Hackers, Epstein, & Zero-Days: An Insider's Guide to the Exploit Economy
What do the NSA, Mossad, a ransomware gang, and Hezbollah have in common? They all shop in the same marketplace.
The latest Epstein file dump revealed something my industry has known for years but rarely discusses publicly: the exploit economy has no loyalty. The same vulnerability that protects you can be weaponized against you—depending on who buys it first.
https://x.com/gothburz/status/2018695140718649469
What do the NSA, Mossad, a ransomware gang, and Hezbollah have in common? They all shop in the same marketplace.
The latest Epstein file dump revealed something my industry has known for years but rarely discusses publicly: the exploit economy has no loyalty. The same vulnerability that protects you can be weaponized against you—depending on who buys it first.
https://x.com/gothburz/status/2018695140718649469
😱3👍1🤯1
Metro4Shell: Exploitation of React Native’s Metro Server in the Wild
https://www.vulncheck.com/blog/metro4shell_eitw#network-infrastructure
#CVE-2025-11953 , #glassworm
Samples : [ Link ]
https://www.vulncheck.com/blog/metro4shell_eitw#network-infrastructure
#CVE-2025-11953 , #glassworm
Samples : [ Link ]
👍3❤1👾1
Decompiler internals: microcode
This presentation is about the Hex-Rays Decompiler. It is a de-facto standard tool used by the security
professionals. Its main features include:
https://blackhat.com/us-18/briefings/schedule/#decompiler-internals-microcode-10076
This presentation is about the Hex-Rays Decompiler. It is a de-facto standard tool used by the security
professionals. Its main features include:
• Interactive, fast, robust, and programmable decompiler
• Can handle x86, x64, ARM, ARM64, PowerPC
• Runs on top of the IDA Pro disassembler
• Has been evolving for more than 10 years
• Internals have not been published yet
• Namely, the intermediate language
https://blackhat.com/us-18/briefings/schedule/#decompiler-internals-microcode-10076
👍5
Israel’s zero-click future: How cyber veterans are reinventing offensive intelligence
https://www.jpost.com/israel-news/defense-news/article-885789
https://www.jpost.com/israel-news/defense-news/article-885789
👎2👍1😱1
Forwarded from Sec Note
New post: "Browser Dumping — The Core Tactic Behind Most Infostealers"
(This blog is mainly for sharing my personal notes and learning journey)
#stealer #browser #Chrome_AppBound
(This blog is mainly for sharing my personal notes and learning journey)
This blog contains my own research collected from the internet, along with ideas from other blogs and studies. While many parts are written in my own words, the Most sections were copied directly from external sources because they were already very well written and clearly expressed. This blog is mainly for sharing my personal notes and learning journey.
#stealer #browser #Chrome_AppBound
❤4🔥3
Largest Multi-Agency Cyber Operation Mounted to Counter Threat Posed by Advanced Persistent Threat (APT) Actor UNC3886 to Singapore’s Telecommunications Sector
https://www.csa.gov.sg/news-events/press-releases/largest-multi-agency-cyber-operation-mounted-to-counter-threat-posed-by-advanced-persistent-threat--apt--actor-unc3886-to-singapore-s-telecommunications-sector/
https://www.csa.gov.sg/news-events/press-releases/largest-multi-agency-cyber-operation-mounted-to-counter-threat-posed-by-advanced-persistent-threat--apt--actor-unc3886-to-singapore-s-telecommunications-sector/
👍3
The general counsel of Paragon, uploaded a picture on Linkedin today showing the Paragon spyware control panel.
https://x.com/DrWhax/status/2021608609595945442?s=20
https://x.com/DrWhax/status/2021608609595945442?s=20
🔥6
Forwarded from reconcore
This media is not supported in your browser
VIEW IN TELEGRAM
CobaltStrike-Linux-Beacon
#poc #beacon #linux @reconcore
Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons
#poc #beacon #linux @reconcore
👍2👎1
Forwarded from Freedom Fox 🏴☠
#fortigate #persistence
Пример APTшного крепления в #фортиках через симлинки
Чекер: https://github.com/I3IT/Fortigate.Symlink.Persistence.Checker
Ресерч: https://pgj11.com/posts/FortiGate-Symlink-Attack/
Чат в МАХ
Telegram✉️ @freedomfox
Пример APTшного крепления в #фортиках через симлинки
Чекер: https://github.com/I3IT/Fortigate.Symlink.Persistence.Checker
Ресерч: https://pgj11.com/posts/FortiGate-Symlink-Attack/
Чат в МАХ
Telegram
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2