DevOps Tools Targeted for Cryptojacking
https://www.wiz.io/blog/jinx-0132-cryptojacking-campaign?utm_source=se%D1%81uritylabru
https://www.wiz.io/blog/jinx-0132-cryptojacking-campaign?utm_source=se%D1%81uritylabru
wiz.io
DevOps Tools Targeted for Cryptojacking | Wiz Blog
The Wiz Threat Research team has identified a widespread cryptojacking campaign targeting commonly used DevOps applications including Nomad and Consul.
OneDrive File Picker Flaw Provides ChatGPT and Other Web Apps Full Read Access to Users’ Entire OneDrive
https://www.oasis.security/blog/onedrive-file-picker-security-flaw-oasis-research
https://www.oasis.security/blog/onedrive-file-picker-security-flaw-oasis-research
www.oasis.security
OneDrive File Picker OAuth Flaw Exposes Full Drive Access
Oasis Security reveals a OneDrive File Picker flaw allowing full drive read access via OAuth, affecting apps like ChatGPT, Slack, Trello, and ClickUp.
Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/
https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/
Securelist
New Mirai botnet campaign targets DVR devices
Kaspersky GReAT experts describe the new features of a Mirai variant: the latest botnet infections target TBK DVR devices with CVE-2024-3721.
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas
Krebs on Security
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online…
Confirmed Critical | “The Grafana Ghost” exposes 36% of public-facing instances to malicious account takeover
https://www.ox.security/confirmed-critical-the-grafana-ghost-exposes-36-of-public-facing-instances-to-malicious-account-takeover/
https://www.ox.security/confirmed-critical-the-grafana-ghost-exposes-36-of-public-facing-instances-to-malicious-account-takeover/
OX Security
Confirmed Critical | “The Grafana Ghost” exposes 36% of public-facing instances to malicious account takeover - OX Security
More than 95% of Application Security alerts are just noise - as demonstrated by OX Security research. But CVE-2025-4123 - “The Grafana Ghost”, as we will refer to, is not one of them. This newly discovered vulnerability is a rare case that demands attention…
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
www.binarly.io
Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass
Binarly uncovers CVE-2025-3052: a Secure Boot bypass affecting most UEFI devices, enabling attackers to run unsigned code before OS load.
Adv in WhatsApp is coming... Official announce:
https://blog.whatsapp.com/helping-you-find-more-channels-and-businesses-on-whatsapp
https://blog.whatsapp.com/helping-you-find-more-channels-and-businesses-on-whatsapp
WhatsApp.com
Helping you Find More Channels and Businesses on WhatsApp
Today we're introducing some new features for our Updates tab, which is home to both Channels and Status.
First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted
https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/
https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/
Asus Armoury Crate AsIO3.sys authorization bypass vulnerability
Step by step bypass guide:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2150
Step by step bypass guide:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2150
Team46 and TaxOff: two sides of the same coin
https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/team46-and-taxoff-two-sides-of-the-same-coin
https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/team46-and-taxoff-two-sides-of-the-same-coin
ptsecurity.com
PT ESC Threat Intelligence
In this blog you can find information about current attacks by hacker groups worldwide, analysis of their tools, incident reports, threat actors' TTPs, indicators of compromise, and detection names in our products.
Awesome ChatGPT Prompts
This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.
https://github.com/f/awesome-chatgpt-prompts
This repo includes ChatGPT prompt curation to use ChatGPT and other LLM tools better.
https://github.com/f/awesome-chatgpt-prompts
GitHub
GitHub - f/awesome-chatgpt-prompts: Share, discover, and collect prompts from the community. Free and open source — self-host for…
Share, discover, and collect prompts from the community. Free and open source — self-host for your organization with complete privacy. - f/awesome-chatgpt-prompts
Local Privilege Escalation via chroot option
An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file:
https://www.sudo.ws/security/advisories/chroot_bug/
- https://access.redhat.com/security/cve/CVE-2025-32463
An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file:
https://www.sudo.ws/security/advisories/chroot_bug/
- https://access.redhat.com/security/cve/CVE-2025-32463
Sudo
Local Privilege Escalation via chroot option
An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.
Sudo versions affected: Sudo versions 1.9.14 to 1.9.17 inclusive are affected.
CVE ID: This vulnerability has been assigned…
Sudo versions affected: Sudo versions 1.9.14 to 1.9.17 inclusive are affected.
CVE ID: This vulnerability has been assigned…
Forwarded from Yevgeniy Goncharov
📢 Open SysConf’25 зовёт спикеров!
Есть чем поделиться? Пора выйти на сцену.
📍 4 октября 2025 — день, когда на одной сцене снова соберутся те, кто делает, думает и двигает.
А ты - продолжаешь откладывать? Всё ждёшь "подходящего момента"?
Вот он. Это твой шанс выступить и рассказать миру, что ты понял, построил, сломал или переосмыслил за этот год.
Мы ждём твой доклад, если ты хочешь рассказать о:
- технологиях и коде
- инфраструктуре и хаках
- безопасности, мониторинге, Dev(Sec/App)Ops, ML, IaC, sysadmin'стве и тех/хак ресерчах и наработках
- человеческом факторе, ошибках, росте и том, как не сгореть по дороге
Подать заявку просто: 👉 https://sysconf.io/2025
Твои знания могут стать триггером для чьего-то роста.
Ты с нами? Тогда Welcome! ✌️
Есть чем поделиться? Пора выйти на сцену.
📍 4 октября 2025 — день, когда на одной сцене снова соберутся те, кто делает, думает и двигает.
А ты - продолжаешь откладывать? Всё ждёшь "подходящего момента"?
Вот он. Это твой шанс выступить и рассказать миру, что ты понял, построил, сломал или переосмыслил за этот год.
Мы ждём твой доклад, если ты хочешь рассказать о:
- технологиях и коде
- инфраструктуре и хаках
- безопасности, мониторинге, Dev(Sec/App)Ops, ML, IaC, sysadmin'стве и тех/хак ресерчах и наработках
- человеческом факторе, ошибках, росте и том, как не сгореть по дороге
Подать заявку просто: 👉 https://sysconf.io/2025
Твои знания могут стать триггером для чьего-то роста.
Ты с нами? Тогда Welcome! ✌️
Code highlighting with Cursor AI for $500,000
Attacks that leverage malicious open-source packages are becoming a major and growing threat...
https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908
Attacks that leverage malicious open-source packages are becoming a major and growing threat...
https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908
Securelist
The Solidity Language open-source package was used in a $500,000 crypto heist
Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.
Golden dMSA: What Is dMSA Authentication Bypass?
https://www.semperis.com/blog/golden-dmsa-what-is-dmsa-authentication-bypass/
https://www.semperis.com/blog/golden-dmsa-what-is-dmsa-authentication-bypass/
Semperis
Golden dMSA: What Is dMSA Authentication Bypass? | Semperis Research
The Golden dMSA attack enables attackers to bypass authentication and generate passwords for managed service accounts in AD. Understand the risks.
MaaS operation leverages GitHub public repositories
https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
Cisco Talos Blog
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses.