Top Security News for Today
Meet Burp Suite DAST: Your questions answered
https://portswigger.net/blog/meet-burp-suite-dast-your-questions-answered
Deguard: turning a T480 into a coreboot laptop (10-min talk + live demo)
https://www.reddit.com/r/netsec/comments/1ky7bng/deguard_turning_a_t480_into_a_coreboot_laptop/
Surveillance Via Smart Toothbrush
https://www.schneier.com/blog/archives/2025/05/surveillance-via-smart-toothbrush.html
Learning AMD Zen 3 (Family 19h) microarchitecture
https://www.reddit.com/r/lowlevel/comments/1ky4e2u/learning_amd_zen_3_family_19h_microarchitecture/
How to deploy AI safely
https://www.microsoft.com/en-us/security/blog/2025/05/29/how-to-deploy-ai-safely/
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Meet Burp Suite DAST: Your questions answered
https://portswigger.net/blog/meet-burp-suite-dast-your-questions-answered
Deguard: turning a T480 into a coreboot laptop (10-min talk + live demo)
https://www.reddit.com/r/netsec/comments/1ky7bng/deguard_turning_a_t480_into_a_coreboot_laptop/
Surveillance Via Smart Toothbrush
https://www.schneier.com/blog/archives/2025/05/surveillance-via-smart-toothbrush.html
Learning AMD Zen 3 (Family 19h) microarchitecture
https://www.reddit.com/r/lowlevel/comments/1ky4e2u/learning_amd_zen_3_family_19h_microarchitecture/
How to deploy AI safely
https://www.microsoft.com/en-us/security/blog/2025/05/29/how-to-deploy-ai-safely/
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-funnull-as-top-source-of-pig-butchering-scams/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
PortSwigger Blog
Meet Burp Suite DAST: Your questions answered
We recently hosted a webinar to introduce Burp Suite DAST, the new name for Burp Suite Enterprise Edition, the best-in-class, automated web application and API security scanning solution for modern Ap
Top Security News for Today
PortSwigger Honored with the King's Award for Enterprise in International Trade
https://portswigger.net/blog/portswigger-honored-with-the-kings-award-for-enterprise-in-international-trade
Finding SSRFs in Azure DevOps - Part 2
https://www.reddit.com/r/netsec/comments/1kz0nci/finding_ssrfs_in_azure_devops_part_2/
A detailed guide to Stealth syscall and EDR Bypass
https://www.reddit.com/r/netsec/comments/1kz06v8/a_detailed_guide_to_stealth_syscall_and_edr_bypass/
Why Take9 Won’t Improve Cybersecurity
https://www.schneier.com/blog/archives/2025/05/why-take9-wont-improve-cybersecurity.html
Exploits and vulnerabilities in Q1 2025
https://securelist.com/vulnerabilities-and-exploits-in-q1-2025/116624/
B-XAIC Dataset: Benchmarking Explainable AI for Graph Neural Networks Using Chemical Data
https://arxiv.org/abs/2505.22252
TensorShield: Safeguarding On-Device Inference by Shielding Critical DNN Tensors with TEE
https://arxiv.org/abs/2505.22843
Azure Arc - C2aaS
https://www.reddit.com/r/netsec/comments/1kzfqty/azure_arc_c2aas/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
PortSwigger Honored with the King's Award for Enterprise in International Trade
https://portswigger.net/blog/portswigger-honored-with-the-kings-award-for-enterprise-in-international-trade
Finding SSRFs in Azure DevOps - Part 2
https://www.reddit.com/r/netsec/comments/1kz0nci/finding_ssrfs_in_azure_devops_part_2/
A detailed guide to Stealth syscall and EDR Bypass
https://www.reddit.com/r/netsec/comments/1kz06v8/a_detailed_guide_to_stealth_syscall_and_edr_bypass/
Why Take9 Won’t Improve Cybersecurity
https://www.schneier.com/blog/archives/2025/05/why-take9-wont-improve-cybersecurity.html
Exploits and vulnerabilities in Q1 2025
https://securelist.com/vulnerabilities-and-exploits-in-q1-2025/116624/
B-XAIC Dataset: Benchmarking Explainable AI for Graph Neural Networks Using Chemical Data
https://arxiv.org/abs/2505.22252
TensorShield: Safeguarding On-Device Inference by Shielding Critical DNN Tensors with TEE
https://arxiv.org/abs/2505.22843
Azure Arc - C2aaS
https://www.reddit.com/r/netsec/comments/1kzfqty/azure_arc_c2aas/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
PortSwigger Blog
PortSwigger Honored with the King's Award for Enterprise in International Trade
We’re proud to announce that PortSwigger has been awarded the prestigious King’s Award for Enterprise in the category of International Trade - a recognition that reflects our sustained international s
Top Security News for Today
Wireless Pivots: How Trusted Networks Become Invisible Threat Vectors
https://www.reddit.com/r/netsec/comments/1kzttw0/wireless_pivots_how_trusted_networks_become/
Experimenting with USB-Based Attacks: Can a Standard USB Become a Bad USB? (Write-up)
https://www.reddit.com/r/netsec/comments/1l02exx/experimenting_with_usbbased_attacks_can_a/
Beyond HTTP: InterceptSuite for TCP/TLS Traffic Interception in Windows
https://www.reddit.com/r/netsec/comments/1l02jra/beyond_http_interceptsuite_for_tcptls_traffic/
Thought netsec people might enjoy this read - the ultimate guide to different types of wireless signals and what they are used for.
