⤷ Title: PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:28:42 +0000
════════════════════════
⌗ Tags: #Malware #Android Malware #Chinese Threat Actors #cybersecurity #financial fraud #MaaS #ODF #On_Device Fraud #PlayPraetor #rat
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:28:42 +0000
════════════════════════
⌗ Tags: #Malware #Android Malware #Chinese Threat Actors #cybersecurity #financial fraud #MaaS #ODF #On_Device Fraud #PlayPraetor #rat
Daily CyberSecurity
PlayPraetor: New Android RAT Infects 11,000+ Devices with Real-Time On-Device Fraud
Cleafy uncovers PlayPraetor, a Chinese-speaking MaaS Android RAT that has infected 11,000+ devices, using real-time control via Accessibility Services to conduct on-device fraud.
⤷ Title: APT36 Targets Indian Government with Sophisticated Phishing, Bypassing MFA with Real-Time OTP Harvest
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:26:08 +0000
════════════════════════
⌗ Tags: #Cybercriminals #APT36 #cybersecurity #India #Kavach #MFA Bypass #Pakistan #phishing #Transparent Tribe #Typo_squatting
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:26:08 +0000
════════════════════════
⌗ Tags: #Cybercriminals #APT36 #cybersecurity #India #Kavach #MFA Bypass #Pakistan #phishing #Transparent Tribe #Typo_squatting
Daily CyberSecurity
APT36 Targets Indian Government with Sophisticated Phishing, Bypassing MFA with Real-Time OTP Harvest
APT36, a Pakistan-linked threat actor, is targeting Indian government officials with phishing campaigns that mimic official websites to harvest credentials and Kavach MFA OTPs in real time.
⤷ Title: New PXA Stealer Campaign Hits 62 Countries with Stealthy DLL Sideloading and Telegram Exfiltration
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:21:09 +0000
════════════════════════
⌗ Tags: #Malware #cloudflare #cybersecurity #DLL Sideloading #evasion #Infostealer #malware #PXA Stealer #SentinelOne #Telegram
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:21:09 +0000
════════════════════════
⌗ Tags: #Malware #cloudflare #cybersecurity #DLL Sideloading #evasion #Infostealer #malware #PXA Stealer #SentinelOne #Telegram
Daily CyberSecurity
New PXA Stealer Campaign Hits 62 Countries with Stealthy DLL Sideloading and Telegram Exfiltration
SentinelLABS and Beazley expose PXA Stealer, a Python-based infostealer campaign targeting 62 countries with stealthy DLL sideloading, decoy files, and Telegram-based data exfiltration.
⤷ Title: Critical Dell DD OS Flaw (CVSS 9.8) Allows Unauthenticated Remote Access
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:16:34 +0000
════════════════════════
⌗ Tags: #Vulnerability #Authentication Bypass #Command Injection #cybersecurity #DD OS #DDSH #dell #PowerProtect
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:16:34 +0000
════════════════════════
⌗ Tags: #Vulnerability #Authentication Bypass #Command Injection #cybersecurity #DD OS #DDSH #dell #PowerProtect
Daily CyberSecurity
Critical Dell DD OS Flaw (CVSS 9.8) Allows Unauthenticated Remote Access
Dell patched a critical flaw (CVE-2025-36594) in DD OS allowing unauthenticated remote auth bypass. DDSH CLI flaws (CVE-2025-30096-30099) also patched.
⤷ Title: The Evolution of Evasion: Raspberry Robin Malware Upgrades with New Encryption & UAC Bypass Exploit
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:10:15 +0000
════════════════════════
⌗ Tags: #Malware #ChaCha20 #CVE_2024_38196 #cybersecurity #evasion #Local Privilege Escalation #malware #Obfuscation #Raspberry Robin #tor
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:10:15 +0000
════════════════════════
⌗ Tags: #Malware #ChaCha20 #CVE_2024_38196 #cybersecurity #evasion #Local Privilege Escalation #malware #Obfuscation #Raspberry Robin #tor
Daily CyberSecurity
The Evolution of Evasion: Raspberry Robin Malware Upgrades with New Encryption & UAC Bypass Exploit
ThreatLabz reveals the evolution of Raspberry Robin malware, now featuring stronger encryption, complex obfuscation, and a new privilege escalation exploit to bypass detection.
⤷ Title: Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:06:14 +0000
════════════════════════
⌗ Tags: #Cybercriminals #BeaverTail malware #cryptocurrency #cybersecurity #info_stealer #North Korea #npm #supply chain attack #Veracode
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:06:14 +0000
════════════════════════
⌗ Tags: #Cybercriminals #BeaverTail malware #cryptocurrency #cybersecurity #info_stealer #North Korea #npm #supply chain attack #Veracode
Daily CyberSecurity
Beavertail Malware Returns: North Korean Hackers Use NPM Packages to Steal Crypto & Secrets
Veracode warns of a North Korean cyber-espionage campaign using malicious NPM packages to spread Beavertail malware and steal crypto from developers via fake interview tasks.
