Top Security News for Today
Perhaps Beyond Human Translation: Harnessing Multi-Agent Collaboration for Translating Ultra-Long Literary Texts
https://arxiv.org/abs/2405.11804
The Chromium Security Paradox
https://www.reddit.com/r/netsec/comments/1kdptq1/the_chromium_security_paradox/
Base Models Beat Aligned Models at Randomness and Creativity
https://arxiv.org/abs/2505.00047
The Malware That Outsmarted Antivirus, Firewalls, and Humans — Meet Chimera
https://www.reddit.com/r/netsec/comments/1ke6yjz/the_malware_that_outsmarted_antivirus_firewalls/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Perhaps Beyond Human Translation: Harnessing Multi-Agent Collaboration for Translating Ultra-Long Literary Texts
https://arxiv.org/abs/2405.11804
The Chromium Security Paradox
https://www.reddit.com/r/netsec/comments/1kdptq1/the_chromium_security_paradox/
Base Models Beat Aligned Models at Randomness and Creativity
https://arxiv.org/abs/2505.00047
The Malware That Outsmarted Antivirus, Firewalls, and Humans — Meet Chimera
https://www.reddit.com/r/netsec/comments/1ke6yjz/the_malware_that_outsmarted_antivirus_firewalls/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
(Perhaps) Beyond Human Translation: Harnessing Multi-Agent...
Literary translation remains one of the most challenging frontiers in machine translation due to the complexity of capturing figurative language, cultural nuances, and unique stylistic elements....
Top Security News for Today
YARA Playground - Client Side WASM
https://www.reddit.com/r/netsec/comments/1kem25a/yara_playground_client_side_wasm/
Upload Bypass – Bypass Upload Restrictions During Penetration Testing
https://www.darknet.org.uk/2025/05/upload_bypass-bypass-upload-restrictions-during-penetration-testing/
Learning resourcez
https://0x00sec.org/t/learning-resourcez/43812
Reddit shadowban architecture creates silent data harvesting risk, undermines trust boundaries
https://www.reddit.com/r/netsec/comments/1kf1ujt/reddit_shadowban_architecture_creates_silent_data/
Strengthening Cybersecurity Incident Response Part 2: From Detection to Recovery
https://www.tripwire.com/state-of-security/strengthening-cybersecurity-incident-response-part-2-detection-recovery
Getting Email Security Right
https://www.tripwire.com/state-of-security/getting-email-security-right
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
YARA Playground - Client Side WASM
https://www.reddit.com/r/netsec/comments/1kem25a/yara_playground_client_side_wasm/
Upload Bypass – Bypass Upload Restrictions During Penetration Testing
https://www.darknet.org.uk/2025/05/upload_bypass-bypass-upload-restrictions-during-penetration-testing/
Learning resourcez
https://0x00sec.org/t/learning-resourcez/43812
Reddit shadowban architecture creates silent data harvesting risk, undermines trust boundaries
https://www.reddit.com/r/netsec/comments/1kf1ujt/reddit_shadowban_architecture_creates_silent_data/
Strengthening Cybersecurity Incident Response Part 2: From Detection to Recovery
https://www.tripwire.com/state-of-security/strengthening-cybersecurity-incident-response-part-2-detection-recovery
Getting Email Security Right
https://www.tripwire.com/state-of-security/getting-email-security-right
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: YARA Playground - Client Side WASM
Posted by Diligent_Desk5592 - 16 votes and 3 comments
Top Security News for Today
Threat Intelligence Report
https://research.checkpoint.com/2025/5th-may-threat-intelligence-report/
A Basic Guide to Fuzzing with AFL++ Unicorn Mode
https://www.reddit.com/r/netsec/comments/1kfbnrp/a_basic_guide_to_fuzzing_with_afl_unicorn_mode/
Shuffling the Greatest Hits: How DragonForce Ransomware Samples LockBit and Conti Into a Ransomware Jukebox
https://www.reddit.com/r/netsec/comments/1kfbwf7/shuffling_the_greatest_hits_how_dragonforce/
Another Move in the Deepfake Creation/Detection Arms Race
https://www.schneier.com/blog/archives/2025/05/another-move-in-the-deepfake-creation-detection-arms-race.html
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
https://www.microsoft.com/en-us/security/blog/2025/05/05/microsoft-partners-with-global-anti-scam-alliance-to-fight-cybercrime/
FIRST HOPE TALKS ANNOUNCED
https://www.2600.com/content/first-hope-talks-announced
Snowflake’s AI Bypasses Access Controls
https://www.reddit.com/r/netsec/comments/1kfwve5/snowflakes_ai_bypasses_access_controls/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Threat Intelligence Report
https://research.checkpoint.com/2025/5th-may-threat-intelligence-report/
A Basic Guide to Fuzzing with AFL++ Unicorn Mode
https://www.reddit.com/r/netsec/comments/1kfbnrp/a_basic_guide_to_fuzzing_with_afl_unicorn_mode/
Shuffling the Greatest Hits: How DragonForce Ransomware Samples LockBit and Conti Into a Ransomware Jukebox
https://www.reddit.com/r/netsec/comments/1kfbwf7/shuffling_the_greatest_hits_how_dragonforce/
Another Move in the Deepfake Creation/Detection Arms Race
https://www.schneier.com/blog/archives/2025/05/another-move-in-the-deepfake-creation-detection-arms-race.html
Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
https://www.microsoft.com/en-us/security/blog/2025/05/05/microsoft-partners-with-global-anti-scam-alliance-to-fight-cybercrime/
FIRST HOPE TALKS ANNOUNCED
https://www.2600.com/content/first-hope-talks-announced
Snowflake’s AI Bypasses Access Controls
https://www.reddit.com/r/netsec/comments/1kfwve5/snowflakes_ai_bypasses_access_controls/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
5th May – Threat Intelligence Report - Check Point Research
