The NSA watching China hack Microsoft to hack the US to watch the NSA hack China to watch China hack Microsoft to hack the US

Simple liner for CVE-2025-55182 React2Shell:

subfinder -dL wildcards.txt -all -recursive > subs.txt

Nuclei -t CVE-2025-55182.yaml -l final.txt

Add FOFA, Shodan,Zoomeye filters : vul.cve="CVE-2025-55182" , asn="REDACTED" && (app="Next.js" || app="React.js")

#infosec #cybersec

To truly understand how important privacy solutions such as Monero (XMR) are, you first need to learn how transactions involving pseudonymous cryptocurrencies (BTC, ETH, SOL, etc.) can be traced.

Crypto Asset Tracing Handbook:

"[...] seeks to provide clear and practical guidance to help a broader audience understand the basic framework of on-chain tracing, learn how to use key tools, and strengthen their ability to assess and respond to on-chain risks."

https://github.com/slowmist/Crypto-Asset-Tracing-Handbook/blob/main/README_EN.md

#Lazarus Group’s Famous Chollima uses GitHub spam, fake recruiters, and AI interview tools to slip into finance, crypto, and healthcare companies as “IT workers”.

👨‍💻 Get a rare inside view of how these operatives work, communicate, and attempt to maintain access.

https://any.run/cybersecurity-blog/lazarus-group-it-workers-investigation/

Comprehensive Guide: Reverse Engineering Tutorials for Beginners

Extracts Windows SAM and SYSTEM files using Volume Shadow Copy Service (VSS) with multiple exfiltration options and XOR obfuscation:
Lists Volume Shadow Copies using VSS and creates one if necessary
Extracts SAM and SYSTEM files from the Shadow Copy
Uses NT API calls for file operations (NtCreateFile, NtReadFile, NtWriteFile)
Supports XOR encoding for obfuscation
Exfiltration methods: Local save or Network transfer

https://github.com/ricardojoserf/SAMDump

DeepSeek released a desktop automation agent that runs locally.

It can use any desktop app, opens files, browses websites, and automates tasks without cloud connections.

100% Open-Source.


https://github.com/bytedance/UI-TARS-desktop

The current 25H2 build of Windows 11 and future builds will include increasingly more AI features and components. This noscript aims to remove ALL of these features to improve user experience, privacy and security.

https://github.com/zoicware/RemoveWindowsAI

Today we are disclosing the details of CVE-2025-64155, an unauth argument injection leading to root remote code execution affecting the Fortinet FortiSIEM.

Find the technical details, indicators of compromise, and proof-of-concept exploit in the blog.


https://horizon3.ai/attack-research/disclosures/cve-2025-64155-three-years-of-remotely-rooting-the-fortinet-fortisiem/