Daily Writeups – Telegram
Daily Writeups
@Daily_Writeups
3.2K subscribers
106K links
Daily Bug Bounty / Cybersecurity Writeups
Source Code : https://github.com/Spix0r/writeup-miner
Download Telegram
About
Blog
Apps
Platform
Join
Daily Writeups
3.2K subscribers
Daily Writeups
Title: APT37’s Stealthy RoKRAT Malware Uses Steganography in JPEGs to Evade Detection
════════════════════════
𐀪 Author: ddos
════════════════════════
Time: Tue, 05 Aug 2025 03:11:55 +0000
════════════════════════
Tags: #Malware #APT37 #Cyberespionage #cybersecurity #DLL hijacking #Fileless Malware #malware #North Korea #RoKRAT #Steganography
Penetration Testing Tools
APT37's Stealthy RoKRAT Malware Uses Steganography in JPEGs to Evade Detection
APT37's new RoKRAT malware variant uses steganography to hide encrypted payloads in JPEG images, bypassing antivirus and traditional defenses by executing entirely in memory.
15 views
Daily Writeups
Title: bbot: OSINT automation for hackers
════════════════════════
𐀪 Author: ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:29:33 +0000
════════════════════════
Tags: #Open Source Tool #OSINT #OSINT automation
Penetration Testing Tools
bbot: OSINT automation for hackers
BBOT is a recursive, modular OSINT automation framework written in Python. BBOT currently has over 50 modules and counting.
12 views
Daily Writeups
Title: The Ransomware That Never Ends: Einhaus Group Collapses After Paying Royal’s $230K Ransom
════════════════════════
𐀪 Author: ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:28:31 +0000
════════════════════════
Tags: #Cybercriminals #Bankruptcy #cyberattack #cybersecurity #Einhaus Group #Germany #IT Services #ransomware #Royal #Wilhelm Einhaus
Penetration Testing Tools
The Ransomware That Never Ends: Einhaus Group Collapses After Paying Royal's $230K Ransom
German firm Einhaus Group declared bankruptcy after a $230K ransomware attack by Royal. Despite paying the ransom, the company couldn't recover, underscoring the true cost of cybercrime.
13 views
Daily Writeups
Title: The Rust Invasion: Linux Kernel 6.17 Sees Major Rust Code Additions for Drivers & Infrastructure
════════════════════════
𐀪 Author: ddos
════════════════════════
Time: Mon, 04 Aug 2025 23:46:03 +0000
════════════════════════
Tags: #Linux #Drivers #Kernel Development #Linux 6.17 #Linux Kernel #Miguel Ojeda #Nvidia #open source #programming #Rust
Penetration Testing Tools
The Rust Invasion: Linux Kernel 6.17 Sees Major Rust Code Additions for Drivers & Infrastructure
Linux Kernel 6.17 is getting a major influx of Rust code for drivers and infrastructure. This marks a significant step in Rust's growing role in core kernel development.
11 views
Daily Writeups
Title: Linux Kernel 6.17 Revolutionizes CPU Security with “Attack Vector Controls” from AMD
════════════════════════
𐀪 Author: ddos
════════════════════════
Time: Mon, 04 Aug 2025 23:32:23 +0000
════════════════════════
Tags: #Linux #6.17 #AMD #Attack Vector Controls #CPU Security #David Kaplan #Linux Kernel #Mitigations #Retbleed #Spectre
Penetration Testing Tools
Linux Kernel 6.17 Revolutionizes CPU Security with "Attack Vector Controls" from AMD
Linux Kernel 6.17 introduces "Attack Vector Controls," a new system for managing CPU security mitigations by attack type, simplifying administration and boosting performance.
11 views
Daily Writeups
Title: Meta Unveils 3mm Holographic VR Headset Prototype, Revolutionizing XR with Stanford Partnership
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 07:17:03 +0000
════════════════════════
Tags: #Technology #AR #Holographic Projection #Holographic VR #Meta #Nature Photonics #Stanford University #VR #VR Headset #Wearable Tech #XR
Daily CyberSecurity
Meta Unveils 3mm Holographic VR Headset Prototype, Revolutionizing XR with Stanford Partnership
Meta and Stanford unveiled a 3mm-thick holographic VR headset prototype, using laser projection to eliminate bulky optics and bringing VR glasses closer to consumer reality.