https://www.reddit.com/r/netsec/comments/1l06tm8/thought_netsec_people_might_enjoy_this_read_the/
Reverse Engineer Android Apps for API Key
https://www.reddit.com/r/netsec/comments/1l09vab/reverse_engineer_android_apps_for_api_key/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Wireless Pivots: How Trusted Networks Become Invisible Threat Vectors
https://www.reddit.com/r/netsec/comments/1kzttw0/wireless_pivots_how_trusted_networks_become/
Experimenting with USB-Based Attacks: Can a Standard USB Become a Bad USB? (Write-up)
https://www.reddit.com/r/netsec/comments/1l02exx/experimenting_with_usbbased_attacks_can_a/
Beyond HTTP: InterceptSuite for TCP/TLS Traffic Interception in Windows
https://www.reddit.com/r/netsec/comments/1l02jra/beyond_http_interceptsuite_for_tcptls_traffic/
Thought netsec people might enjoy this read - the ultimate guide to different types of wireless signals and what they are used for.
https://www.reddit.com/r/netsec/comments/1l06tm8/thought_netsec_people_might_enjoy_this_read_the/
Reverse Engineer Android Apps for API Key
https://www.reddit.com/r/netsec/comments/1l09vab/reverse_engineer_android_apps_for_api_key/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Wireless Pivots: How Trusted Networks Become Invisible Threat Vectors
Posted by thexerocouk - 1 vote and 0 comments
Top Security News for Today
Canada, Australia or Netherlands
https://www.reddit.com/r/netsec/comments/1l0lssn/canada_australia_or_netherlands/
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1l0ozt4/rnetsec_monthly_discussion_tool_thread/
Certification roadmap please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Is Continuous Deployment Too Risky? Security Concerns and Mitigations
https://www.tripwire.com/state-of-security/continuous-deployment-too-risky-security-concerns-and-mitigations
The Evolution of Phishing Attacks: Why Traditional Detection Methods Are Failing
https://www.tripwire.com/state-of-security/evolution-phishing-attacks-why-traditional-detection-methods-are-failing
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Canada, Australia or Netherlands
https://www.reddit.com/r/netsec/comments/1l0lssn/canada_australia_or_netherlands/
r/netsec monthly discussion & tool thread
https://www.reddit.com/r/netsec/comments/1l0ozt4/rnetsec_monthly_discussion_tool_thread/
Certification roadmap please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Is Continuous Deployment Too Risky? Security Concerns and Mitigations
https://www.tripwire.com/state-of-security/continuous-deployment-too-risky-security-concerns-and-mitigations
The Evolution of Phishing Attacks: Why Traditional Detection Methods Are Failing
https://www.tripwire.com/state-of-security/evolution-phishing-attacks-why-traditional-detection-methods-are-failing
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Canada, Australia or Netherlands
Posted by ash347799 - 1 vote and 1 comment
Top Security News for Today
Certification Roadmap Please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Australia Requires Ransomware Victims to Declare Payments
https://www.schneier.com/blog/archives/2025/06/australia-requires-ransomware-victims-to-declare-payments.html
Vulnerabilities Found in Preinstalled Apps on Android Smartphones Could Perform Factory Reset of Device, Exfiltrate PIN Code or Inject an Arbitrary Intent with System-Level Privileges
https://www.reddit.com/r/netsec/comments/1l1fh52/vulnerabilities_found_in_preinstalled_apps_on/
Seeking Insights from Network Security Leaders at Large Companies on Vendor Selection and Challenges
https://www.reddit.com/r/netsec/comments/1l1io63/seeking_insights_from_network_security_leaders_at/
2nd June – Threat Intelligence Report
https://research.checkpoint.com/2025/2nd-june-threat-intelligence-report/
Announcing a New Strategic Collaboration to Bring Clarity to Threat Actor Naming
https://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Certification Roadmap Please
https://www.reddit.com/r/netsec/comments/1l1bsrz/certification_roadmap_please/
Australia Requires Ransomware Victims to Declare Payments
https://www.schneier.com/blog/archives/2025/06/australia-requires-ransomware-victims-to-declare-payments.html
Vulnerabilities Found in Preinstalled Apps on Android Smartphones Could Perform Factory Reset of Device, Exfiltrate PIN Code or Inject an Arbitrary Intent with System-Level Privileges
https://www.reddit.com/r/netsec/comments/1l1fh52/vulnerabilities_found_in_preinstalled_apps_on/
Seeking Insights from Network Security Leaders at Large Companies on Vendor Selection and Challenges
https://www.reddit.com/r/netsec/comments/1l1io63/seeking_insights_from_network_security_leaders_at/
2nd June – Threat Intelligence Report
https://research.checkpoint.com/2025/2nd-june-threat-intelligence-report/
Announcing a New Strategic Collaboration to Bring Clarity to Threat Actor Naming
https://www.microsoft.com/en-us/security/blog/2025/06/02/announcing-a-new-strategic-collaboration-to-bring-clarity-to-threat-actor-naming/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Certification roadmap please
Explore this post and more from the netsec community
Top Security News for Today
Host-based logs, container-based threats: How to tell where an attack began
https://securelist.com/host-based-logs-container-based-threats/116643/
New Linux Vulnerabilities
https://www.schneier.com/blog/archives/2025/06/new-linux-vulnerabilities.html
How to build a high-performance network fuzzer with LibAFL and libdesock
https://www.reddit.com/r/netsec/comments/1l29uvp/how_to_build_a_highperformance_network_fuzzer/
Bypassing tamper protection and getting root shell access on a Worldline Yomani XR credit card terminal
https://www.reddit.com/r/netsec/comments/1l2ef65/bypassing_tamper_protection_and_getting_root/
How Microsoft Defender for Endpoint is redefining endpoint security
https://www.microsoft.com/en-us/security/blog/2025/06/03/how-microsoft-defender-for-endpoint-is-redefining-endpoint-security/
OSSEC – Open Source Host-Based Intrusion Detection for Linux, Windows and Unix Systems
https://www.darknet.org.uk/2025/06/ossec-open-source-host-based-intrusion-detection-for-linux-windows-and-unix-systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Host-based logs, container-based threats: How to tell where an attack began
https://securelist.com/host-based-logs-container-based-threats/116643/
New Linux Vulnerabilities
https://www.schneier.com/blog/archives/2025/06/new-linux-vulnerabilities.html
How to build a high-performance network fuzzer with LibAFL and libdesock
https://www.reddit.com/r/netsec/comments/1l29uvp/how_to_build_a_highperformance_network_fuzzer/
Bypassing tamper protection and getting root shell access on a Worldline Yomani XR credit card terminal
https://www.reddit.com/r/netsec/comments/1l2ef65/bypassing_tamper_protection_and_getting_root/
How Microsoft Defender for Endpoint is redefining endpoint security
https://www.microsoft.com/en-us/security/blog/2025/06/03/how-microsoft-defender-for-endpoint-is-redefining-endpoint-security/
OSSEC – Open Source Host-Based Intrusion Detection for Linux, Windows and Unix Systems
https://www.darknet.org.uk/2025/06/ossec-open-source-host-based-intrusion-detection-for-linux-windows-and-unix-systems/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
How to find container-based threats in host-based logs
Kaspersky expert shares insights on how to determine whether an attack was first launched in a container or on the host itself when an organization’s logs lack container visibility.
