⤷ Title: Chronus Mafia: cuando los nombres cambian pero el ecosistema permanece
════════════════════════
𐀪 Author: Hacking en México
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 21:39:36 GMT
════════════════════════
⌗ Tags: #hacking
════════════════════════
𐀪 Author: Hacking en México
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 21:39:36 GMT
════════════════════════
⌗ Tags: #hacking
Medium
Chronus Mafia: cuando los nombres cambian pero el ecosistema permanece
Durante años, en el mundo del hacking latinoamericano, hemos cometido el error de buscar estructuras rígidas donde nunca las hubo. Queremos…
⤷ Title: Reflective DLL Injection
════════════════════════
𐀪 Author: S12 - 0x12Dark Development
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 21:36:24 GMT
════════════════════════
⌗ Tags: #cybersecurity #cybercrime #malware #hacking #pentesting
════════════════════════
𐀪 Author: S12 - 0x12Dark Development
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 21:36:24 GMT
════════════════════════
⌗ Tags: #cybersecurity #cybercrime #malware #hacking #pentesting
Medium
Reflective DLL Injection
Welcome to this new Medium post, today a classic but always useful technique, the Reflective DLL Injection.
⤷ Title: Chronus, los leaks y la normalización del colapso digital en Latinoamérica
════════════════════════
𐀪 Author: Hacking en México
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 21:33:39 GMT
════════════════════════
⌗ Tags: #hacking
════════════════════════
𐀪 Author: Hacking en México
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 21:33:39 GMT
════════════════════════
⌗ Tags: #hacking
Medium
Chronus, los leaks y la normalización del colapso digital en Latinoamérica
Escribo esto no como espectador, sino como alguien que lleva años observando — y enfrentando — el deterioro de la seguridad digital en…
⤷ Title: HTB Broker Writeup
════════════════════════
𐀪 Author: Onurcan Genç
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 22:30:36 GMT
════════════════════════
⌗ Tags: #ctf_writeup #ethical_hacking #hackthebox #cybersecurity #penetration_testing
════════════════════════
𐀪 Author: Onurcan Genç
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 22:30:36 GMT
════════════════════════
⌗ Tags: #ctf_writeup #ethical_hacking #hackthebox #cybersecurity #penetration_testing
Medium
HTB Broker Writeup
Begin by adding the machine IP to /etc/hosts.
⤷ Title: Kali Meet Claude: Your New BFF
════════════════════════
𐀪 Author: BillfordX
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 22:13:14 GMT
════════════════════════
⌗ Tags: #opinion #penetration_testing #kali_linux #artificial_intelligence #ai
════════════════════════
𐀪 Author: BillfordX
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 22:13:14 GMT
════════════════════════
⌗ Tags: #opinion #penetration_testing #kali_linux #artificial_intelligence #ai
Medium
Kali Meet Claude: Your New BFF
Or your worst nightmare, it’s all perspective
⤷ Title: Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:43:35 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AVideo #CVE_2026_28501 #CVE_2026_28502 #infosec #Open Source Security #Patch Alert #rce #Remote Code Execution #sql injection #sqli #Video Streaming Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:43:35 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AVideo #CVE_2026_28501 #CVE_2026_28502 #infosec #Open Source Security #Patch Alert #rce #Remote Code Execution #sql injection #sqli #Video Streaming Security
Daily CyberSecurity
Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution
AVideo patches two critical flaws (CVE-2026-28501 & 28502) allowing unauthenticated SQL injection and remote code execution. Update to version 23 now.
⤷ Title: WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:39:29 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_1492 #Cyber Threats #infosec #Patch Alert #privilege escalation #User Registration Plugin #Vulnerability #Website Security #wordpress security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:39:29 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_1492 #Cyber Threats #infosec #Patch Alert #privilege escalation #User Registration Plugin #Vulnerability #Website Security #wordpress security
Daily CyberSecurity
WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin
A critical 9.8 CVSS flaw (CVE-2026-1492) in the WordPress User Registration & Membership plugin lets unauthenticated attackers create admin accounts.
⤷ Title: OAuth Hijack: Phishing Campaigns Weaponize Legitimate Redirection to Bypass Defenses
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:33:29 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cyber Security #DLL side_loading #Entra ID #Google Workspace #infosec #Malware Analysis #Microsoft Defender #OAuth Phishing #phishing campaigns #Redirect URI Abuse #threat intelligence
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:33:29 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cyber Security #DLL side_loading #Entra ID #Google Workspace #infosec #Malware Analysis #Microsoft Defender #OAuth Phishing #phishing campaigns #Redirect URI Abuse #threat intelligence
Daily CyberSecurity
OAuth Hijack: Phishing Campaigns Weaponize Legitimate Redirection to Bypass Defenses
Microsoft Defender reveals a new phishing campaign abusing OAuth redirect URIs to bypass security and deliver stealthy malware to your system.
