Top Security News for Today
Danish government agency to ditch Microsoft software in push for digital independence
https://therecord.media/denmark-digital-agency-microsoft-digital-independence
GoClipC2 - Clipboard for C2 on Windows in Go
https://www.reddit.com/r/netsec/comments/1lbxw0l/goclipc2_clipboard_for_c2_on_windows_in_go/
Government offices in North Carolina, Georgia disrupted by cyberattacks
https://therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
https://www.record.media/cisa-warns-of-simplehelp-ransomware-compromises
Hosting images inside DNS records using TXT
https://www.reddit.com/r/netsec/comments/1lca5o6/hosting_images_inside_dns_records_using_txt/
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
https://www.darknet.org.uk/2025/06/claws-github-actions-workflow-linter-for-secure-ci-cd-pipelines/
Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023
https://www.tripwire.com/state-of-security/brace-yourselves-game-changing-impact-indias-dpdp-act
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Danish government agency to ditch Microsoft software in push for digital independence
https://therecord.media/denmark-digital-agency-microsoft-digital-independence
GoClipC2 - Clipboard for C2 on Windows in Go
https://www.reddit.com/r/netsec/comments/1lbxw0l/goclipc2_clipboard_for_c2_on_windows_in_go/
Government offices in North Carolina, Georgia disrupted by cyberattacks
https://therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
https://www.record.media/cisa-warns-of-simplehelp-ransomware-compromises
Hosting images inside DNS records using TXT
https://www.reddit.com/r/netsec/comments/1lca5o6/hosting_images_inside_dns_records_using_txt/
claws – GitHub Actions Workflow Linter for Secure CI/CD Pipelines
https://www.darknet.org.uk/2025/06/claws-github-actions-workflow-linter-for-secure-ci-cd-pipelines/
Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023
https://www.tripwire.com/state-of-security/brace-yourselves-game-changing-impact-indias-dpdp-act
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Danish government agency to ditch Microsoft software in push for digital independence
Denmark's digital affairs ministry says it plans to switch to the open source LibreOffice software and away from Microsoft products as part of an effort to make the government more digitally independent.
Top Security News for Today
How to run ADB and fastboot in Termux without root
https://www.reddit.com/r/netsec/comments/1lcnenw/how_to_run_adb_and_fastboot_in_termux_without_root/
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
https://www.tripwire.com/state-of-security/generative-ai-moving-fast-are-your-security-practices-keeping
Hackers impersonating US government compromise email account of prominent Russia researcher
https://therecord.media/keir-giles-russia-researcher-email-hacked
Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks
https://therecord.media/bill-proposes-cisa-hhs-liaison-hospital-cyberattacks
UK appoints first-ever female chief of foreign intelligence service MI6
https://therecord.media/blaise-metreweli-new-mi6-chief
Whole Foods supplier making progress on restoration after cyberattack left shelves empty
https://therecord.media/unfi-groceries-supplier-cyberattack-update
8.4 million people affected by data breach at Indian car share company Zoomcar
https://therecord.media/8-million-affected-zoomcar-data-breach
US offering $10 million for info on Iranian hackers behind IOControl malware
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How to run ADB and fastboot in Termux without root
https://www.reddit.com/r/netsec/comments/1lcnenw/how_to_run_adb_and_fastboot_in_termux_without_root/
Generative AI Is Moving Fast. Are Your Security Practices Keeping Up?