10 views
Daily Writeups
Title: iOS Update: Proton Authenticator Bug Leaked TOTP Secrets in Plaintext Logs
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 07:12:32 +0000
════════════════════════
Tags: #Vulnerability Report #cybersecurity #ios #MFA #Plaintext Logs #Proton Authenticator #Secrets #TOTP #update #Vulnerability
Daily CyberSecurity
iOS Update: Proton Authenticator Bug Leaked TOTP Secrets in Plaintext Logs
Proton has patched a critical flaw in its iOS Authenticator app (v1.1.1) that logged TOTP secrets in plaintext. Users are urged to update immediately to secure their accounts.
9 views
Daily Writeups
Title: Cloudflare Accuses Perplexity AI of Evading Blocks and Impersonating Chrome to Scrape Websites
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 07:08:33 +0000
════════════════════════
Tags: #Technology #AI #cloudflare #cybersecurity #Data Collection #Perplexity.ai #robots.txt #User Agent #Web Scraping
Daily CyberSecurity
Cloudflare Accuses Perplexity AI of Evading Blocks and Impersonating Chrome to Scrape Websites
Cloudflare accuses Perplexity AI of ignoring robots.txt files and impersonating a browser to evade detection, and has removed it from its list of verified bots.
9 views
Daily Writeups
Title: OpenAI Introduces “Take a Break” Reminders to ChatGPT, Refines Responses for High-Stakes Decisions
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 02:47:54 +0000
════════════════════════
Tags: #Technology #AI safety #ChatGPT #ethical AI #Mental Health #Misinformation #OpenAI #Prompt #User Interaction #Well_being
Daily CyberSecurity
OpenAI Introduces "Take a Break" Reminders to ChatGPT, Refines Responses for High-Stakes Decisions
OpenAI adds new "take a break" reminders to ChatGPT and is refining responses to high-stakes decisions, aiming to combat misinformation and promote healthier AI usage.
8 views
Daily Writeups
Title: Critical ADOdb Flaw (CVE-2025-54119, CVSS 10.0) in SQLite3 Driver Allows SQL Injection
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 02:43:34 +0000
════════════════════════
Tags: #Vulnerability Report #ADOdb #CVE_2025_54119 #cybersecurity #database #php #sql injection #SQLite3 #Vulnerability
Daily CyberSecurity
Critical ADOdb Flaw (CVE-2025-54119, CVSS 10.0) in SQLite3 Driver Allows SQL Injection
A critical SQL injection flaw (CVE-2025-54119, CVSS 10.0) in ADOdb’s SQLite3 driver allows arbitrary SQL execution via improperly escaped table names.
11 views
Daily Writeups
Title: Amazon Overhauls Wondery Podcast Network, Shifts Focus to Audible and Creator-Led Content
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 02:24:46 +0000
════════════════════════
Tags: #Technology #Amazon #Audible #audio #Creator Services #media #Podcasts #Restructuring #streaming #Wondery
Daily CyberSecurity
Amazon Overhauls Wondery Podcast Network, Shifts Focus to Audible and Creator-Led Content
Amazon is reorganizing its audio division, integrating Wondery's narrative content into Audible and creating a new "Creator Services" team for celebrity-led podcasts.
8 views
Daily Writeups
Title: Broadcom’s Jericho4 Unleashed: The 3nm Switch-Router Connecting a Million XPUs for Distributed AI
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 02:15:47 +0000
════════════════════════
Tags: #Technology #AI Infrastructure #Broadcom #data centers #Distributed Computing #Ethernet #Jericho4 #MACsec #RoCE #Ultra Ethernet Consortium
Daily CyberSecurity
Broadcom’s Jericho4 Unleashed: The 3nm Switch-Router Connecting a Million XPUs for Distributed AI
Broadcom has shipped Jericho4, a new 3nm Ethernet router designed for distributed AI. It connects over a million XPUs across data centers with lossless, secure 3.2 Tbps HyperPorts.
6 views
Daily Writeups
Title: Meta Eyes Pika Labs: A Potential $500M Acquisition to Accelerate AI Video Generation
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 02:07:15 +0000
════════════════════════
Tags: #Technology #acquisition #AI #Generative AI #Meta #Pika Labs #Short_Form Video #Startup #Video Generation
Daily CyberSecurity
Meta Eyes Pika Labs: A Potential $500M Acquisition to Accelerate AI Video Generation
Meta is reportedly in talks to acquire AI video startup Pika Labs, a move that would accelerate its push into generative AI and short-form video creation for its platforms.
9 views
Daily Writeups
Title: Elon Musk Files “MacroHard” Trademark, Reigniting Rivalry with Microsoft
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 02:02:22 +0000
════════════════════════
Tags: #Technology #AI #Bill Gates #Elon Musk #Grok #MacroHard #Microsoft #Tech News #Trademark #xAI
Daily CyberSecurity
Elon Musk Files "MacroHard" Trademark, Reigniting Rivalry with Microsoft
Elon Musk's xAI has filed a trademark for “MacroHard,” a provocative jab at Microsoft. The move hints at a new multi-agent AI venture and reignites a simmering rivalry with Bill Gates.