⤷ Title: ClickFix Alert: Fake Venture Capitalists Target Web3 Pros with “Terminal” Phishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:29:06 +0000
════════════════════════
⌗ Tags: #Malware #ClickFix #cryptocurrency #cyber_espionage #infosec #LinkedIn Scams #malware #Moonlock Lab #North Korean hackers #social engineering #UNC1069 #Web3 security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:29:06 +0000
════════════════════════
⌗ Tags: #Malware #ClickFix #cryptocurrency #cyber_espionage #infosec #LinkedIn Scams #malware #Moonlock Lab #North Korean hackers #social engineering #UNC1069 #Web3 security
Daily CyberSecurity
ClickFix Alert: Fake Venture Capitalists Target Web3 Pros with "Terminal" Phishing
Moonlock Lab uncovers a North Korean-aligned malware campaign targeting Web3 pros. Attackers use fake VC profiles and ClickFix CAPTCHAs to deploy malware.
⤷ Title: Trojanized FileZilla FTP Client Targets Developer Credentials via DLL Sideloading
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:27:51 +0000
════════════════════════
⌗ Tags: #Malware #Credential Theft #Cyber Threats #DLL hijacking #DNS_over_HTTPS #DoH #FileZilla #infosec #Malwarebytes #Search Poisoning #Trojan #version.dll
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:27:51 +0000
════════════════════════
⌗ Tags: #Malware #Credential Theft #Cyber Threats #DLL hijacking #DNS_over_HTTPS #DoH #FileZilla #infosec #Malwarebytes #Search Poisoning #Trojan #version.dll
Daily CyberSecurity
Trojanized FileZilla FTP Client Targets Developer Credentials via DLL Sideloading
Malwarebytes uncovers a trojanized FileZilla campaign using DLL hijacking and DNS-over-HTTPS to silently steal FTP credentials and bypass security.
⤷ Title: Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:23:56 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_27971 #infosec #JavaScript Frameworks #Patch Alert #Qwik #rce #Remote Code Execution #server$ RPC #unsafe deserialization #Web Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:23:56 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_27971 #infosec #JavaScript Frameworks #Patch Alert #Qwik #rce #Remote Code Execution #server$ RPC #unsafe deserialization #Web Security
Daily CyberSecurity
Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request
Qwik framework patches a critical 9.2 CVSS RCE vulnerability (CVE-2026-27971) where unsafe deserialization in server$ RPC allows total server takeover.
⤷ Title: The BurrowShell Threat: Inside ‘Sloppy Lemming’s’ Stealthy Cyber Espionage Campaign in South Asia
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:17:59 +0000
════════════════════════
⌗ Tags: #Cyber Security #Malware #APT #Arctic Wolf #BurrowShell #Critical Infrastructure #cyber_espionage #cybersecurity #infosec #Malware Analysis #Sloppy Lemming #threat intelligence
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:17:59 +0000
════════════════════════
⌗ Tags: #Cyber Security #Malware #APT #Arctic Wolf #BurrowShell #Critical Infrastructure #cyber_espionage #cybersecurity #infosec #Malware Analysis #Sloppy Lemming #threat intelligence
Daily CyberSecurity
The BurrowShell Threat: Inside 'Sloppy Lemming's' Stealthy Cyber Espionage Campaign in South Asia
Arctic Wolf details a year-long cyber espionage campaign by Sloppy Lemming, deploying the custom BurrowShell malware against Pakistan and Bangladesh.
⤷ Title: AuraStealer: The “Result-Oriented” Malware Rising from the Post-Lumma Void
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:11:27 +0000
════════════════════════
⌗ Tags: #Malware #AuraStealer #browser security #ClickFix #Cybercrime #infosec #Infostealer #Lumma Stealer #Malware Analysis #threat intelligence #TikTok Scams
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:11:27 +0000
════════════════════════
⌗ Tags: #Malware #AuraStealer #browser security #ClickFix #Cybercrime #infosec #Infostealer #Lumma Stealer #Malware Analysis #threat intelligence #TikTok Scams
Daily CyberSecurity
AuraStealer: The "Result-Oriented" Malware Rising from the Post-Lumma Void
Following the Lumma takedown, the sophisticated AuraStealer malware is rapidly gaining ground, using TikTok scams and stealth to harvest data.
⤷ Title: The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:06:28 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI Prompt Injection #Aqua Trivy #Claude #cybersecurity #DevSecOps #Gemini #GitHub Copilot #infosec #social engineering #Socket #supply chain attack #VS Code
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:06:28 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI Prompt Injection #Aqua Trivy #Claude #cybersecurity #DevSecOps #Gemini #GitHub Copilot #infosec #social engineering #Socket #supply chain attack #VS Code
Daily CyberSecurity
The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots
Socket reveals how an AI bot hijacked the Aqua Trivy VS Code extension, using prompt injection to turn developer AI assistants into stealthy data thieves.