For the latest discoveries in cyber research for the week of 5th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Three major UK retailers – Co-op, Harrods and Marks & Spencer (M&S) – were hit by cyberattacks that disrupted…
Top Security News for Today
Fake Student Fraud in Community Colleges
https://www.schneier.com/blog/archives/2025/05/fake-student-fraud-in-community-colleges.html
SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA100 (CVE-2023-44221, CVE-2024-38475) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1kclo6p/sonicboom_from_stolen_tokens_to_remote_shells/
My Zero Day Quest
https://www.reddit.com/r/netsec/comments/1kfxobk/my_zero_day_quest/
Snowflake’s AI Bypasses Access Controls
https://www.reddit.com/r/netsec/comments/1kfwve5/snowflakes_ai_bypasses_access_controls/
The Cloud Hunting Games
https://www.reddit.com/r/netsec/comments/1kgcq32/the_cloud_hunting_games/
AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race
https://www.darknet.org.uk/2025/05/ai-powered-cybercrime-in-2025-the-dark-webs-new-arms-race/
Essential Cybersecurity Controls (ECC-1:2018) – A Comprehensive Guide
https://www.tripwire.com/state-of-security/essential-cybersecurity-controls-ecc-12018-comprehensive-guide
Inferno Drainer Reloaded: Deep Dive into the Return of the Most Sophisticated Crypto Drainer
https://research.checkpoint.com/2025/inferno-drainer-reloaded-deep-dive-into-the-return-of-the-most-sophisticated-crypto-drainer/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Fake Student Fraud in Community Colleges
https://www.schneier.com/blog/archives/2025/05/fake-student-fraud-in-community-colleges.html
SonicBoom, From Stolen Tokens to Remote Shells - SonicWall SMA100 (CVE-2023-44221, CVE-2024-38475) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1kclo6p/sonicboom_from_stolen_tokens_to_remote_shells/
My Zero Day Quest
https://www.reddit.com/r/netsec/comments/1kfxobk/my_zero_day_quest/
Snowflake’s AI Bypasses Access Controls
https://www.reddit.com/r/netsec/comments/1kfwve5/snowflakes_ai_bypasses_access_controls/
The Cloud Hunting Games
https://www.reddit.com/r/netsec/comments/1kgcq32/the_cloud_hunting_games/
AI-Powered Cybercrime in 2025 – The Dark Web’s New Arms Race
https://www.darknet.org.uk/2025/05/ai-powered-cybercrime-in-2025-the-dark-webs-new-arms-race/
Essential Cybersecurity Controls (ECC-1:2018) – A Comprehensive Guide
https://www.tripwire.com/state-of-security/essential-cybersecurity-controls-ecc-12018-comprehensive-guide
Inferno Drainer Reloaded: Deep Dive into the Return of the Most Sophisticated Crypto Drainer
https://research.checkpoint.com/2025/inferno-drainer-reloaded-deep-dive-into-the-return-of-the-most-sophisticated-crypto-drainer/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Fake Student Fraud in Community Colleges - Schneier on Security
Reporting on the rise of fake students enrolling in community college courses: The bots’ goal is to bilk state and federal financial aid money by enrolling in classes, and remaining enrolled in them, long enough for aid disbursements to go out. They often…
Top Security News for Today
We Got Tired of Labs NOT preparing us for Real Targets… So We Built This (Seeking Beta Feedback!)
https://www.reddit.com/r/netsec/comments/1kgsx1p/we_got_tired_of_labs_not_preparing_us_for_real/
State of ransomware in 2025
https://securelist.com/state-of-ransomware-in-2025/116475/
Drag and pwnd: Exploiting VS Code with ASCII
https://www.reddit.com/r/netsec/comments/1kgty8a/drag_and_pwnd_exploiting_vs_code_with_ascii/
SysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain (CVE-2025-2775 And Friends) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1kgt99x/sysowned_your_friendly_support_ticket_sysaid/
Chinese AI Submersible
https://www.schneier.com/blog/archives/2025/05/chinese-ai-submersible.html
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
https://www.microsoft.com/en-us/security/blog/2025/05/07/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity-part-2/
AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerability Reports
https://www.reddit.com/r/netsec/comments/1kh0bps/ai_slop_is_polluting_bug_bounty_platforms_with/
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
https://krebsonsecurity.com/2025/05/pakistani-firm-shipped-fentanyl-analogs-scams-to-us/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
We Got Tired of Labs NOT preparing us for Real Targets… So We Built This (Seeking Beta Feedback!)
https://www.reddit.com/r/netsec/comments/1kgsx1p/we_got_tired_of_labs_not_preparing_us_for_real/
State of ransomware in 2025
https://securelist.com/state-of-ransomware-in-2025/116475/
Drag and pwnd: Exploiting VS Code with ASCII
https://www.reddit.com/r/netsec/comments/1kgty8a/drag_and_pwnd_exploiting_vs_code_with_ascii/
SysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain (CVE-2025-2775 And Friends) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1kgt99x/sysowned_your_friendly_support_ticket_sysaid/
Chinese AI Submersible
https://www.schneier.com/blog/archives/2025/05/chinese-ai-submersible.html
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 2
https://www.microsoft.com/en-us/security/blog/2025/05/07/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity-part-2/
AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerability Reports
https://www.reddit.com/r/netsec/comments/1kh0bps/ai_slop_is_polluting_bug_bounty_platforms_with/
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
https://krebsonsecurity.com/2025/05/pakistani-firm-shipped-fentanyl-analogs-scams-to-us/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: We Got Tired of Labs NOT preparing us for Real Targets… So We Built This (Seeking Beta Feedback!)
