Moonlock Lab dives deep into a campaign tricking blockchain developers with fake job interviews to deploy malware that installs a backdoor and targets MetaMask.

“Rebels on the rise, we have sacrificed Been knocked down like a poltergeist Nocturnal by blood, in darkness we stand […]

Learn how attackers can abuse VBS enclaves, a Windows security feature, for malicious purposes.

In this article, I will share a tip for those interested in performing a more detailed analysis of the behavior of native methods, with a…

As an industry, we believe that we’ve come to a common consensus after 25 years of circular debates - disclosure is terrible, information is actually dangerous, it’s best that it’s not shared, and the only way to really to ensure that no one ever uses information…

How Mercury defeated a phishing attack with device verification

Research by: Itay Cohen (@megabeets_) Over the past few decades, hacktivism has been, in a lot of cases, characterized by minor website defacements and distributed denial-of-service (DDoS) attacks, which, while making headlines, had minimal lasting impact.…

Learn to uncover more IDORs the lazy way with VeryLazyTech—tips, tricks, and hacks revealed!

Denoscription
Join us for a deep dive into the ongoing security audits of Zcash, completed by the Zcash Ecosystem Security Lead Least Authority, and funded by…

How I found 1000+ malicious repositories spread on Github

This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.

Matthew Van Andel filed a wrongful termination complaint against Disney after he unknowingly downloaded malware that compromised the company's cybersecurity.

We present Wallbleed, a buffer over-read vulnerability that existed in the DNS injection subsystem of the Great Firewall of China. Wallbleed caused certain nation-wide censorship middleboxes to reveal up to 125 bytes of their memory when censoring a crafted…

Substack is a popular blogging platform. It allows writers to easily create their own personal blog, with payments, comments, analytics and other advanced features. Substack empowers writers to customize their blogs by adding a custom domain.