11 views
Daily Writeups
Title: Android Security Update: Critical RCE Flaw (CVE-2025-48530) in System Component Patched
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 01:35:02 +0000
════════════════════════
Tags: #Android #Vulnerability Report #android #AOSP #CVE_2025_48530 #cybersecurity #rce #Remote Code Execution #Security Bulletin #Vulnerability
Daily CyberSecurity
Android Security Update: Critical RCE Flaw (CVE-2025-48530) in System Component Patched
Google's August 2025 Android Security Bulletin addresses a critical RCE flaw (CVE-2025-48530) in the core System component, which requires no user interaction for exploitation. Update now!
13 views
Daily Writeups
Title: New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:40:07 +0000
════════════════════════
Tags: #Malware #Android Malware #Axis Bank #Banking Trojan #Cryptojacking #India #IndusInd Bank #Monero #phishing #SBI Card #XMRig
Daily CyberSecurity
New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero
McAfee uncovers a new Android malware campaign targeting Indian users. The malware impersonates major banks to steal financial data and silently mines Monero in the background.
13 views
Daily Writeups
Title: Critical Triton Flaws (CVSS 9.8) Expose AI Servers to Remote Takeover – Patch Now!
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:35:13 +0000
════════════════════════
Tags: #Vulnerability Report #AI #cybersecurity #Data Tampering #Inference Server #NVIDIA Triton #rce #Remote Code Execution #Vulnerability #Wiz Research
Daily CyberSecurity
Critical Triton Flaws (CVSS 9.8) Expose AI Servers to Remote Takeover – Patch Now!
NVIDIA has patched multiple critical flaws (CVSS 9.8) in its Triton Inference Server. A vulnerability chain allows unauthenticated attackers to gain RCE and seize AI servers.
15 views
Daily Writeups
Title: PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:28:42 +0000
════════════════════════
Tags: #Malware #Android Malware #Chinese Threat Actors #cybersecurity #financial fraud #MaaS #ODF #On_Device Fraud #PlayPraetor #rat
Daily CyberSecurity
PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud
Cleafy uncovers PlayPraetor, a Chinese-speaking MaaS Android RAT that has infected 11,000+ devices, using real-time control via Accessibility Services to conduct on-device fraud.
20 views
Daily Writeups
Title: APT36 Targets Indian Government with Sophisticated Phishing, Bypassing MFA with Real-Time OTP Harvest
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:26:08 +0000
════════════════════════
Tags: #Cybercriminals #APT36 #cybersecurity #India #Kavach #MFA Bypass #Pakistan #phishing #Transparent Tribe #Typo_squatting
Daily CyberSecurity
APT36 Targets Indian Government with Sophisticated Phishing, Bypassing MFA with Real-Time OTP Harvest
APT36, a Pakistan-linked threat actor, is targeting Indian government officials with phishing campaigns that mimic official websites to harvest credentials and Kavach MFA OTPs in real time.
20 views
Daily Writeups
Title: New PXA Stealer Campaign Hits 62 Countries with Stealthy DLL Sideloading and Telegram Exfiltration
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:21:09 +0000
════════════════════════
Tags: #Malware #cloudflare #cybersecurity #DLL Sideloading #evasion #Infostealer #malware #PXA Stealer #SentinelOne #Telegram
Daily CyberSecurity
New PXA Stealer Campaign Hits 62 Countries with Stealthy DLL Sideloading and Telegram Exfiltration
SentinelLABS and Beazley expose PXA Stealer, a Python-based infostealer campaign targeting 62 countries with stealthy DLL sideloading, decoy files, and Telegram-based data exfiltration.
13 views
Daily Writeups
Title: Critical Dell DD OS Flaw (CVSS 9.8) Allows Unauthenticated Remote Access
════════════════════════
𐀪 Author: Ddos
════════════════════════
Time: Tue, 05 Aug 2025 00:16:34 +0000
════════════════════════
Tags: #Vulnerability #Authentication Bypass #Command Injection #cybersecurity #DD OS #DDSH #dell #PowerProtect
Daily CyberSecurity
Critical Dell DD OS Flaw (CVSS 9.8) Allows Unauthenticated Remote Access
Dell patched a critical flaw (CVE-2025-36594) in DD OS allowing unauthenticated remote auth bypass. DDSH CLI flaws (CVE-2025-30096-30099) also patched.
7 views