Posted by RogueSMG - 2 votes and 0 comments
Top Security News for Today
CVE-2024-11477 - 7-Zip ZSTD Buffer Overflow Vulnerability - Crowdfense
https://www.reddit.com/r/netsec/comments/1khsld0/cve202411477_7zip_zstd_buffer_overflow/
Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You
https://levelblue.com/blogs/labs-research/hijacked-how-cybercriminals-are-turning-anti-virus-software-against-you
Ngioweb Remains Active 7 Years Later
https://levelblue.com/blogs/labs-research/ngioweb-remains-active-7-years-later
HOPE WORKSHOP SUBMISSIONS WILL CLOSE ON TUESDAY
https://www.2600.com/content/hope-workshop-submissions-will-close-tuesday
SCIM Hunting. Finding bugs in SCIM implementations
https://www.reddit.com/r/netsec/comments/1ki0zau/scim_hunting_finding_bugs_in_scim_implementations/
Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations
https://blog.qualys.com/vulnerabilities-threat-research/2025/05/08/inside-lockbit-defense-lessons-from-the-leaked-lockbit-negotiations
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
CVE-2024-11477 - 7-Zip ZSTD Buffer Overflow Vulnerability - Crowdfense
https://www.reddit.com/r/netsec/comments/1khsld0/cve202411477_7zip_zstd_buffer_overflow/
Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You
https://levelblue.com/blogs/labs-research/hijacked-how-cybercriminals-are-turning-anti-virus-software-against-you
Ngioweb Remains Active 7 Years Later
https://levelblue.com/blogs/labs-research/ngioweb-remains-active-7-years-later
HOPE WORKSHOP SUBMISSIONS WILL CLOSE ON TUESDAY
https://www.2600.com/content/hope-workshop-submissions-will-close-tuesday
SCIM Hunting. Finding bugs in SCIM implementations
https://www.reddit.com/r/netsec/comments/1ki0zau/scim_hunting_finding_bugs_in_scim_implementations/
Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations
https://blog.qualys.com/vulnerabilities-threat-research/2025/05/08/inside-lockbit-defense-lessons-from-the-leaked-lockbit-negotiations
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability - Crowdfense
Explore this post and more from the netsec community
Top Security News for Today
LockBit Ransomware Gang Breached, Secrets Exposed
https://www.tripwire.com/state-of-security/lockbit-ransomware-gang-breached-secrets-exposed
Tripwire Patch Priority Index for April 2025
https://www.tripwire.com/state-of-security/tripwire-patch-priority-index-april-2025
ASURA-FDPS-ML: Star-by-star Galaxy Simulations Accelerated by Surrogate Modeling for Supernova Feedback
https://arxiv.org/abs/2410.23346
An Approximate-Master-Equation Formulation of the Watts Threshold Model on Hypergraphs
https://arxiv.org/abs/2503.04020
Investigating Popularity Bias Amplification in Recommender Systems Employed in the Entertainment Domain
https://arxiv.org/abs/2504.04752
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
https://googleprojectzero.blogspot.com/2025/05/breaking-sound-barrier-part-i-fuzzing.html
Before You Red Team: Fix These 5 Common Mistakes
https://bishopfox.com/blog/before-red-team-fix-these-5-common-mistakes
Friday Squid Blogging: Japanese Divers Video Giant Squid
https://www.schneier.com/blog/archives/2025/05/friday-squid-blogging-japanese-divers-video-giant-squid.html
XG-NID: Dual-Modality Network Intrusion Detection using a Heterogeneous Graph Neural Network and Large Language Model
https://arxiv.org/abs/2408.16021
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
https://www.reddit.com/r/netsec/comments/1kivxei/stealthy_net_malware_hiding_malicious_payloads_as/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
LockBit Ransomware Gang Breached, Secrets Exposed
https://www.tripwire.com/state-of-security/lockbit-ransomware-gang-breached-secrets-exposed
Tripwire Patch Priority Index for April 2025
https://www.tripwire.com/state-of-security/tripwire-patch-priority-index-april-2025
ASURA-FDPS-ML: Star-by-star Galaxy Simulations Accelerated by Surrogate Modeling for Supernova Feedback
https://arxiv.org/abs/2410.23346
An Approximate-Master-Equation Formulation of the Watts Threshold Model on Hypergraphs
https://arxiv.org/abs/2503.04020
Investigating Popularity Bias Amplification in Recommender Systems Employed in the Entertainment Domain
https://arxiv.org/abs/2504.04752
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
https://googleprojectzero.blogspot.com/2025/05/breaking-sound-barrier-part-i-fuzzing.html
Before You Red Team: Fix These 5 Common Mistakes
https://bishopfox.com/blog/before-red-team-fix-these-5-common-mistakes
Friday Squid Blogging: Japanese Divers Video Giant Squid
https://www.schneier.com/blog/archives/2025/05/friday-squid-blogging-japanese-divers-video-giant-squid.html
XG-NID: Dual-Modality Network Intrusion Detection using a Heterogeneous Graph Neural Network and Large Language Model
https://arxiv.org/abs/2408.16021
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
https://www.reddit.com/r/netsec/comments/1kivxei/stealthy_net_malware_hiding_malicious_payloads_as/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
LockBit Ransomware Gang Breached, Secrets Exposed
LockBit ransomware gang breached—affiliate data, negotiations, and secrets leaked in a major blow to the cybercriminal group.
Top Security News for Today
The Honeynet Workshop Conference 2025 is in June in Prague.
https://www.reddit.com/r/netsec/comments/1kjjueq/the_honeynet_workshop_conference_2025_is_in_june/
When Bad Data Leads to Good Models
https://arxiv.org/abs/2505.04741
Advancing Conversational Diagnostic AI with Multimodal Reasoning
https://arxiv.org/abs/2505.04653
Putting the Value Back in RL: Better Test-Time Scaling by Unifying LLM Reasoners With Verifiers
https://arxiv.org/abs/2505.04842
Help use and invite opl who might be interested
https://0x00sec.org/t/help-use-and-invite-opl-who-might-be-interested/43890
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Honeynet Workshop Conference 2025 is in June in Prague.
https://www.reddit.com/r/netsec/comments/1kjjueq/the_honeynet_workshop_conference_2025_is_in_june/
When Bad Data Leads to Good Models
https://arxiv.org/abs/2505.04741
Advancing Conversational Diagnostic AI with Multimodal Reasoning
https://arxiv.org/abs/2505.04653
Putting the Value Back in RL: Better Test-Time Scaling by Unifying LLM Reasoners With Verifiers
https://arxiv.org/abs/2505.04842
Help use and invite opl who might be interested
https://0x00sec.org/t/help-use-and-invite-opl-who-might-be-interested/43890
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: The Honeynet Workshop Conference 2025 is in June in Prague.
