaw in OneUptime Probe Enables Full Server Takeover
OneUptime 10.0.7 patches a critical 10.0 CVSS vulnerability (CVE-2026-27728). Attackers can use traceroute probes to execute root commands and steal data.
⤷ Title: Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:19:59 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #basic_ftp #CVE_2026_27699 #CWE_22 #FTP Security #infosec #Node.js #Patch Alert #Path Traversal #rce #Remote Code Execution #Supply Chain Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:19:59 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #basic_ftp #CVE_2026_27699 #CWE_22 #FTP Security #infosec #Node.js #Patch Alert #Path Traversal #rce #Remote Code Execution #Supply Chain Security
Daily CyberSecurity
Critical Path Traversal Flaw in basic-ftp Exposes Node.js Apps to Arbitrary File Writes
Node.js library basic-ftp patches a critical 9.1 CVSS path traversal flaw (CVE-2026-27699). Malicious FTP servers can overwrite any file on the client machine.
⤷ Title: Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:14:39 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Angular #CVE_2026_27739 #Frontend Security #HttpClient #infosec #Patch Alert #Server_Side Request Forgery #SSR #ssrf #Vulnerability #Web Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:14:39 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Angular #CVE_2026_27739 #Frontend Security #HttpClient #infosec #Patch Alert #Server_Side Request Forgery #SSR #ssrf #Vulnerability #Web Security
Daily CyberSecurity
Steering the Server: Critical 9.2 Severity SSRF Flaw in Angular SSR Allows Internal Network Probing
Angular patches a critical 9.2 CVSS SSRF vulnerability (CVE-2026-27739). Attackers can manipulate Host headers to steal credentials and probe internal networks.
⤷ Title: The New Voice of Fraud: Cybercrime ‘Supergroup’ Recruits Female Callers to Breach Corporate IT Help Desks
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:07:43 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime Recruitment #Help Desk Security #infosec #LAPSUS$ #MFA Bypass #Scattered LAPSUS$ Hunters #Scattered Spider #ShinyHunters #social engineering #Vishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:07:43 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cybercrime Recruitment #Help Desk Security #infosec #LAPSUS$ #MFA Bypass #Scattered LAPSUS$ Hunters #Scattered Spider #ShinyHunters #social engineering #Vishing
Daily CyberSecurity
The New Voice of Fraud: Cybercrime 'Supergroup' Recruits Female Callers to Breach Corporate IT Help Desks
The Scattered Lapsus$ Hunters "supergroup" is paying $1,000 per successful vishing call. Discover how they use female recruits to bypass corporate IT security.
⤷ Title: Google Dismantles UNC2814’s Global Espionage Network Fueled by Google Sheets
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:00:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #C2 #China_nexus #Command and Control #cyber_espionage #Google Sheets API #Google Threat Intelligence Group #GRIDTIDE #infosec #Mandiant #Telecommunications Security #UNC2814
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:00:13 +0000
════════════════════════
⌗ Tags: #Cybercriminals #C2 #China_nexus #Command and Control #cyber_espionage #Google Sheets API #Google Threat Intelligence Group #GRIDTIDE #infosec #Mandiant #Telecommunications Security #UNC2814
Daily CyberSecurity
Google Dismantles UNC2814’s Global Espionage Network Fueled by Google Sheets
Google and Mandiant disrupt UNC2814, a China-nexus group using the GRIDTIDE backdoor to hide command-and-control traffic inside Google Sheets across 42 nations.
⤷ Title: Understanding Torch Dark Web Search and Its Role in Onion Discovery
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:12:57 GMT
════════════════════════
⌗ Tags: #osint #darkweb #infosec #cybersecurity
════════════════════════
𐀪 Author: Tor BBB
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:12:57 GMT
════════════════════════
⌗ Tags: #osint #darkweb #infosec #cybersecurity
Medium
Understanding Torch Dark Web Search and Its Role in Onion Discovery
Search on the Tor network works very differently from traditional engines like Google. Indexing is partial, uptime is unstable, and…
⤷ Title: Sensitive Data Exposure Attack Lab: A Hands-On Journey Through Information Leakage and File…
════════════════════════
𐀪 Author: Mohamed Mostafa Sayed Saber Ali
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:52:07 GMT
════════════════════════
⌗ Tags: #python #cybersecurity #ethical_hacking #penetration_testing #web_development
════════════════════════
𐀪 Author: Mohamed Mostafa Sayed Saber Ali
════════════════════════
ⴵ Time: Sun, 01 Mar 2026 23:52:07 GMT
════════════════════════
⌗ Tags: #python #cybersecurity #ethical_hacking #penetration_testing #web_development
Medium
Sensitive Data Exposure Attack Lab: A Hands-On Journey Through Information Leakage and File Enumeration
Comprehensive walkthrough of sensitive data exposure techniques, from decompiling Python bytecode to null byte injection
⤷ Title: Steel Mountain -TryHackMe Writeup
════════════════════════
𐀪 Author: Hemantha Krishna Challa
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:15:01 GMT
════════════════════════
⌗ Tags: #ethical_hacking #tryhackme #cybersecurity #tryhackme_walkthrough #tryhackme_writeup
════════════════════════
𐀪 Author: Hemantha Krishna Challa
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:15:01 GMT
════════════════════════
⌗ Tags: #ethical_hacking #tryhackme #cybersecurity #tryhackme_walkthrough #tryhackme_writeup
Medium
Steel Mountain -TryHackMe Writeup
Hack into a Mr. Robot themed Windows machine. Use metasploit for initial access, utilise powershell for Windows privilege escalation…
⤷ Title: TryHackMe: Monday Monitor Challenge Room Walkthrough
════════════════════════
𐀪 Author: Drew Arpino
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #cybersecurity #wazuh #tryhackme #tryhackme_writeup #tryhackme_walkthrough
════════════════════════
𐀪 Author: Drew Arpino
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #cybersecurity #wazuh #tryhackme #tryhackme_writeup #tryhackme_walkthrough
Medium
TryHackMe: Monday Monitor Challenge Room Walkthrough
Wazuh SIEM Forensics: Investigating Persistence, Credential Dumping, and Exfiltration with Atomic Red Team.