Top Security News for Today
The Ramifications of Ukraine’s Drone Attack
https://www.schneier.com/blog/archives/2025/06/the-ramifications-of-ukraines-drone-attack.html
So you want to rapidly run a BOF? Let's look at this 'cli4bofs' thing then
https://www.reddit.com/r/netsec/comments/1l33fxt/so_you_want_to_rapidly_run_a_bof_lets_look_at/
The Ultimate Guide to Windows Coercion Techniques in 2025
https://www.reddit.com/r/netsec/comments/1l3079i/the_ultimate_guide_to_windows_coercion_techniques/
Multiple CVEs in Infoblox NetMRI: RCE, Auth Bypass, SQLi, and File Read Vulnerabilities
https://www.reddit.com/r/netsec/comments/1l39v5s/multiple_cves_in_infoblox_netmri_rce_auth_bypass/
2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation
https://bishopfox.com/blog/2025-red-team-tools-c2-frameworks-active-directory-network-exploitation
Detailed research for Roundcube ≤ 1.6.10 Post-Auth RCE is out
https://www.reddit.com/r/netsec/comments/1l3o04q/detailed_research_for_roundcube_1610_postauth_rce/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Ramifications of Ukraine’s Drone Attack
https://www.schneier.com/blog/archives/2025/06/the-ramifications-of-ukraines-drone-attack.html
So you want to rapidly run a BOF? Let's look at this 'cli4bofs' thing then
https://www.reddit.com/r/netsec/comments/1l33fxt/so_you_want_to_rapidly_run_a_bof_lets_look_at/
The Ultimate Guide to Windows Coercion Techniques in 2025
https://www.reddit.com/r/netsec/comments/1l3079i/the_ultimate_guide_to_windows_coercion_techniques/
Multiple CVEs in Infoblox NetMRI: RCE, Auth Bypass, SQLi, and File Read Vulnerabilities
https://www.reddit.com/r/netsec/comments/1l39v5s/multiple_cves_in_infoblox_netmri_rce_auth_bypass/
2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation
https://bishopfox.com/blog/2025-red-team-tools-c2-frameworks-active-directory-network-exploitation
Detailed research for Roundcube ≤ 1.6.10 Post-Auth RCE is out
https://www.reddit.com/r/netsec/comments/1l3o04q/detailed_research_for_roundcube_1610_postauth_rce/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
The Ramifications of Ukraine's Drone Attack - Schneier on Security
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare: If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the Chinese from doing…
Top Security News for Today
IT threat evolution in Q1 2025. Non-mobile statistics
https://securelist.com/malware-report-q1-2025-pc-iot-statistics/116686/
IT threat evolution in Q1 2025. Mobile statistics
https://securelist.com/malware-report-q1-2025-mobile-statistics/116676/
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
https://www.reddit.com/r/netsec/comments/1l3trgn/analysis_of_spyware_that_helped_to_compromise_a/
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3
https://www.microsoft.com/en-us/security/blog/2025/06/05/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity-part-3/
Tnok - Next Generation Port Security
https://www.reddit.com/r/netsec/comments/1l466co/tnok_next_generation_port_security/
Vulnerabilities in Anthropic’s MCP: Full-Schema Poisoning + Secret-Leaking Tool Attacks (PoC Inside)
https://www.reddit.com/r/netsec/comments/1l43aqc/vulnerabilities_in_anthropics_mcp_fullschema/
Proxy Services Feast on Ukraine’s IP Address Exodus
https://krebsonsecurity.com/2025/06/proxy-services-feast-on-ukraines-ip-address-exodus/
DroidGround: Elevate your Android CTF Challenges
https://www.reddit.com/r/netsec/comments/1l4am2x/droidground_elevate_your_android_ctf_challenges/
Cards Are Still the Weakest Link
https://www.reddit.com/r/netsec/comments/1l4brpy/cards_are_still_the_weakest_link/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
IT threat evolution in Q1 2025. Non-mobile statistics
https://securelist.com/malware-report-q1-2025-pc-iot-statistics/116686/
IT threat evolution in Q1 2025. Mobile statistics
https://securelist.com/malware-report-q1-2025-mobile-statistics/116676/
Analysis of Spyware That Helped to Compromise a Syrian Army from Within
https://www.reddit.com/r/netsec/comments/1l3trgn/analysis_of_spyware_that_helped_to_compromise_a/
Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3
https://www.microsoft.com/en-us/security/blog/2025/06/05/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity-part-3/
Tnok - Next Generation Port Security
https://www.reddit.com/r/netsec/comments/1l466co/tnok_next_generation_port_security/
Vulnerabilities in Anthropic’s MCP: Full-Schema Poisoning + Secret-Leaking Tool Attacks (PoC Inside)
https://www.reddit.com/r/netsec/comments/1l43aqc/vulnerabilities_in_anthropics_mcp_fullschema/
Proxy Services Feast on Ukraine’s IP Address Exodus
https://krebsonsecurity.com/2025/06/proxy-services-feast-on-ukraines-ip-address-exodus/
DroidGround: Elevate your Android CTF Challenges
https://www.reddit.com/r/netsec/comments/1l4am2x/droidground_elevate_your_android_ctf_challenges/
Cards Are Still the Weakest Link
https://www.reddit.com/r/netsec/comments/1l4brpy/cards_are_still_the_weakest_link/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
Desktop and IoT threat statistics for Q1 2025
The report presents statistics for Windows, macOS, IoT, and other threats, including ransomware, miners, local and web-based threats, for Q1 2025.