Posted by sebagarcia - 4 votes and 0 comments
Top Security News for Today
One-Click RCE in ASUS’s Preinstalled Driver Software
https://www.reddit.com/r/netsec/comments/1kjwfuh/oneclick_rce_in_asuss_preinstalled_driver_software/
Perception, Reason, Think, and Plan: A Survey on Large Multimodal Reasoning Models
https://arxiv.org/abs/2505.04921
Fair Uncertainty Quantification for Depression Prediction
https://arxiv.org/abs/2505.04931
Large Language Models are Autonomous Cyber Defenders
https://arxiv.org/abs/2505.04843
Imagining and building wise machines: The centrality of AI metacognition
https://arxiv.org/abs/2411.02478
XG-NID: Dual-Modality Network Intrusion Detection using a Heterogeneous Graph Neural Network and Large Language Model
https://arxiv.org/abs/2408.16021
Assessment Frameworks for NIS Directive Compliance
https://www.tripwire.com/state-of-security/assessment-frameworks-nis-directive-compliance
A Subtle Form of Siege: DDoS Smokescreens as a Cover for Quiet Data Breaches
https://www.tripwire.com/state-of-security/subtle-form-siege-ddos-smokescreens-cover-quiet-data-breaches
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
One-Click RCE in ASUS’s Preinstalled Driver Software
https://www.reddit.com/r/netsec/comments/1kjwfuh/oneclick_rce_in_asuss_preinstalled_driver_software/
Perception, Reason, Think, and Plan: A Survey on Large Multimodal Reasoning Models
https://arxiv.org/abs/2505.04921
Fair Uncertainty Quantification for Depression Prediction
https://arxiv.org/abs/2505.04931
Large Language Models are Autonomous Cyber Defenders
https://arxiv.org/abs/2505.04843
Imagining and building wise machines: The centrality of AI metacognition
https://arxiv.org/abs/2411.02478
XG-NID: Dual-Modality Network Intrusion Detection using a Heterogeneous Graph Neural Network and Large Language Model
https://arxiv.org/abs/2408.16021
Assessment Frameworks for NIS Directive Compliance
https://www.tripwire.com/state-of-security/assessment-frameworks-nis-directive-compliance
A Subtle Form of Siege: DDoS Smokescreens as a Cover for Quiet Data Breaches
https://www.tripwire.com/state-of-security/subtle-form-siege-ddos-smokescreens-cover-quiet-data-breaches
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: One-Click RCE in ASUS’s Preinstalled Driver Software
Posted by AlmondOffSec - 109 votes and 10 comments
Top Security News for Today
How I ruined my vacation by reverse engineering WSC
https://www.reddit.com/r/netsec/comments/1kkpyuu/how_i_ruined_my_vacation_by_reverse_engineering/
Alt Syscalls for Windows 11
https://www.reddit.com/r/lowlevel/comments/1kknjre/alt_syscalls_for_windows_11/
12th May – Threat Intelligence Report
https://research.checkpoint.com/2025/12th-may-threat-intelligence-report/
SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths
https://www.darknet.org.uk/2025/05/sudo_killer-auditing-sudo-configurations-for-privilege-escalation-paths/
Statistical Analysis to Detect Uncommon Code
https://www.reddit.com/r/netsec/comments/1kktwfv/statistical_analysis_to_detect_uncommon_code/
Marbled Dust leverages zero-day in Output Messenger for regional espionage
https://www.microsoft.com/en-us/security/blog/2025/05/12/marbled-dust-leverages-zero-day-in-output-messenger-for-regional-espionage/
I built Mithra: a security scanner for LLM-integrated APIs (detects prompt injection, DAN..)
https://www.reddit.com/r/netsec/comments/1kkydpv/i_built_mithra_a_security_scanner_for/
LiteLMGuard: Seamless and Lightweight On-Device Prompt Filtering for Safeguarding Small Language Models against Quantization-induced Risks and Vulnerabilities
https://arxiv.org/abs/2505.05485
Bringing Forensic Readiness to Modern Computer Firmware
https://arxiv.org/abs/2505.05486
Invariant-Based Cryptography
https://arxiv.org/abs/2505.05487
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How I ruined my vacation by reverse engineering WSC
https://www.reddit.com/r/netsec/comments/1kkpyuu/how_i_ruined_my_vacation_by_reverse_engineering/
Alt Syscalls for Windows 11
https://www.reddit.com/r/lowlevel/comments/1kknjre/alt_syscalls_for_windows_11/
12th May – Threat Intelligence Report
https://research.checkpoint.com/2025/12th-may-threat-intelligence-report/
SUDO_KILLER – Auditing Sudo Configurations for Privilege Escalation Paths
https://www.darknet.org.uk/2025/05/sudo_killer-auditing-sudo-configurations-for-privilege-escalation-paths/
Statistical Analysis to Detect Uncommon Code
https://www.reddit.com/r/netsec/comments/1kktwfv/statistical_analysis_to_detect_uncommon_code/
Marbled Dust leverages zero-day in Output Messenger for regional espionage
https://www.microsoft.com/en-us/security/blog/2025/05/12/marbled-dust-leverages-zero-day-in-output-messenger-for-regional-espionage/
I built Mithra: a security scanner for LLM-integrated APIs (detects prompt injection, DAN..)
https://www.reddit.com/r/netsec/comments/1kkydpv/i_built_mithra_a_security_scanner_for/
LiteLMGuard: Seamless and Lightweight On-Device Prompt Filtering for Safeguarding Small Language Models against Quantization-induced Risks and Vulnerabilities
https://arxiv.org/abs/2505.05485
Bringing Forensic Readiness to Modern Computer Firmware
https://arxiv.org/abs/2505.05486
Invariant-Based Cryptography
https://arxiv.org/abs/2505.05487
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How I ruined my vacation by reverse engineering WSC
Posted by AlmondOffSec - 5 votes and 0 comments
Top Security News for Today
Using a Mythic agent to optimize penetration testing
https://securelist.com/agent-for-mythic-c2-with-beacon-object-files/115259/
Court Rules Against NSO Group
https://www.schneier.com/blog/archives/2025/05/court-rules-against-nso-group.html
Azure Managed Identities Abuse: Security Research - Defense strategies
https://www.reddit.com/r/netsec/comments/1kll5as/azure_managed_identities_abuse_security_research/
Microsoft Patch Tuesday, May 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/05/13/microsoft-patch-tuesday-may-2025-security-update-review
May 2025 Patch Tuesday Analysis
https://www.tripwire.com/state-of-security/may-2025-patch-tuesday-analysis
Trend Micro Puts a Spotlight on AI at Pwn2Own Berlin
https://www.trendmicro.com/en_us/research/25/e/pwn2own-berlin-2025.html
Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)
https://www.darknet.org.uk/2025/05/best-open-source-hids-tools-for-linux-in-2025-compared-ranked/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Using a Mythic agent to optimize penetration testing
https://securelist.com/agent-for-mythic-c2-with-beacon-object-files/115259/
Court Rules Against NSO Group
https://www.schneier.com/blog/archives/2025/05/court-rules-against-nso-group.html
Azure Managed Identities Abuse: Security Research - Defense strategies
https://www.reddit.com/r/netsec/comments/1kll5as/azure_managed_identities_abuse_security_research/
Microsoft Patch Tuesday, May 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/05/13/microsoft-patch-tuesday-may-2025-security-update-review
May 2025 Patch Tuesday Analysis
https://www.tripwire.com/state-of-security/may-2025-patch-tuesday-analysis
Trend Micro Puts a Spotlight on AI at Pwn2Own Berlin
https://www.trendmicro.com/en_us/research/25/e/pwn2own-berlin-2025.html
Best Open Source HIDS Tools for Linux in 2025 (Compared & Ranked)
https://www.darknet.org.uk/2025/05/best-open-source-hids-tools-for-linux-in-2025-compared-ranked/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
Using an agent for the Mythic framework: pros and cons in pentesting
Kaspersky experts discuss optimizing penetration testing with an agent for the Mythic framework and object files for Cobalt Strike.