⤷ Title: PlugX Evolves: New “Meeting Invitation” Phishing Campaign Leverages Trusted Security Software
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:00:22 +0000
════════════════════════
⌗ Tags: #Malware #APT41 #cyber_espionage #DLL side_loading #G DATA #infosec #Lab52 #Malware Analysis #Mustang Panda #phishing #PlugX RAT #threat intelligence
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:00:22 +0000
════════════════════════
⌗ Tags: #Malware #APT41 #cyber_espionage #DLL side_loading #G DATA #infosec #Lab52 #Malware Analysis #Mustang Panda #phishing #PlugX RAT #threat intelligence
Daily CyberSecurity
PlugX Evolves: New "Meeting Invitation" Phishing Campaign Leverages Trusted Security Software
LAB52 exposes a new China-aligned espionage campaign using fake meeting invitations and G DATA antivirus components to stealthily deploy the PlugX RAT.
⤷ Title: Waybackurls Guide: Extracting Historical URLs for Bug Bounty
════════════════════════
𐀪 Author: JPablo13
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #hacking #technology #penetration_testing #bug_bounty #cybersecurity
════════════════════════
𐀪 Author: JPablo13
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #hacking #technology #penetration_testing #bug_bounty #cybersecurity
Medium
Waybackurls Guide: Extracting Historical URLs for Bug Bounty
Master Waybackurls to find hidden endpoints, sensitive parameters, and old JS files in your security audits.
⤷ Title: Monitoring AWS Services: Splunk, Security Operations - TryHackMe
════════════════════════
𐀪 Author: RosanaFSS
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:25:16 GMT
════════════════════════
⌗ Tags: #ethical_hacking #infosec #tryhackme #aws #cybersecurity
════════════════════════
𐀪 Author: RosanaFSS
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:25:16 GMT
════════════════════════
⌗ Tags: #ethical_hacking #infosec #tryhackme #aws #cybersecurity
Medium
Monitoring AWS Services: Splunk, Security Operations - TryHackMe
Discover common attacks on AWS services and learn how to protect against them.
⤷ Title: CVE Program Report for Quarter 4 Calendar Year (Q4 CY) 2025
════════════════════════
𐀪 Author: CVE Program Blog
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:04:16 GMT
════════════════════════
⌗ Tags: #cybersecurity #information_security #vulnerability_management #vulnerability #infosec
════════════════════════
𐀪 Author: CVE Program Blog
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:04:16 GMT
════════════════════════
⌗ Tags: #cybersecurity #information_security #vulnerability_management #vulnerability #infosec
Medium
CVE Program Report for Quarter 4 Calendar Year (Q4 CY) 2025
The CVE Program’s quarterly summary of program milestones and metrics for Q4 CY 2025.
⤷ Title: From Default Password to SYSTEM: A Beginner’s Walkthrough of TryHackMe Alfred
════════════════════════
𐀪 Author: Robert Perez
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:52:03 GMT
════════════════════════
⌗ Tags: #penetration_testing #infosec #ethical_hacking #cybersecurity #tryhackme
════════════════════════
𐀪 Author: Robert Perez
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:52:03 GMT
════════════════════════
⌗ Tags: #penetration_testing #infosec #ethical_hacking #cybersecurity #tryhackme
Medium
From Default Password to SYSTEM: A Beginner’s Walkthrough of TryHackMe Alfred
One of the best ways to learn penetration testing is to watch someone else work through a problem and explain their thinking along the way…
⤷ Title: Exploiting HTTP request smuggling to deliver reflected XSS
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:33 GMT
════════════════════════
⌗ Tags: #vulnerability #cybersecurity #penetration_testing #burpsuite #xss_attack
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:33 GMT
════════════════════════
⌗ Tags: #vulnerability #cybersecurity #penetration_testing #burpsuite #xss_attack
Medium
Exploiting HTTP request smuggling to deliver reflected XSS
This writeup demonstrates how to exploit HTTP request smuggling to deliver a reflected XSS payload. The application uses a front-end and…
⤷ Title: Exploiting HTTP request smuggling to reveal front-end request rewriting
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:14 GMT
════════════════════════
⌗ Tags: #cybersecurity #pentesting #burpsuite #exploit #penetration_testing
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:14 GMT
════════════════════════
⌗ Tags: #cybersecurity #pentesting #burpsuite #exploit #penetration_testing
Medium
Exploiting HTTP request smuggling to reveal front-end request rewriting
This writeup demonstrates how to exploit HTTP request smuggling to reveal front-end request rewriting. The application uses a front-end and…