⤷ Title: Kimsuky APT Escalates Cyberespionage with Stealthy LNK Files & Reflective Malware Payloads
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:01:08 +0000
════════════════════════
⌗ Tags: #Cybercriminals #APT #Cyberespionage #cybersecurity #Kimsuky #LNK Files #malware #North Korea #Reflective DLL Injection #south korea
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 00:01:08 +0000
════════════════════════
⌗ Tags: #Cybercriminals #APT #Cyberespionage #cybersecurity #Kimsuky #LNK Files #malware #North Korea #Reflective DLL Injection #south korea
Daily CyberSecurity
Kimsuky APT Escalates Cyberespionage with Stealthy LNK Files & Reflective Malware Payloads
A new report reveals Kimsuky, a North Korea-linked APT, is using sophisticated LNK files and reflective payloads to infiltrate systems and conduct cyberespionage against South Korean targets.
⤷ Title: Urgent Zero-Day Warning: SonicWall VPNs Under Attack, Akira Ransomware Deployed Within Hours
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 23:24:09 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Akira #cybersecurity #Huntress #MFA Bypass #ransomware #security alert #SonicWall #vpn #zero_day
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 23:24:09 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Akira #cybersecurity #Huntress #MFA Bypass #ransomware #security alert #SonicWall #vpn #zero_day
Daily CyberSecurity
Urgent Zero-Day Warning: SonicWall VPNs Under Attack, Akira Ransomware Deployed Within Hours
Huntress and other firms warn of a likely zero-day vulnerability in SonicWall VPNs. Attackers are bypassing MFA and deploying Akira ransomware within hours of initial access.
⤷ Title: DAY 1 Recon: Manual Reconnaissance: How I Explore Targets Like a Hacker (But With Good Intentions)
════════════════════════
𐀪 Author: Ayush Kumar
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:35:57 GMT
════════════════════════
⌗ Tags: #hacking #bug_bounty #ethical_hacking #programming #cybersecurity
════════════════════════
𐀪 Author: Ayush Kumar
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:35:57 GMT
════════════════════════
⌗ Tags: #hacking #bug_bounty #ethical_hacking #programming #cybersecurity
Medium
DAY 1 Recon: Manual Reconnaissance: How I Explore Targets Like a Hacker (But With Good Intentions)
Before the tools come out, I like to get my hands dirty — and here’s why that matters.
⤷ Title: Ticket to Trouble: How I Hijacked Support Tickets to See Everyone’s Complaints ️
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:35:50 GMT
════════════════════════
⌗ Tags: #hacking #infosec #money #bug_bounty #cybersecurity
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:35:50 GMT
════════════════════════
⌗ Tags: #hacking #infosec #money #bug_bounty #cybersecurity
Medium
Ticket to Trouble: How I Hijacked Support Tickets to See Everyone’s Complaints 🎟️😈
Free Link 🎈
⤷ Title: Burp Suite For Beginners: How I Learned the Proxy and Interceptor
════════════════════════
𐀪 Author: Ayush Kumar
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:35:21 GMT
════════════════════════
⌗ Tags: #programming #bug_bounty #hacking #ethical_hacking #cybersecurity
════════════════════════
𐀪 Author: Ayush Kumar
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:35:21 GMT
════════════════════════
⌗ Tags: #programming #bug_bounty #hacking #ethical_hacking #cybersecurity
Medium
Burp Suite For Beginners: How I Learned the Proxy and Interceptor
Ever tried to peek behind the curtain of a website? Maybe you’re curious how apps talk to each other. Or you keep hearing about “Burp…
⤷ Title: Reflected XSS Made Easy: Catching Real Bugs in the Wild
════════════════════════
𐀪 Author: Monika sharma
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:33:44 GMT
════════════════════════
⌗ Tags: #penetration_testing #tips_and_tricks #javanoscript #vulnerability #bug_bounty
════════════════════════
𐀪 Author: Monika sharma
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:33:44 GMT
════════════════════════
⌗ Tags: #penetration_testing #tips_and_tricks #javanoscript #vulnerability #bug_bounty
Medium
Reflected XSS Made Easy: Catching Real Bugs in the Wild
How a Simple Payload Uncovered a Real Vulnerability on MTN’s Website
⤷ Title: Extracting Data from the Subdomain Grave
════════════════════════
𐀪 Author: SIDDHANT SHUKLA
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:33:39 GMT
════════════════════════
⌗ Tags: #bug_bounty #hacking #technology #programming #cybersecurity
════════════════════════
𐀪 Author: SIDDHANT SHUKLA
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:33:39 GMT
════════════════════════
⌗ Tags: #bug_bounty #hacking #technology #programming #cybersecurity
Medium
Extracting Data from the Subdomain Grave
The buried aren’t always silent
⤷ Title: Forgotten by Design: How an Unused Subdomain Gave Me Full Cloud Access ☁️
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:33:29 GMT
════════════════════════
⌗ Tags: #infosec #bug_bounty #cybersecurity #money #hacking
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:33:29 GMT
════════════════════════
⌗ Tags: #infosec #bug_bounty #cybersecurity #money #hacking
Medium
💡 Forgotten by Design: How an Unused Subdomain Gave Me Full Cloud Access ☁️🔑
Hey there!😁
⤷ Title: I Turned IDOR and XSS Into a Mass Account Takeover
════════════════════════
𐀪 Author: Ibtissam hammadi
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:29:24 GMT
════════════════════════
⌗ Tags: #cybersecurity #idor #web_security #bug_bounty #xss_attack
════════════════════════
𐀪 Author: Ibtissam hammadi
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 08:29:24 GMT
════════════════════════
⌗ Tags: #cybersecurity #idor #web_security #bug_bounty #xss_attack
Medium
I Turned IDOR and XSS Into a Mass Account Takeover
Ever missed a critical bug because you didn’t chain vulnerabilities?