Top Security News for Today
The Forgotten Threat: How Supply Chain Attacks Are Targeting Small Businesses
https://www.tripwire.com/state-of-security/forgotten-threat-how-supply-chain-attacks-are-targeting-small-businesses
Google’s Advanced Protection Now on Android
https://www.schneier.com/blog/archives/2025/05/googles-advanced-protection-now-on-android.html
Maritime Cybersecurity: Threats & Regulations Loom
https://www.trendmicro.com/en_us/research/25/e/maritime-cybersecurity-threats-regulations.html
Patch Tuesday, May 2025 Edition
https://krebsonsecurity.com/2025/05/patch-tuesday-may-2025-edition/
[CVE-2025-47916] Invision Community <= 5.0.6 (customCss) Remote Code Execution
https://www.reddit.com/r/netsec/comments/1kme1li/cve202547916_invision_community_506_customcss/
How to Stay Compliant with the New HIPAA Security Rule Updates
https://www.tripwire.com/state-of-security/how-stay-compliant-new-hipaa-security-rule-updates
Integrate LDAP into Keycloak to modernize rather than delete it
https://www.reddit.com/r/netsec/comments/1kmg680/integrate_ldap_into_keycloak_to_modernize_rather/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2025/05/upcoming-speaking-engagements-46.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Forgotten Threat: How Supply Chain Attacks Are Targeting Small Businesses
https://www.tripwire.com/state-of-security/forgotten-threat-how-supply-chain-attacks-are-targeting-small-businesses
Google’s Advanced Protection Now on Android
https://www.schneier.com/blog/archives/2025/05/googles-advanced-protection-now-on-android.html
Maritime Cybersecurity: Threats & Regulations Loom
https://www.trendmicro.com/en_us/research/25/e/maritime-cybersecurity-threats-regulations.html
Patch Tuesday, May 2025 Edition
https://krebsonsecurity.com/2025/05/patch-tuesday-may-2025-edition/
[CVE-2025-47916] Invision Community <= 5.0.6 (customCss) Remote Code Execution
https://www.reddit.com/r/netsec/comments/1kme1li/cve202547916_invision_community_506_customcss/
How to Stay Compliant with the New HIPAA Security Rule Updates
https://www.tripwire.com/state-of-security/how-stay-compliant-new-hipaa-security-rule-updates
Integrate LDAP into Keycloak to modernize rather than delete it
https://www.reddit.com/r/netsec/comments/1kmg680/integrate_ldap_into_keycloak_to_modernize_rather/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2025/05/upcoming-speaking-engagements-46.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
The Forgotten Threat: How Supply Chain Attacks Are Targeting Small Businesses
Discover how supply chain attacks are targeting small businesses and learn effective strategies to protect against these evolving threats.
Top Security News for Today
AI-Generated Law
https://www.schneier.com/blog/archives/2025/05/ai-generated-law.html
Threat Landscape for Industrial Automation Systems in Q1 2025
https://securelist.com/industrial-threat-report-q1-2025/116505/
Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1kna9px/expression_payloads_meet_mayhem_ivanti_epmm/
How the Microsoft Secure Future Initiative Brings Zero Trust to Life
https://www.microsoft.com/en-us/security/blog/2025/05/15/how-the-microsoft-secure-future-initiative-brings-zero-trust-to-life/
Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT
https://blog.qualys.com/vulnerabilities-threat-research/2025/05/15/fileless-execution-powershell-based-shellcode-loader-executes-remcos-rat
Breachforums Boss to Pay $700k in Healthcare Breach
https://krebsonsecurity.com/2025/05/breachforums-boss-to-pay-700k-in-healthcare-breach/
Commit Stomping - Manipulating Git Histories to Obscure the Truth
https://www.reddit.com/r/netsec/comments/1knl6j5/commit_stomping_manipulating_git_histories_to/
Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance
https://www.darknet.org.uk/2025/05/wazuh-open-source-security-platform-for-threat-detection-visibility-compliance/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
AI-Generated Law
https://www.schneier.com/blog/archives/2025/05/ai-generated-law.html
Threat Landscape for Industrial Automation Systems in Q1 2025
https://securelist.com/industrial-threat-report-q1-2025/116505/
Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1kna9px/expression_payloads_meet_mayhem_ivanti_epmm/
How the Microsoft Secure Future Initiative Brings Zero Trust to Life
https://www.microsoft.com/en-us/security/blog/2025/05/15/how-the-microsoft-secure-future-initiative-brings-zero-trust-to-life/
Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT
https://blog.qualys.com/vulnerabilities-threat-research/2025/05/15/fileless-execution-powershell-based-shellcode-loader-executes-remcos-rat
Breachforums Boss to Pay $700k in Healthcare Breach
https://krebsonsecurity.com/2025/05/breachforums-boss-to-pay-700k-in-healthcare-breach/
Commit Stomping - Manipulating Git Histories to Obscure the Truth
https://www.reddit.com/r/netsec/comments/1knl6j5/commit_stomping_manipulating_git_histories_to/
Wazuh – Open Source Security Platform for Threat Detection, Visibility & Compliance
https://www.darknet.org.uk/2025/05/wazuh-open-source-security-platform-for-threat-detection-visibility-compliance/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
AI-Generated Law - Schneier on Security
On April 14, Dubai’s ruler, Sheikh Mohammed bin Rashid Al Maktoum, announced that the United Arab Emirates would begin using artificial intelligence to help write its laws. A new Regulatory Intelligence Office would use the technology to “regularly suggest…
Top Security News for Today
Self Rewarding Self Improving
https://arxiv.org/abs/2505.08827
Communications Backdoor in Chinese Power Inverters
https://www.schneier.com/blog/archives/2025/05/communications-backdoor-in-chinese-power-inverters.html
Announcing the Official Parity Release of Volatility 3!
https://www.reddit.com/r/netsec/comments/1ko3uye/announcing_the_official_parity_release_of/
Skitnet(Bossnet) Malware Analysis
https://www.reddit.com/r/netsec/comments/1ko59nn/skitnetbossnet_malware_analysis/
Automated Alert Classification and Triage (AACT): An Intelligent System for the Prioritisation of Cybersecurity Alerts
https://arxiv.org/abs/2505.09616
Guardian Positioning System (GPS) for Location Based Services
https://arxiv.org/abs/2505.09628
Correlating Account on Ethereum Mixing Service via Domain-Invariant feature learning
https://arxiv.org/abs/2505.09743
PIG: Privacy Jailbreak Attack on LLMs via Gradient-based Iterative In-Context Optimization
https://arxiv.org/abs/2505.09639
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Self Rewarding Self Improving
https://arxiv.org/abs/2505.08827
Communications Backdoor in Chinese Power Inverters
https://www.schneier.com/blog/archives/2025/05/communications-backdoor-in-chinese-power-inverters.html
Announcing the Official Parity Release of Volatility 3!