https://www.tripwire.com/state-of-security/generative-ai-moving-fast-are-your-security-practices-keeping
Hackers impersonating US government compromise email account of prominent Russia researcher
https://therecord.media/keir-giles-russia-researcher-email-hacked
Bipartisan bill aims to create CISA-HHS liaison for hospital cyberattacks
https://therecord.media/bill-proposes-cisa-hhs-liaison-hospital-cyberattacks
UK appoints first-ever female chief of foreign intelligence service MI6
https://therecord.media/blaise-metreweli-new-mi6-chief
Whole Foods supplier making progress on restoration after cyberattack left shelves empty
https://therecord.media/unfi-groceries-supplier-cyberattack-update
8.4 million people affected by data breach at Indian car share company Zoomcar
https://therecord.media/8-million-affected-zoomcar-data-breach
US offering $10 million for info on Iranian hackers behind IOControl malware
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How to run ADB and fastboot in Termux without root
Explore this post and more from the netsec community
Top Security News for Today
How Human Behavior Can Strengthen Healthcare Cybersecurity
https://www.tripwire.com/state-of-security/how-human-behavior-can-strengthen-healthcare-cybersecurity
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
https://www.tripwire.com/state-of-security/are-wafs-obsolete-pros-cons-and-what-future-holds
Where AI Provides Value
https://www.schneier.com/blog/archives/2025/06/where_ai_provides_value.html
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
https://www.reddit.com/r/netsec/comments/1ldjdo8/is_b_for_backdoor_preauth_rce_chain_in_sitecore/
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
https://therecord.media/uk-data-privacy-regulator-fines-23andme
Russia detects first SuperCard malware attacks skimming bank data via NFC
https://therecord.media/supercard-nfc-banking-malware-russia
Scattered Spider hackers targeting insurance industry following retail hits
https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://www.reddit.com/r/netsec/comments/1le0n3j/wallet_apps_arent_safe_either_heres_how_attackers/
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How Human Behavior Can Strengthen Healthcare Cybersecurity
https://www.tripwire.com/state-of-security/how-human-behavior-can-strengthen-healthcare-cybersecurity
Are WAFs Obsolete? Pros, Cons, and What the Future Holds
https://www.tripwire.com/state-of-security/are-wafs-obsolete-pros-cons-and-what-future-holds
Where AI Provides Value
https://www.schneier.com/blog/archives/2025/06/where_ai_provides_value.html
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
https://www.reddit.com/r/netsec/comments/1ldjdo8/is_b_for_backdoor_preauth_rce_chain_in_sitecore/
Security Analysis: MCP Protocol Vulnerabilities in AI Toolchains
https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/
UK data privacy regulator fines 23andMe over cyber practices in wake of hack
https://therecord.media/uk-data-privacy-regulator-fines-23andme
Russia detects first SuperCard malware attacks skimming bank data via NFC
https://therecord.media/supercard-nfc-banking-malware-russia
Scattered Spider hackers targeting insurance industry following retail hits
https://therecord.media/scattered-spider-targeting-insurance-sector-following-retail-attacks
Wallet apps aren’t safe either — here’s how attackers exploit their flawed security models
https://www.reddit.com/r/netsec/comments/1le0n3j/wallet_apps_arent_safe_either_heres_how_attackers/
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
How Human Behavior Can Strengthen Healthcare Cybersecurity
Explore how empowering healthcare staff through culture and training can transform them into a powerful frontline defense against cyber threats.
Top Security News for Today
Fault Injection - Follow the White Rabbit
https://www.reddit.com/r/netsec/comments/1lebtyd/fault_injection_follow_the_white_rabbit/
Exploring Netstalking – Mapping the Hidden Corners of the Internet
https://www.darknet.org.uk/2025/06/exploring-netstalking-mapping-the-hidden-corners-of-the-internet/
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data
https://research.checkpoint.com/2025/minecraft-mod-malware-stargazers/
She Won. They Didn't Just Change the Machines. They Rewired the Election.
https://www.reddit.com/r/netsec/comments/1legjch/she_won_they_didnt_just_change_the_machines_they/
Ghostwriting Scam
https://www.schneier.com/blog/archives/2025/06/ghostwriting-scam.html
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/18/qilin-ransomware-explained-threats-risks-defenses
More than 5 million affected by data breach at healthcare tech firm Episource
https://therecord.media/5-million-affected-episource-data-breach
North Korea targeting Indian crypto job applicants with malware
https://therecord.media/north-korea-india-crypto-applicants
2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries
https://bishopfox.com/blog/2025-red-team-tools-cloud-identity-exploitation-evasion-developer-libraries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Fault Injection - Follow the White Rabbit
https://www.reddit.com/r/netsec/comments/1lebtyd/fault_injection_follow_the_white_rabbit/
Exploring Netstalking – Mapping the Hidden Corners of the Internet
https://www.darknet.org.uk/2025/06/exploring-netstalking-mapping-the-hidden-corners-of-the-internet/
Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data
https://research.checkpoint.com/2025/minecraft-mod-malware-stargazers/
She Won. They Didn't Just Change the Machines. They Rewired the Election.