⤷ Title: Rate Limiting Your Rails API with Rack::Attack gem
════════════════════════
𐀪 Author: Talha Khalid
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:52:59 GMT
════════════════════════
⌗ Tags: #api_rate_limiting #api_security #ruby_on_rails #web_development #rubygems
════════════════════════
𐀪 Author: Talha Khalid
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:52:59 GMT
════════════════════════
⌗ Tags: #api_rate_limiting #api_security #ruby_on_rails #web_development #rubygems
Medium
Rate Limiting Your Rails API with Rack::Attack gem
Rate limiting is a fundamental aspect of API security and stability. Without it, endpoints are vulnerable to brute force attacks…
⤷ Title: How I Found a Broken Object Level Authorization (BOLA) in a Real Production App
════════════════════════
𐀪 Author: 77r4sed
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:56:04 GMT
════════════════════════
⌗ Tags: #bugbounty_writeup #idor_vulnerability #bug_bounty #bug_bounty_hunter #bug_bounty_tips
════════════════════════
𐀪 Author: 77r4sed
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 00:56:04 GMT
════════════════════════
⌗ Tags: #bugbounty_writeup #idor_vulnerability #bug_bounty #bug_bounty_hunter #bug_bounty_tips
Medium
How I Found a Broken Object Level Authorization (BOLA) in a Real Production App
This is the write-up of how I found a Broken Object Level Authorization (BOLA) vulnerability that allowed cross-account cart manipulation…
⤷ Title: Day 3 of getting started to become a Master hacker
════════════════════════
𐀪 Author: Nakul
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:03:33 GMT
════════════════════════
⌗ Tags: #penetration_testing #beginners_guide #xs #learning_to_hack #bug_bounty
════════════════════════
𐀪 Author: Nakul
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:03:33 GMT
════════════════════════
⌗ Tags: #penetration_testing #beginners_guide #xs #learning_to_hack #bug_bounty
Medium
Day 3 of getting started to become a Master hacker
learning from Cisco:
⤷ Title: What Is Burp Suite?
════════════════════════
𐀪 Author: Yamini Yadav_369
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 02:40:12 GMT
════════════════════════
⌗ Tags: #penetration_testing #ethical_hacking #application_security #burpsuite #cybersecurity
════════════════════════
𐀪 Author: Yamini Yadav_369
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 02:40:12 GMT
════════════════════════
⌗ Tags: #penetration_testing #ethical_hacking #application_security #burpsuite #cybersecurity
Medium
What Is Burp Suite? A Complete Introduction for Ethical Hackers, Cybersecurity Students & Beginner Penetration Testers
“Before you can hack a web application, you need to understand it. And to understand it, you need to intercept it.”
⤷ Title: What is penetration testing? | What is pen testing?
════════════════════════
𐀪 Author: Fatihbadem
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:51:25 GMT
════════════════════════
⌗ Tags: #pentesting #hacking #sodusecure #pentest #cybersecurity
════════════════════════
𐀪 Author: Fatihbadem
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:51:25 GMT
════════════════════════
⌗ Tags: #pentesting #hacking #sodusecure #pentest #cybersecurity
Medium
What is penetration testing? | What is pen testing?
A structured pentest helps organizations:
⤷ Title: How Hackers Attack Cloud Environments
════════════════════════
𐀪 Author: Md Shafiqul Baten Sumon
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:47:55 GMT
════════════════════════
⌗ Tags: #cloud_computing #artificial_intelligence #hacking #cloud_security #cybersecurity
════════════════════════
𐀪 Author: Md Shafiqul Baten Sumon
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:47:55 GMT
════════════════════════
⌗ Tags: #cloud_computing #artificial_intelligence #hacking #cloud_security #cybersecurity
Medium
How Hackers Attack Cloud Environments
Cloud breaches rarely begin with shellcode. They begin with identity. That distinction is not cosmetic. It fundamentally changes the…
⤷ Title: OffSec: Moneybox Walkthrough
════════════════════════
𐀪 Author: Antonio
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:15:48 GMT
════════════════════════
⌗ Tags: #ctf_writeup #hacking #cybersecurity #ctf #oscp
════════════════════════
𐀪 Author: Antonio
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:15:48 GMT
════════════════════════
⌗ Tags: #ctf_writeup #hacking #cybersecurity #ctf #oscp
Medium
OffSec: Moneybox Walkthrough
Machine details
⤷ Title: The 29-Minute Window: Why AI is No Longer Optional in Cybersecurity
════════════════════════
𐀪 Author: Md Rahat Rahman Akas
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:45:23 GMT
════════════════════════
⌗ Tags: #infosec #digital_transformation #technology #cybersecurity #artificial_intelligence
════════════════════════
𐀪 Author: Md Rahat Rahman Akas
════════════════════════
ⴵ Time: Mon, 02 Mar 2026 01:45:23 GMT
════════════════════════
⌗ Tags: #infosec #digital_transformation #technology #cybersecurity #artificial_intelligence
Medium
The 29-Minute Window: Why AI is No Longer Optional in Cybersecurity
In 2025, the average “breakout time” — the vital window between an attacker breaching your perimeter and moving laterally to steal your…