Top Security News for Today
Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/
US Offers $10 Million Reward for Tips About State-Linked RedLine Cybercriminals
https://www.tripwire.com/state-of-security/us-offers-10-million-reward-tips-about-state-linked-redline-cybercriminals
NEOM McLaren Formula E Team & Trend Micro Innovation History
https://www.trendmicro.com/en_us/research/25/f/neom-mclaren-innovation-history.html
Report on the Malicious Uses of AI
https://www.schneier.com/blog/archives/2025/06/report-on-the-malicious-uses-of-ai.html
Hearing on the Federal Government and AI
https://www.schneier.com/blog/archives/2025/06/hearing_on_the_federal_government_and_ai.html
Hello, won't you tell me your name?: Investigating Anonymity Abuse in IPFS
https://arxiv.org/abs/2506.04307
Learning to Diagnose Privately: DP-Powered LLMs for Radiology Report Classification
https://arxiv.org/abs/2506.04556
Possible Malware in Official MicroDicom Installer (PDF + Hashes + Scan Results Included)
https://www.reddit.com/r/netsec/comments/1l52z1k/possible_malware_in_official_microdicom_installer/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721
https://securelist.com/mirai-botnet-variant-targets-dvr-devices-with-cve-2024-3721/116742/
US Offers $10 Million Reward for Tips About State-Linked RedLine Cybercriminals
https://www.tripwire.com/state-of-security/us-offers-10-million-reward-tips-about-state-linked-redline-cybercriminals
NEOM McLaren Formula E Team & Trend Micro Innovation History
https://www.trendmicro.com/en_us/research/25/f/neom-mclaren-innovation-history.html
Report on the Malicious Uses of AI
https://www.schneier.com/blog/archives/2025/06/report-on-the-malicious-uses-of-ai.html
Hearing on the Federal Government and AI
https://www.schneier.com/blog/archives/2025/06/hearing_on_the_federal_government_and_ai.html
Hello, won't you tell me your name?: Investigating Anonymity Abuse in IPFS
https://arxiv.org/abs/2506.04307
Learning to Diagnose Privately: DP-Powered LLMs for Radiology Report Classification
https://arxiv.org/abs/2506.04556
Possible Malware in Official MicroDicom Installer (PDF + Hashes + Scan Results Included)
https://www.reddit.com/r/netsec/comments/1l52z1k/possible_malware_in_official_microdicom_installer/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
New Mirai botnet campaign targets DVR devices
Kaspersky GReAT experts describe the new features of a Mirai variant: the latest botnet infections target TBK DVR devices with CVE-2024-3721.
Top Security News for Today
A masochist’s guide to web development
https://www.reddit.com/r/lowlevel/comments/1l5gsf4/a_masochists_guide_to_web_development/
Weaponizing Dependabot – Exploiting GitHub Automation for Supply Chain Attacks
https://www.darknet.org.uk/2025/06/weaponizing-dependabot-exploiting-github-automation-for-supply-chain-attacks/
Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection
https://www.reddit.com/r/netsec/comments/1l5lj9b/riding_the_time_machine_journey_through_an_old/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A masochist’s guide to web development
https://www.reddit.com/r/lowlevel/comments/1l5gsf4/a_masochists_guide_to_web_development/
Weaponizing Dependabot – Exploiting GitHub Automation for Supply Chain Attacks
https://www.darknet.org.uk/2025/06/weaponizing-dependabot-exploiting-github-automation-for-supply-chain-attacks/
Riding The Time Machine: Journey Through An Old vBulletin PHP Object Injection
https://www.reddit.com/r/netsec/comments/1l5lj9b/riding_the_time_machine_journey_through_an_old/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the lowlevel community on Reddit: A masochist’s guide to web development
Posted by FoxInTheRedBox - 2 votes and 0 comments
Top Security News for Today
ProxyBlob – SOCKS5 Over Azure Blob Storage for Covert Network Tunneling
https://www.darknet.org.uk/2025/06/proxyblob-socks5-over-azure-blob-storage-for-covert-network-tunneling/
LLM App Security: Risk & Prevent for GenAI Development
https://www.reddit.com/r/netsec/comments/1l40ufu/llm_app_security_risk_prevent_for_genai/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
Monkey365 – PowerShell Security Scanner for Microsoft 365, Azure, and Entra ID
https://www.darknet.org.uk/2025/06/monkey365-powershell-security-scanner-for-microsoft-365-azure-and-entra-id/
9th June – Threat Intelligence Report
https://research.checkpoint.com/2025/9th-june-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ProxyBlob – SOCKS5 Over Azure Blob Storage for Covert Network Tunneling
https://www.darknet.org.uk/2025/06/proxyblob-socks5-over-azure-blob-storage-for-covert-network-tunneling/
LLM App Security: Risk & Prevent for GenAI Development
https://www.reddit.com/r/netsec/comments/1l40ufu/llm_app_security_risk_prevent_for_genai/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
Monkey365 – PowerShell Security Scanner for Microsoft 365, Azure, and Entra ID
https://www.darknet.org.uk/2025/06/monkey365-powershell-security-scanner-for-microsoft-365-azure-and-entra-id/
9th June – Threat Intelligence Report
https://research.checkpoint.com/2025/9th-june-threat-intelligence-report/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
