Researchers have uncovered a method to leak sensitive data from air-gapped systems, introducing a novel attack technique known as RAMBO

В этом отчете приведен подробный анализ шифровальщика Mallox, описывающий его развитие, стратегию выкупа, схему шифрования и прочее.

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - google/security-research

Nuxt.js project

DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more. - UndeadSec/DockerSpy

Fortinet shares information on a recent security incident involving Fortinet and our response to-date.…

We detail a rare phishing mechanism using a refresh entry in the HTTP response header for stealth redirects to malicious pages, affecting finance and government sectors. We detail a rare phishing mechanism using a refresh entry in the HTTP response header…

Forcing users to enter credentials so they can be stolen

We track a campaign by Gleaming Pisces (Citrine Sleet) delivering Linux or macOS backdoors via Python packages, aiming to infiltrate supply chain vendors. We track a campaign by Gleaming Pisces (Citrine Sleet) delivering Linux or macOS backdoors via Python…

The Lumma Stealer malware is being distributed through deceptive human verification pages that trick users into running malicious PowerShell commands. This phishing campaign primarily targets Windows users and can lead to the theft of sensitive information

Malicious actors are abusing legitimate notification emails sent by GitHub to try and trick people into downloading malware.

UNC2970 is a cyber espionage group suspected to have a North Korea nexus.

Every sysadmin is familiar with Veeam’s enterprise-oriented backup solution, ‘Veeam Backup & Replication’. Unfortunately, so is every ransomware operator, given it's somewhat 'privileged position' in the storage world of most enterprise's networks. There's…

Malcat is a feature-rich hexadecimal editor / disassembler for Windows and Linux used by malware analysts, incident responders, CTF players and SOC operators.

Ransomware groups like BianLian and Rhysida are increasingly using Azure Storage Explorer and AzCopy to exfiltrate sensitive data.

Discover Splinter, a new post-exploitation tool with advanced features like command execution and file manipulation, detected by Unit 42 researchers. Discover Splinter, a new post-exploitation tool with advanced features like command execution and file manipulation…

@evilsocket: * Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago. * Full disclosure happening in less than 2 weeks (as agreed with devs). * Still no CVE assigned (there should be at...…

What happened  Proofpoint researchers are tracking a cluster of activity targeting transportation and logistics companies in North America to deliver a variety of different malware