Do you like writing software for Android, perhaps even sideload the occasional APK onto your Android device? In that case some big changes are heading your way, with Google announcing that they wil…

A sophisticated new variant of the Hook Android banking trojan has emerged with unprecedented capabilities that position it among the most advanced mobile malware families observed to date. This latest version, designated Hook Version 3, represents a significant…

China-based threat actor Mustang Panda has emerged as one of the most sophisticated cyber espionage groups operating in the current threat landscape, with operations dating back to at least 2014. This advanced persistent threat (APT) group has systematically…

A sophisticated data exfiltration campaign targeting corporate Salesforce instances has exposed sensitive information from multiple organizations through compromised OAuth tokens associated with the Salesloft Drift third-party application. 

African nations work with Interpol and private-sector partners to disrupt cybercriminal operations on the continent, but more work needs to be done.

Over on his blog our hacker [cpt_tom] shows us how to simulate the hardware for a Commodore PET. Two of them in fact, one with static RAM and the other with dynamic RAM. This project is serious bus…

Google has released an emergency security update for Chrome to address a critical use-after-free vulnerability (CVE-2025-9478) in the ANGLE graphics library that could allow attackers to execute arbitrary code on compromised systems. 

گوگل اعلام کرده قصد دارد هویت همه توسعه‌دهندگانی را که اپلیکیشن‌های اندروید را منتشر می‌کنند بررسی و تأیید کند؛ حتی توسعه‌دهندگانی که اپ‌هایشان را خارج از گوگل‌پلی در دسترس قرار می‌دهند.

یک آسیب‌پذیری امنیتی بحرانی در پلتفرم مدیریت دسترسی ممتاز (Privileged Access Management) شرکت Securden کشف شده است که به مهاجمان احراز هویت نشده اجازه می‌دهد تا با دور زدن کامل مکانیزم‌های امنیتی، کنترل سیستم را به دست گرفته و به تمام رمزهای عبور و اسرار…

Persian translation of "Task Programming in C# and .NET" by Vaskaran Sarcar. - hheydarian/task-programming-in-csharp-dotnet-persian

Interesting Technique to Launch a Shellcode, Author: Xavier Mertens

Modern multi-material printers certainly have their advantages, but all that purging has a way to add up to oodles of waste. Tool-changing printers offer a way to do multi-material prints without t…

شرکت سیتریکس سه آسیب‌پذیری امنیتی در محصولات NetScaler ADC و NetScaler Gateway را برطرف کرد.

A whistleblower disclosure filed today alleges that the Department of Government Efficiency (DOGE) within the Social Security Administration (SSA) covertly created a live copy of the nation’s entire Social Security dataset in an unsecured cloud environment. 

یکشنبه
۷ ‏( دی = ۱۰ )‏ ۱٤۰٤
‏28 ( دسامبر = december = 12 ) 2025
تکنیک‌ها ، کالبدشکافی ، درک عمیق ، یک قدم جلوتر ...
https://news.1rj.ru/str/boost/NullError_ir

مرکز مدیریت راهبردی افتا، مردادماه با درخواست صدور و یا تمدید 56 مجوز شرکت‌های متقاضی فعالیت در سازمان‌ها و دستگاه‌های دارای زیرساخت‌ حیاتی کشور موافقت کرد.

In recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to deploy an advanced in-memory implant dubbed…

This report provides statistical data on published vulnerabilities and exploits we researched in Q2 2025. It also includes summary data on the use of C2 frameworks.

یکشنبه
۷ ‏( دی = ۱۰ )‏ ۱٤۰٤
‏28 ( دسامبر = december = 12 ) 2025
تکنیک‌ها ، کالبدشکافی ، درک عمیق ، یک قدم جلوتر ...
https://news.1rj.ru/str/boost/NullError_ir

Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies.

Nice indirect prompt injection attack: Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.) It looks like an official…