https://www.reddit.com/r/netsec/comments/1ko3uye/announcing_the_official_parity_release_of/
Skitnet(Bossnet) Malware Analysis
https://www.reddit.com/r/netsec/comments/1ko59nn/skitnetbossnet_malware_analysis/
Automated Alert Classification and Triage (AACT): An Intelligent System for the Prioritisation of Cybersecurity Alerts
https://arxiv.org/abs/2505.09616
Guardian Positioning System (GPS) for Location Based Services
https://arxiv.org/abs/2505.09628
Correlating Account on Ethereum Mixing Service via Domain-Invariant feature learning
https://arxiv.org/abs/2505.09743
PIG: Privacy Jailbreak Attack on LLMs via Gradient-based Iterative In-Context Optimization
https://arxiv.org/abs/2505.09639
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
RLSR: Reinforcement Learning from Self Reward
Large language models can generate solutions to complex problems, but training them with reinforcement learning typically requires verifiable rewards that are expensive to create and not possible...
Top Security News for Today
Large Language Models Are More Persuasive Than Incentivized Human Persuaders
https://arxiv.org/abs/2505.09662
$XX^{t}$ Can Be Faster
https://arxiv.org/abs/2505.09814
Analog Foundation Models
https://arxiv.org/abs/2505.09663
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
https://devco.re/blog/2025/05/17/frame-by-frame-kernel-streaming-keeps-giving-vulnerabilities-en/
Stateful Connection With Spoofed Source IP — NetImpostor
https://www.reddit.com/r/netsec/comments/1kp4n2r/stateful_connection_with_spoofed_source_ip/
Translating Electrocardiograms to Cardiac Magnetic Resonance Imaging Useful for Cardiac Assessment and Disease Screening: A Multi-Center Study AI for ECG to CMR Translation Study
https://arxiv.org/abs/2411.13602
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Large Language Models Are More Persuasive Than Incentivized Human Persuaders
https://arxiv.org/abs/2505.09662
$XX^{t}$ Can Be Faster
https://arxiv.org/abs/2505.09814
Analog Foundation Models
https://arxiv.org/abs/2505.09663
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
https://devco.re/blog/2025/05/17/frame-by-frame-kernel-streaming-keeps-giving-vulnerabilities-en/
Stateful Connection With Spoofed Source IP — NetImpostor
https://www.reddit.com/r/netsec/comments/1kp4n2r/stateful_connection_with_spoofed_source_ip/
Translating Electrocardiograms to Cardiac Magnetic Resonance Imaging Useful for Cardiac Assessment and Disease Screening: A Multi-Center Study AI for ECG to CMR Translation Study
https://arxiv.org/abs/2411.13602
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
When Large Language Models are More PersuasiveThan Incentivized...
Large Language Models (LLMs) have been shown to be highly persuasive, but when and why they outperform humans is still an open question. We compare the persuasiveness of two LLMs (Claude 3.5...
Top Security News for Today
Frida 17 is out
https://www.reddit.com/r/netsec/comments/1kpide4/frida_17_is_out/
Apple downplays framework vuln
https://www.reddit.com/r/netsec/comments/1kpwauf/apple_downplays_framework_vuln/
O2 VoLTE: locating any customer with a phone call
https://www.reddit.com/r/netsec/comments/1kptt5x/o2_volte_locating_any_customer_with_a_phone_call/
Falco – Real-Time Threat Detection for Linux and Containers
https://www.darknet.org.uk/2025/05/falco-real-time-threat-detection-for-linux-and-containers/
Introducing EntraFalcon – A Tool to Enumerate Entra ID Objects and Assignments
https://www.reddit.com/r/netsec/comments/1kq4oie/introducing_entrafalcon_a_tool_to_enumerate_entra/
Cache poisoning via race-condition in Next.js
https://www.reddit.com/r/netsec/comments/1kq64ta/cache_poisoning_via_racecondition_in_nextjs/
Preparing for the Quantum Future: Insights from the NCSC’s PQC Migration Roadmap
https://www.tripwire.com/state-of-security/preparing-quantum-future-insights-ncscs-pqc-migration-roadmap/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Frida 17 is out
https://www.reddit.com/r/netsec/comments/1kpide4/frida_17_is_out/
Apple downplays framework vuln
https://www.reddit.com/r/netsec/comments/1kpwauf/apple_downplays_framework_vuln/
O2 VoLTE: locating any customer with a phone call
https://www.reddit.com/r/netsec/comments/1kptt5x/o2_volte_locating_any_customer_with_a_phone_call/
Falco – Real-Time Threat Detection for Linux and Containers
https://www.darknet.org.uk/2025/05/falco-real-time-threat-detection-for-linux-and-containers/
Introducing EntraFalcon – A Tool to Enumerate Entra ID Objects and Assignments
https://www.reddit.com/r/netsec/comments/1kq4oie/introducing_entrafalcon_a_tool_to_enumerate_entra/
Cache poisoning via race-condition in Next.js
https://www.reddit.com/r/netsec/comments/1kq64ta/cache_poisoning_via_racecondition_in_nextjs/
Preparing for the Quantum Future: Insights from the NCSC’s PQC Migration Roadmap
https://www.tripwire.com/state-of-security/preparing-quantum-future-insights-ncscs-pqc-migration-roadmap/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Frida 17 is out
Posted by oleavr - 5 votes and 0 comments
Top Security News for Today
The NSA’s “Fifty Years of Mathematical Cryptanalysis (1937–1987)”
https://www.schneier.com/blog/archives/2025/05/the-nsas-fifty-years-of-mathematical-cryptanalysis-1937-1987.html
Introducing EntraFalcon – A Tool to Enumerate Entra ID Objects and Assignments