https://www.tripwire.com/state-of-security/expanding-adhics-v20-closer-look-healthcare-cybersecurity-uae
Sleep with one eye open: how Librarian Ghouls steal data by night
https://securelist.com/librarian-ghouls-apt-wakes-up-computers-to-steal-data-and-mine-crypto/116536/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
New Way to Track Covertly Android Users
https://www.schneier.com/blog/archives/2025/06/new-way-to-track-covertly-android-users.html
Preventing Prompt Injection Attacks at Scale
https://www.reddit.com/r/netsec/comments/1l79xay/preventing_prompt_injection_attacks_at_scale/
A bit more on Twitter/X’s new encrypted messaging
https://www.reddit.com/r/netsec/comments/1l7cgwa/a_bit_more_on_twitterxs_new_encrypted_messaging/
Bruteforcing the phone number of any Google user
https://www.reddit.com/r/netsec/comments/1l7e972/bruteforcing_the_phone_number_of_any_google_user/
How Google’s Wiz Acquisition Impacts CNAPP
https://www.trendmicro.com/en_us/research/25/f/google-wiz-acquisition-cnapp.html
Mexico’s Digital Growth Comes with Cybersecurity Challenges
https://www.tripwire.com/state-of-security/mexicos-digital-growth-comes-cybersecurity-challenges
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
https://www.tripwire.com/state-of-security/expanding-adhics-v20-closer-look-healthcare-cybersecurity-uae
Sleep with one eye open: how Librarian Ghouls steal data by night
https://securelist.com/librarian-ghouls-apt-wakes-up-computers-to-steal-data-and-mine-crypto/116536/
HMAS Canberra accidentally blocks wireless internet and radio services in New Zealand
https://www.reddit.com/r/netsec/comments/1l6pdv7/hmas_canberra_accidentally_blocks_wireless/
New Way to Track Covertly Android Users
https://www.schneier.com/blog/archives/2025/06/new-way-to-track-covertly-android-users.html
Preventing Prompt Injection Attacks at Scale
https://www.reddit.com/r/netsec/comments/1l79xay/preventing_prompt_injection_attacks_at_scale/
A bit more on Twitter/X’s new encrypted messaging
https://www.reddit.com/r/netsec/comments/1l7cgwa/a_bit_more_on_twitterxs_new_encrypted_messaging/
Bruteforcing the phone number of any Google user
https://www.reddit.com/r/netsec/comments/1l7e972/bruteforcing_the_phone_number_of_any_google_user/
How Google’s Wiz Acquisition Impacts CNAPP
https://www.trendmicro.com/en_us/research/25/f/google-wiz-acquisition-cnapp.html
Mexico’s Digital Growth Comes with Cybersecurity Challenges
https://www.tripwire.com/state-of-security/mexicos-digital-growth-comes-cybersecurity-challenges
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Expanding on ADHICS v2.0: A Closer Look at Healthcare Cybersecurity in the UAE
Explore ADHICS v2.0 and how it strengthens UAE healthcare cybersecurity with six pillars for resilience, compliance, and innovation.
Top Security News for Today
Why Open Source ≠ Secure Code
https://www.reddit.com/r/netsec/comments/1l7usj1/why_open_source_secure_code/
New ISPConfig Authenticated Remote Code Execution Vulnerability
https://www.reddit.com/r/netsec/comments/1l7vrmd/new_ispconfig_authenticated_remote_code_execution/
CVE-2025-47934 - Spoofing OpenPGP.js signature verification
https://www.reddit.com/r/netsec/comments/1l7z99n/cve202547934_spoofing_openpgpjs_signature/
Feedback - new secure doc sharing platform GetSafeDocs.com
https://www.reddit.com/r/netsec/comments/1l83dmz/feedback_new_secure_doc_sharing_platform/
Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/10/microsoft-and-adobe-patch-tuesday-june-2025-security-update-review
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
Argusee and Agentic AI in Cybersecurity
https://www.darknet.org.uk/2025/06/argusee-and-agentic-ai-in-cybersecurity/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Why Open Source ≠ Secure Code
https://www.reddit.com/r/netsec/comments/1l7usj1/why_open_source_secure_code/
New ISPConfig Authenticated Remote Code Execution Vulnerability
https://www.reddit.com/r/netsec/comments/1l7vrmd/new_ispconfig_authenticated_remote_code_execution/
CVE-2025-47934 - Spoofing OpenPGP.js signature verification
https://www.reddit.com/r/netsec/comments/1l7z99n/cve202547934_spoofing_openpgpjs_signature/
Feedback - new secure doc sharing platform GetSafeDocs.com
https://www.reddit.com/r/netsec/comments/1l83dmz/feedback_new_secure_doc_sharing_platform/
Stealth Falcon and Horus: A Saga of Middle Eastern Cyber Espionage
https://research.checkpoint.com/2025/stealth-falcon-zero-day/
Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/10/microsoft-and-adobe-patch-tuesday-june-2025-security-update-review
Patch Tuesday, June 2025 Edition
https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/
Argusee and Agentic AI in Cybersecurity
https://www.darknet.org.uk/2025/06/argusee-and-agentic-ai-in-cybersecurity/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Why Open Source ≠ Secure Code
Posted by kobsoN - 0 votes and 8 comments
Top Security News for Today
Toxic trend: Another malware threat targets DeepSeek
https://securelist.com/browservenom-mimicks-deepseek-to-use-malicious-proxy/115728/
AI-Powered Attacks and Lack of Cyber Readiness. How Mexico Can Respond