⤷ Title: “Day 2: Reconnaissance — How I Found My First Real Bug (And How You Can Too)”
════════════════════════
𐀪 Author: Aman Sharma
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 04:45:13 GMT
════════════════════════
⌗ Tags: #cybersecurity #money #bug_bounty #programming #technology
════════════════════════
𐀪 Author: Aman Sharma
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 04:45:13 GMT
════════════════════════
⌗ Tags: #cybersecurity #money #bug_bounty #programming #technology
Medium
“Day 2: Reconnaissance — How I Found My First Real Bug (And How You Can Too)”
On Day 1, I learned the basics. On Day 2, I got real. I remember staring at a company’s website, completely lost — where do I even start…
⤷ Title: Clean-Up Fail: How a Forgotten Admin Endpoint Let Me Drop All The Data ️
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 04:45:05 GMT
════════════════════════
⌗ Tags: #money #hacking #infosec #bug_bounty #cybersecurity
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 04:45:05 GMT
════════════════════════
⌗ Tags: #money #hacking #infosec #bug_bounty #cybersecurity
Medium
🧹 Clean-Up Fail: How a Forgotten Admin Endpoint Let Me Drop All The Data 🗑️🔧
Hey there!😁
⤷ Title: Package of Problems: How a Frontend NPM Library Leaked Internal API Keys
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 04:43:54 GMT
════════════════════════
⌗ Tags: #money #bug_bounty #infosec #cybersecurity #hacking
════════════════════════
𐀪 Author: Iski
════════════════════════
ⴵ Time: Mon, 04 Aug 2025 04:43:54 GMT
════════════════════════
⌗ Tags: #money #bug_bounty #infosec #cybersecurity #hacking
Medium
📦 Package of Problems: How a Frontend NPM Library Leaked Internal API Keys 🎁🧪
Hey there!😁
⤷ Title: O que é rollback e por que ele precisa estar no seu plano de segurança da informação
════════════════════════
𐀪 Author: Bughunt
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 13:22:41 GMT
════════════════════════
⌗ Tags: No_Tags
════════════════════════
𐀪 Author: Bughunt
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 13:22:41 GMT
════════════════════════
⌗ Tags: No_Tags
BugHunt
O que é rollback e sua importância para a segurança
Rollback em TI permite reverter sistemas a estados anteriores, minimizando impactos de falhas e ataques em ambientes críticos. Saiba mais!
⤷ Title: Do you Practice, but Still Feel Stuck at Bug Bounty?
════════════════════════
𐀪 Author: Appsec.pt
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 18:47:48 GMT
════════════════════════
⌗ Tags: #bug_bounty #cybersecurity #bug_bounty_tips #red_teaming #bug_bounty_writeup
════════════════════════
𐀪 Author: Appsec.pt
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 18:47:48 GMT
════════════════════════
⌗ Tags: #bug_bounty #cybersecurity #bug_bounty_tips #red_teaming #bug_bounty_writeup
Medium
Do you Practice, but Still Feel Stuck at Bug Bounty?
Browsing Reddit recently, I found a lot of hunters who faced a common problem… They studied the theory, did CTFs, and spent time doing Bug…
⤷ Title: [Web Security Academy] — Server-Side Vulnerabilities / Access Control
════════════════════════
𐀪 Author: Voltsec
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 18:13:10 GMT
════════════════════════
⌗ Tags: #cybersecurity #web_security #bug_bounty #access_control #ctf_writeup
════════════════════════
𐀪 Author: Voltsec
════════════════════════
ⴵ Time: Tue, 05 Aug 2025 18:13:10 GMT
════════════════════════
⌗ Tags: #cybersecurity #web_security #bug_bounty #access_control #ctf_writeup
Medium
[Web Security Academy] — Server-Side Vulnerabilities / Access Control
In this write-up, I’ll introduce the topic of access control in web applications and walk through a lab that demonstrates a vertical…