https://www.reddit.com/r/netsec/comments/1kq4oie/introducing_entrafalcon_a_tool_to_enumerate_entra/
Cache poisoning via race-condition in Next.js
https://www.reddit.com/r/netsec/comments/1kq64ta/cache_poisoning_via_racecondition_in_nextjs/
19th May – Threat Intelligence Report
https://research.checkpoint.com/2025/19th-may-threat-intelligence-report/
Microsoft extends Zero Trust to secure the agentic workforce
https://www.microsoft.com/en-us/security/blog/2025/05/19/microsoft-extends-zero-trust-to-secure-the-agentic-workforce/
SafeTrans: LLM-assisted Transpilation from C to Rust
https://arxiv.org/abs/2505.10708
Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery and Interoperability
https://arxiv.org/abs/2505.10609
Neural-Inspired Advances in Integral Cryptanalysis
https://arxiv.org/abs/2505.10790
RAN Tester UE: An Automated Declarative UE Centric Security Testing Platform
https://arxiv.org/abs/2505.10812
Automating Security Audit Using Large Language Model based Agent: An Exploration Experiment
https://arxiv.org/abs/2505.10732
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The NSA’s “Fifty Years of Mathematical Cryptanalysis (1937–1987)”
https://www.schneier.com/blog/archives/2025/05/the-nsas-fifty-years-of-mathematical-cryptanalysis-1937-1987.html
Introducing EntraFalcon – A Tool to Enumerate Entra ID Objects and Assignments
https://www.reddit.com/r/netsec/comments/1kq4oie/introducing_entrafalcon_a_tool_to_enumerate_entra/
Cache poisoning via race-condition in Next.js
https://www.reddit.com/r/netsec/comments/1kq64ta/cache_poisoning_via_racecondition_in_nextjs/
19th May – Threat Intelligence Report
https://research.checkpoint.com/2025/19th-may-threat-intelligence-report/
Microsoft extends Zero Trust to secure the agentic workforce
https://www.microsoft.com/en-us/security/blog/2025/05/19/microsoft-extends-zero-trust-to-secure-the-agentic-workforce/
SafeTrans: LLM-assisted Transpilation from C to Rust
https://arxiv.org/abs/2505.10708
Agent Name Service (ANS): A Universal Directory for Secure AI Agent Discovery and Interoperability
https://arxiv.org/abs/2505.10609
Neural-Inspired Advances in Integral Cryptanalysis
https://arxiv.org/abs/2505.10790
RAN Tester UE: An Automated Declarative UE Centric Security Testing Platform
https://arxiv.org/abs/2505.10812
Automating Security Audit Using Large Language Model based Agent: An Exploration Experiment
https://arxiv.org/abs/2505.10732
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
The NSA's "Fifty Years of Mathematical Cryptanalysis (1937–1987)" - Schneier on Security
In response to a FOIA request, the NSA released “Fifty Years of Mathematical Cryptanalysis (1937-1987),” by Glenn F. Stahly, with a lot of redactions. Weirdly, this is the second time the NSA has declassified the document. John Young got a copy in 2019. This…
Top Security News for Today
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
https://www.tripwire.com/state-of-security/government-organizations-lose-nearly-month-downtime-every-ransomware-attack
How IoT Security Cameras Are Susceptible to Cyber Attacks
https://www.tripwire.com/state-of-security/how-iot-security-cameras-are-susceptible-cyber-attacks
DoorDash Hack
https://www.schneier.com/blog/archives/2025/05/doordash-hack.html
New Vulnerabilities in Foscam X5
https://www.reddit.com/r/netsec/comments/1kr32cs/new_vulnerabilities_in_foscam_x5/
The Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Website
https://research.checkpoint.com/2025/impersonated-kling-ai-site-installs-malware/
How to Extract Useful Info from Microsoft Deployment Toolkit (MDT) Shares on Red Teams
https://www.reddit.com/r/netsec/comments/1kr5uiu/how_to_extract_useful_info_from_microsoft/
Varonis' Data Security Report Reveals 99% of Orgs Have Sensitive Information Exposed to AI
https://www.reddit.com/r/netsec/comments/1kr5uee/varonis_data_security_report_reveals_99_of_orgs/
Malvertising's New Threat: Exploiting Trusted Google Domains
https://www.reddit.com/r/netsec/comments/1krgc39/malvertisings_new_threat_exploiting_trusted/
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
https://www.tripwire.com/state-of-security/government-organizations-lose-nearly-month-downtime-every-ransomware-attack
How IoT Security Cameras Are Susceptible to Cyber Attacks
https://www.tripwire.com/state-of-security/how-iot-security-cameras-are-susceptible-cyber-attacks
DoorDash Hack
https://www.schneier.com/blog/archives/2025/05/doordash-hack.html
New Vulnerabilities in Foscam X5
https://www.reddit.com/r/netsec/comments/1kr32cs/new_vulnerabilities_in_foscam_x5/
The Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Website
https://research.checkpoint.com/2025/impersonated-kling-ai-site-installs-malware/
How to Extract Useful Info from Microsoft Deployment Toolkit (MDT) Shares on Red Teams
https://www.reddit.com/r/netsec/comments/1kr5uiu/how_to_extract_useful_info_from_microsoft/
Varonis' Data Security Report Reveals 99% of Orgs Have Sensitive Information Exposed to AI
https://www.reddit.com/r/netsec/comments/1kr5uee/varonis_data_security_report_reveals_99_of_orgs/
Malvertising's New Threat: Exploiting Trusted Google Domains
https://www.reddit.com/r/netsec/comments/1krgc39/malvertisings_new_threat_exploiting_trusted/
KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
Government ransomware attacks cause nearly a month of downtime, costing millions. Learn why prevention is crucial.