https://www.tripwire.com/state-of-security/ai-powered-attacks-and-lack-cyber-readiness-how-mexico-can-respond
Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices
https://www.trendmicro.com/en_us/research/25/f/cybertron-nvidia-universal-llm-nim-microservices.html
CVE-2025-33073: A Look in the Mirror - The Reflective Kerberos Relay Attack
https://www.reddit.com/r/netsec/comments/1l8n3r0/cve202533073_a_look_in_the_mirror_the_reflective/
Weaponized Google OAuth Triggers Malicious WebSocket
https://www.reddit.com/r/netsec/comments/1l8st38/weaponized_google_oauth_triggers_malicious/
Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity
https://www.trendmicro.com/en_us/research/25/f/motorsport-cybersecurity.html
Operation Secure: Trend Micro's Threat Intelligence Fuels INTERPOL's Infostealer Infrastructure Takedown
https://www.trendmicro.com/en_us/research/25/f/interpol-operation-secure.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Toxic trend: Another malware threat targets DeepSeek
https://securelist.com/browservenom-mimicks-deepseek-to-use-malicious-proxy/115728/
AI-Powered Attacks and Lack of Cyber Readiness. How Mexico Can Respond
https://www.tripwire.com/state-of-security/ai-powered-attacks-and-lack-cyber-readiness-how-mexico-can-respond
Enabling Secure AI Inference: Trend Cybertron Leverages NVIDIA Universal LLM NIM Microservices
https://www.trendmicro.com/en_us/research/25/f/cybertron-nvidia-universal-llm-nim-microservices.html
CVE-2025-33073: A Look in the Mirror - The Reflective Kerberos Relay Attack
https://www.reddit.com/r/netsec/comments/1l8n3r0/cve202533073_a_look_in_the_mirror_the_reflective/
Weaponized Google OAuth Triggers Malicious WebSocket
https://www.reddit.com/r/netsec/comments/1l8st38/weaponized_google_oauth_triggers_malicious/
Innovation in the Fast Lane: Lessons from Motorsport and Cybersecurity
https://www.trendmicro.com/en_us/research/25/f/motorsport-cybersecurity.html
Operation Secure: Trend Micro's Threat Intelligence Fuels INTERPOL's Infostealer Infrastructure Takedown
https://www.trendmicro.com/en_us/research/25/f/interpol-operation-secure.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
New BrowserVenom malware being distributed via fake DeepSeek phishing website
Kaspersky GReAT experts discovered a new malicious implant: BrowserVenom. It enables a proxy in browsers like Chrome and Mozilla and spreads through a DeepSeek-mimicking phishing website.
Top Security News for Today
Stryker - Android pentesting app with premium access is now free until 2050
https://www.reddit.com/r/netsec/comments/1l9iee8/stryker_android_pentesting_app_with_premium/
Meta is able to track its users via WebRTC on Android including private mode and behind VPN
https://www.reddit.com/r/netsec/comments/1l9kxjm/meta_is_able_to_track_its_users_via_webrtc_on/
From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/
An Open Source agent hacked Mercado Libre
https://www.reddit.com/r/netsec/comments/1l9n9oi/an_open_source_agent_hacked_mercado_libre/
Millions of Vulnerabilities: One Checklist to Kill The Noise
https://www.reddit.com/r/netsec/comments/1l9pblf/millions_of_vulnerabilities_one_checklist_to_kill/
Airlines Secretly Selling Passenger Data to the Government
https://www.schneier.com/blog/archives/2025/06/airlines-secretly-selling-passenger-data-to-the-government.html
Introducing: GitHub Device Code Phishing
https://www.reddit.com/r/netsec/comments/1l9qo58/introducing_github_device_code_phishing/
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Stryker - Android pentesting app with premium access is now free until 2050
https://www.reddit.com/r/netsec/comments/1l9iee8/stryker_android_pentesting_app_with_premium/
Meta is able to track its users via WebRTC on Android including private mode and behind VPN
https://www.reddit.com/r/netsec/comments/1l9kxjm/meta_is_able_to_track_its_users_via_webrtc_on/
From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/
An Open Source agent hacked Mercado Libre
https://www.reddit.com/r/netsec/comments/1l9n9oi/an_open_source_agent_hacked_mercado_libre/
Millions of Vulnerabilities: One Checklist to Kill The Noise
https://www.reddit.com/r/netsec/comments/1l9pblf/millions_of_vulnerabilities_one_checklist_to_kill/
Airlines Secretly Selling Passenger Data to the Government
https://www.schneier.com/blog/archives/2025/06/airlines-secretly-selling-passenger-data-to-the-government.html
Introducing: GitHub Device Code Phishing
https://www.reddit.com/r/netsec/comments/1l9qo58/introducing_github_device_code_phishing/
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Stryker - Android pentesting app with premium access is now free until 2050
Explore this post and more from the netsec community
Top Security News for Today
Paragon Spyware used to Spy on European Journalists
https://www.schneier.com/blog/archives/2025/06/paragon-spyware-used-to-spy-on-european-journalists.html
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html
Envilder – Secure AWS SSM CLI for Environment Variable Management
https://www.darknet.org.uk/2025/06/envilder-secure-aws-ssm-cli-for-environment-variable-management/
IoTGeM: Generalizable Models for Behaviour-Based IoT Attack Detection
https://arxiv.org/abs/2401.01343
A Unified Framework to Enforce, Discover, and Promote Symmetry in Machine Learning
https://arxiv.org/abs/2311.00212
Two months of Burp AI: empowering security testers with the future of AppSec
https://portswigger.net/blog/two-months-of-burp-ai-empowering-security-testers-with-the-future-of-appsec
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Paragon Spyware used to Spy on European Journalists
https://www.schneier.com/blog/archives/2025/06/paragon-spyware-used-to-spy-on-european-journalists.html
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html
Envilder – Secure AWS SSM CLI for Environment Variable Management
https://www.darknet.org.uk/2025/06/envilder-secure-aws-ssm-cli-for-environment-variable-management/
IoTGeM: Generalizable Models for Behaviour-Based IoT Attack Detection
https://arxiv.org/abs/2401.01343
A Unified Framework to Enforce, Discover, and Promote Symmetry in Machine Learning
https://arxiv.org/abs/2311.00212
Two months of Burp AI: empowering security testers with the future of AppSec
https://portswigger.net/blog/two-months-of-burp-ai-empowering-security-testers-with-the-future-of-appsec
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Paragon Spyware used to Spy on European Journalists - Schneier on Security
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of their product. Citizen Lab caught them spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025…
Top Security News for Today
Make Self-XSS Great Again
https://www.reddit.com/r/netsec/comments/1lb3wfp/make_selfxss_great_again/
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
https://www.reddit.com/r/netsec/comments/1lbcbap/gimp_heap_overflow_rediscovery_and_exploitation/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2025/06/upcoming-speaking-engagements-47.html
Input on using the ROT and network connection to hack voting and tabulating software and hardware.
https://www.reddit.com/r/netsec/comments/1lbs0a8/input_on_using_the_rot_and_network_connection_to/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Make Self-XSS Great Again
https://www.reddit.com/r/netsec/comments/1lb3wfp/make_selfxss_great_again/
GIMP Heap Overflow Re-Discovery and Exploitation (CVE-2025–6035)
https://www.reddit.com/r/netsec/comments/1lbcbap/gimp_heap_overflow_rediscovery_and_exploitation/
Upcoming Speaking Engagements
https://www.schneier.com/blog/archives/2025/06/upcoming-speaking-engagements-47.html
Input on using the ROT and network connection to hack voting and tabulating software and hardware.
https://www.reddit.com/r/netsec/comments/1lbs0a8/input_on_using_the_rot_and_network_connection_to/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Make Self-XSS Great Again
Posted by AlmondOffSec - 14 votes and 4 comments
Top Security News for Today
Danish government agency to ditch Microsoft software in push for digital independence
https://therecord.media/denmark-digital-agency-microsoft-digital-independence
GoClipC2 - Clipboard for C2 on Windows in Go
https://www.reddit.com/r/netsec/comments/1lbxw0l/goclipc2_clipboard_for_c2_on_windows_in_go/
Government offices in North Carolina, Georgia disrupted by cyberattacks
https://therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
https://www.record.media/cisa-warns-of-simplehelp-ransomware-compromises
Hosting images inside DNS records using TXT
https://www.reddit.com/r/netsec/comments/1lca5o6/hosting_images_inside_dns_records_using_txt/
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
https://www.darknet.org.uk/2025/06/claws-github-actions-workflow-linter-for-secure-ci-cd-pipelines/
Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023
https://www.tripwire.com/state-of-security/brace-yourselves-game-changing-impact-indias-dpdp-act
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Danish government agency to ditch Microsoft software in push for digital independence
https://therecord.media/denmark-digital-agency-microsoft-digital-independence
GoClipC2 - Clipboard for C2 on Windows in Go
https://www.reddit.com/r/netsec/comments/1lbxw0l/goclipc2_clipboard_for_c2_on_windows_in_go/
Government offices in North Carolina, Georgia disrupted by cyberattacks
https://therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
https://www.record.media/cisa-warns-of-simplehelp-ransomware-compromises
Hosting images inside DNS records using TXT
https://www.reddit.com/r/netsec/comments/1lca5o6/hosting_images_inside_dns_records_using_txt/
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
https://www.darknet.org.uk/2025/06/claws-github-actions-workflow-linter-for-secure-ci-cd-pipelines/
Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023
https://www.tripwire.com/state-of-security/brace-yourselves-game-changing-impact-indias-dpdp-act
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Danish government agency to ditch Microsoft software in push for digital independence
Denmark's digital affairs ministry says it plans to switch to the open source LibreOffice software and away from Microsoft products as part of an effort to make the government more digitally independent.