Top Security News for Today
Dero miner zombies biting through Docker APIs to build a cryptojacking horde
https://securelist.com/dero-miner-infects-containers-through-docker-api/116546/
EvilWorker: a new AiTM attack framework leveraging service workers — much more effective, autonomous, and adaptable than Evilginx2? 🎣
https://www.reddit.com/r/netsec/comments/1krtrht/evilworker_a_new_aitm_attack_framework_leveraging/
Humans are Insecure Password Generators
https://www.reddit.com/r/netsec/comments/1krqom1/humans_are_insecure_password_generators/
BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory
https://www.reddit.com/r/netsec/comments/1ks1i9g/badsuccessor_abusing_dmsa_to_escalate_privileges/
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
https://www.microsoft.com/en-us/security/blog/2025/05/21/lumma-stealer-breaking-down-the-delivery-techniques-and-capabilities-of-a-prolific-infostealer/
AI-Powered Malware – The Next Evolution in Cyber Threats
https://www.darknet.org.uk/2025/05/ai-powered-malware-the-next-evolution-in-cyber-threats/
CVE-2024-45332 brings back branch target injection attacks on Intel
https://www.reddit.com/r/netsec/comments/1ksc31c/cve202445332_brings_back_branch_target_injection/
ZathuraDbg: Open-Source GUI tool for learning assembly
https://www.reddit.com/r/lowlevel/comments/1ks4em6/zathuradbg_opensource_gui_tool_for_learning/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Dero miner zombies biting through Docker APIs to build a cryptojacking horde
https://securelist.com/dero-miner-infects-containers-through-docker-api/116546/
EvilWorker: a new AiTM attack framework leveraging service workers — much more effective, autonomous, and adaptable than Evilginx2? 🎣
https://www.reddit.com/r/netsec/comments/1krtrht/evilworker_a_new_aitm_attack_framework_leveraging/
Humans are Insecure Password Generators
https://www.reddit.com/r/netsec/comments/1krqom1/humans_are_insecure_password_generators/
BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory
https://www.reddit.com/r/netsec/comments/1ks1i9g/badsuccessor_abusing_dmsa_to_escalate_privileges/
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
https://www.microsoft.com/en-us/security/blog/2025/05/21/lumma-stealer-breaking-down-the-delivery-techniques-and-capabilities-of-a-prolific-infostealer/
AI-Powered Malware – The Next Evolution in Cyber Threats
https://www.darknet.org.uk/2025/05/ai-powered-malware-the-next-evolution-in-cyber-threats/
CVE-2024-45332 brings back branch target injection attacks on Intel
https://www.reddit.com/r/netsec/comments/1ksc31c/cve202445332_brings_back_branch_target_injection/
ZathuraDbg: Open-Source GUI tool for learning assembly
https://www.reddit.com/r/lowlevel/comments/1ks4em6/zathuradbg_opensource_gui_tool_for_learning/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
Dero miner spreads inside containerized Linux environments
Kaspersky experts break down an updated cryptojacking campaign targeting containerized environments: a Dero crypto miner abuses the Docker API.
Top Security News for Today
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817)
https://www.reddit.com/r/netsec/comments/1kslcpa/authenticated_remote_code_execution_in_netwrix/
EXP-401 (OSEE):用五天課程訓練通透十年的知識體
https://devco.re/blog/2025/05/22/exp-401-osee-five-days-to-master-a-decade-of-knowledge/
The Voter Experience
https://www.schneier.com/blog/archives/2025/05/the-voter-experience.html
How to Enumerate and Exploit CefSharp Thick Clients Using CefEnum
https://www.reddit.com/r/netsec/comments/1kskq0k/how_to_enumerate_and_exploit_cefsharp_thick/
Automating MS-RPC vulnerability research
https://www.reddit.com/r/netsec/comments/1ksp4m2/automating_msrpc_vulnerability_research/
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
https://www.reddit.com/r/netsec/comments/1ksufxv/live_forensic_collection_from_ivanti_epmm/
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
CVE-2025-32756: Write-Up of a Buffer Overflow in Various Fortinet Products
https://www.reddit.com/r/netsec/comments/1kszzx6/cve202532756_writeup_of_a_buffer_overflow_in/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817)
https://www.reddit.com/r/netsec/comments/1kslcpa/authenticated_remote_code_execution_in_netwrix/
EXP-401 (OSEE):用五天課程訓練通透十年的知識體
https://devco.re/blog/2025/05/22/exp-401-osee-five-days-to-master-a-decade-of-knowledge/
The Voter Experience
https://www.schneier.com/blog/archives/2025/05/the-voter-experience.html
How to Enumerate and Exploit CefSharp Thick Clients Using CefEnum
https://www.reddit.com/r/netsec/comments/1kskq0k/how_to_enumerate_and_exploit_cefsharp_thick/
Automating MS-RPC vulnerability research
https://www.reddit.com/r/netsec/comments/1ksp4m2/automating_msrpc_vulnerability_research/
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
https://www.reddit.com/r/netsec/comments/1ksufxv/live_forensic_collection_from_ivanti_epmm/
Oops: DanaBot Malware Devs Infected Their Own PCs
https://krebsonsecurity.com/2025/05/oops-danabot-malware-devs-infected-their-own-pcs/
CVE-2025-32756: Write-Up of a Buffer Overflow in Various Fortinet Products
https://www.reddit.com/r/netsec/comments/1kszzx6/cve202532756_writeup_of_a_buffer_overflow_in/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817)
Explore this post and more from the netsec community
Top Security News for Today
Signal Blocks Windows Recall
https://www.schneier.com/blog/archives/2025/05/signal-blocks-windows-recall.html
3AM Ransomware Attackers Pose as IT Support to Compromise Networks
https://www.tripwire.com/state-of-security/3am-ransomware-attackers-pose-it-support-compromise-networks
Don't Call That "Protected" Method: Dissecting an N-Day vBulletin RCE
https://www.reddit.com/r/netsec/comments/1ktjoa8/dont_call_that_protected_method_dissecting_an/
Prime Path Coverage in the GNU Compiler Collection
https://arxiv.org/abs/2505.14694
RoboCulture: A Robotics Platform for Automated Biological Experimentation
https://arxiv.org/abs/2505.14941
Diffusion vs. Autoregressive Language Models: A Text Embedding Perspective
https://arxiv.org/abs/2505.15045
Text Generation Beyond Discrete Token Sampling
https://arxiv.org/abs/2505.14827
One-Layer Transformers are Provably Optimal for In-context Reasoning and Distributional Association Learning in Next-Token Prediction Tasks
https://arxiv.org/abs/2505.15009
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Signal Blocks Windows Recall
https://www.schneier.com/blog/archives/2025/05/signal-blocks-windows-recall.html
3AM Ransomware Attackers Pose as IT Support to Compromise Networks
https://www.tripwire.com/state-of-security/3am-ransomware-attackers-pose-it-support-compromise-networks
Don't Call That "Protected" Method: Dissecting an N-Day vBulletin RCE
https://www.reddit.com/r/netsec/comments/1ktjoa8/dont_call_that_protected_method_dissecting_an/
Prime Path Coverage in the GNU Compiler Collection
https://arxiv.org/abs/2505.14694
RoboCulture: A Robotics Platform for Automated Biological Experimentation
https://arxiv.org/abs/2505.14941
Diffusion vs. Autoregressive Language Models: A Text Embedding Perspective
https://arxiv.org/abs/2505.15045
Text Generation Beyond Discrete Token Sampling
https://arxiv.org/abs/2505.14827
One-Layer Transformers are Provably Optimal for In-context Reasoning and Distributional Association Learning in Next-Token Prediction Tasks
https://arxiv.org/abs/2505.15009
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Signal Blocks Windows Recall - Schneier on Security
This article gives a good rundown of the security risks of Windows Recall, and the repurposed copyright protection took that Signal used to block the AI feature from scraping Signal data.