Top Security News for Today
How to run ADB and fastboot in Termux without root
https://www.reddit.com/r/netsec/comments/1lcnenw/how_to_run_adb_and_fastboot_in_termux_without_root/
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
https://www.tripwire.com/state-of-security/generative-ai-moving-fast-are-your-security-practices-keeping
Hackers impersonating US government compromise email account of prominent Russia researcher
https://therecord.media/keir-giles-russia-researcher-email-hacked
Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks
https://therecord.media/bill-proposes-cisa-hhs-liaison-hospital-cyberattacks
UK appoints first-ever female chief of foreign intelligence service MI6
https://therecord.media/blaise-metreweli-new-mi6-chief
Whole Foods supplier making progress on restoration after cyberattack left shelves empty
https://therecord.media/unfi-groceries-supplier-cyberattack-update
8.4 million people affected by data breach at Indian car share company Zoomcar
https://therecord.media/8-million-affected-zoomcar-data-breach
US offering $10 million for info on Iranian hackers behind IOControl malware
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How to run ADB and fastboot in Termux without root
https://www.reddit.com/r/netsec/comments/1lcnenw/how_to_run_adb_and_fastboot_in_termux_without_root/
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
https://www.tripwire.com/state-of-security/generative-ai-moving-fast-are-your-security-practices-keeping
Hackers impersonating US government compromise email account of prominent Russia researcher
https://therecord.media/keir-giles-russia-researcher-email-hacked
Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks
https://therecord.media/bill-proposes-cisa-hhs-liaison-hospital-cyberattacks
UK appoints first-ever female chief of foreign intelligence service MI6
https://therecord.media/blaise-metreweli-new-mi6-chief
Whole Foods supplier making progress on restoration after cyberattack left shelves empty
https://therecord.media/unfi-groceries-supplier-cyberattack-update
8.4 million people affected by data breach at Indian car share company Zoomcar
https://therecord.media/8-million-affected-zoomcar-data-breach
US offering $10 million for info on Iranian hackers behind IOControl malware
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How to run ADB and fastboot in Termux without root
Explore this post and more from the netsec community
Top Security News for Today
How Human Behavior Can Strengthen Healthcare Cybersecurity
https://www.tripwire.com/state-of-security/how-human-behavior-can-strengthen-healthcare-cybersecurity
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
https://www.tripwire.com/state-of-security/are-wafs-obsolete-pros-cons-and-what-future-holds
Where AI Provides Value
https://www.schneier.com/blog/archives/2025/06/where_ai_provides_value.html
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
https://www.reddit.com/r/netsec/comments/1ldjdo8/is_b_for_backdoor_preauth_rce_chain_in_sitecore/
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
https://therecord.media/uk-data-privacy-regulator-fines-23andme
Russia detects first SuperCard malware attacks skimming bank data via NFC
https://therecord.media/supercard-nfc-banking-malware-russia
Scattered Spider hackers targeting insurance industry following retail hits
https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://www.reddit.com/r/netsec/comments/1le0n3j/wallet_apps_arent_safe_either_heres_how_attackers/
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How Human Behavior Can Strengthen Healthcare Cybersecurity
https://www.tripwire.com/state-of-security/how-human-behavior-can-strengthen-healthcare-cybersecurity
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
https://www.tripwire.com/state-of-security/are-wafs-obsolete-pros-cons-and-what-future-holds
Where AI Provides Value
https://www.schneier.com/blog/archives/2025/06/where_ai_provides_value.html
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
https://www.reddit.com/r/netsec/comments/1ldjdo8/is_b_for_backdoor_preauth_rce_chain_in_sitecore/
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
https://therecord.media/uk-data-privacy-regulator-fines-23andme
Russia detects first SuperCard malware attacks skimming bank data via NFC
https://therecord.media/supercard-nfc-banking-malware-russia
Scattered Spider hackers targeting insurance industry following retail hits
https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://www.reddit.com/r/netsec/comments/1le0n3j/wallet_apps_arent_safe_either_heres_how_attackers/
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
How Human Behavior Can Strengthen Healthcare Cybersecurity
Explore how empowering healthcare staff through culture and training can transform them into a powerful frontline defense against cyber threats.
Top Security News for Today
Fault Injection - Follow the White Rabbit
https://www.reddit.com/r/netsec/comments/1lebtyd/fault_injection_follow_the_white_rabbit/
Exploring Netstalking – Mapping the Hidden Corners of the Internet
https://www.darknet.org.uk/2025/06/exploring-netstalking-mapping-the-hidden-corners-of-the-internet/
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data
https://research.checkpoint.com/2025/minecraft-mod-malware-stargazers/
She Won. They Didn't Just Change the Machines. They Rewired the Election.
https://www.reddit.com/r/netsec/comments/1legjch/she_won_they_didnt_just_change_the_machines_they/
Ghostwriting Scam
https://www.schneier.com/blog/archives/2025/06/ghostwriting-scam.html
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/18/qilin-ransomware-explained-threats-risks-defenses
More than 5 million affected by data breach at healthcare tech firm Episource
https://therecord.media/5-million-affected-episource-data-breach
North Korea targeting Indian crypto job applicants with malware
https://therecord.media/north-korea-india-crypto-applicants
2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries
https://bishopfox.com/blog/2025-red-team-tools-cloud-identity-exploitation-evasion-developer-libraries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Fault Injection - Follow the White Rabbit
https://www.reddit.com/r/netsec/comments/1lebtyd/fault_injection_follow_the_white_rabbit/
Exploring Netstalking – Mapping the Hidden Corners of the Internet
https://www.darknet.org.uk/2025/06/exploring-netstalking-mapping-the-hidden-corners-of-the-internet/
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data
https://research.checkpoint.com/2025/minecraft-mod-malware-stargazers/
She Won. They Didn't Just Change the Machines. They Rewired the Election.
https://www.reddit.com/r/netsec/comments/1legjch/she_won_they_didnt_just_change_the_machines_they/
Ghostwriting Scam
https://www.schneier.com/blog/archives/2025/06/ghostwriting-scam.html
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/18/qilin-ransomware-explained-threats-risks-defenses
More than 5 million affected by data breach at healthcare tech firm Episource
https://therecord.media/5-million-affected-episource-data-breach
North Korea targeting Indian crypto job applicants with malware
https://therecord.media/north-korea-india-crypto-applicants
2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries
https://bishopfox.com/blog/2025-red-team-tools-cloud-identity-exploitation-evasion-developer-libraries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Fault Injection - Follow the White Rabbit
Explore this post and more from the netsec community