https://www.reddit.com/r/netsec/comments/1legjch/she_won_they_didnt_just_change_the_machines_they/
Ghostwriting Scam
https://www.schneier.com/blog/archives/2025/06/ghostwriting-scam.html
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us
https://blog.qualys.com/vulnerabilities-threat-research/2025/06/18/qilin-ransomware-explained-threats-risks-defenses
More than 5 million affected by data breach at healthcare tech firm Episource
https://therecord.media/5-million-affected-episource-data-breach
North Korea targeting Indian crypto job applicants with malware
https://therecord.media/north-korea-india-crypto-applicants
2025 Red Team Tools – Cloud & Identity Exploitation, Evasion & Developer Libraries
https://bishopfox.com/blog/2025-red-team-tools-cloud-identity-exploitation-evasion-developer-libraries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Fault Injection - Follow the White Rabbit
Explore this post and more from the netsec community
Top Security News for Today
Self-Driving Car Video Footage
https://www.schneier.com/blog/archives/2025/06/self-driving-car-video-footage.html
Sleepless Strings - Template Injection in Insomnia
https://www.reddit.com/r/netsec/comments/1lf40wc/sleepless_strings_template_injection_in_insomnia/
Finland could charge Russia-linked ship’s officers over cable breaks by ‘August at the latest’
https://therecord.media/finland-could-charge-eagle-s-ship-officers-cable-breaks
Argentina uncovers suspected Russian spy ring behind disinformation campaigns
https://therecord.media/argentina-russia-spies-disinformation-project-lakhta
Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US
https://therecord.media/alleged-ryuk-member-arrest-ukraine-extradited-us
DOJ moves to seize $225 million in crypto stolen by scammers
https://therecord.media/doj-moves-to-seize-225-million-in-stolen-crypto
AntiDot Android Malware Analysis
https://www.reddit.com/r/netsec/comments/1lfjatl/antidot_android_malware_analysis/
Frida 17.2.0 Released
https://www.reddit.com/r/netsec/comments/1lfnwgq/frida_1720_released/
GitPhish – OAuth Device Code Phishing for GitHub Repos, Secrets, and CI/CD
https://www.darknet.org.uk/2025/06/gitphish-oauth-device-code-phishing-for-github-repos-secrets-and-ci-cd/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Self-Driving Car Video Footage
https://www.schneier.com/blog/archives/2025/06/self-driving-car-video-footage.html
Sleepless Strings - Template Injection in Insomnia
https://www.reddit.com/r/netsec/comments/1lf40wc/sleepless_strings_template_injection_in_insomnia/
Finland could charge Russia-linked ship’s officers over cable breaks by ‘August at the latest’
https://therecord.media/finland-could-charge-eagle-s-ship-officers-cable-breaks
Argentina uncovers suspected Russian spy ring behind disinformation campaigns
https://therecord.media/argentina-russia-spies-disinformation-project-lakhta
Alleged Ryuk ransomware gang member arrested in Ukraine and extradited to US
https://therecord.media/alleged-ryuk-member-arrest-ukraine-extradited-us
DOJ moves to seize $225 million in crypto stolen by scammers
https://therecord.media/doj-moves-to-seize-225-million-in-stolen-crypto
AntiDot Android Malware Analysis
https://www.reddit.com/r/netsec/comments/1lfjatl/antidot_android_malware_analysis/
Frida 17.2.0 Released
https://www.reddit.com/r/netsec/comments/1lfnwgq/frida_1720_released/
GitPhish – OAuth Device Code Phishing for GitHub Repos, Secrets, and CI/CD
https://www.darknet.org.uk/2025/06/gitphish-oauth-device-code-phishing-for-github-repos-secrets-and-ci-cd/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Self-Driving Car Video Footage - Schneier on Security
Two articles crossed my path recently. First, a discussion of all the video Waymo has from outside its cars: in this case related to the LA protests. Second, a discussion of all the video Tesla has from inside its cars. Lots of things are collecting lots…
Top Security News for Today
Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
https://www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims
Surveillance in the US
https://www.schneier.com/blog/archives/2025/06/surveillance-in-the-us.html
Aflac says it stopped ransomware attack launched by ‘sophisticated cybercrime group’
https://therecord.media/aflac-cyberattack-potential-data-breach
Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack
https://therecord.media/krispy-kreme-reports-data-breach-from-2024-attack
Russian dairy supply disrupted by cyberattack on animal certification system
https://therecord.media/russia-dairy-supply-disrupted-cyberattack
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
https://therecord.media/tonga-ministry-of-health-hit-with-cyberattack
Steam Phishing: popular as ever
https://bartblaze.blogspot.com/2025/06/steam-phishing-popular-as-ever.html
Judge overturns Biden-era HHS rule on HIPAA protections for those seeking reproductive care
https://therecord.media/judge-overtuns-biden-era-hhs-rule-hipaa-reproductive-care
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
https://www.tripwire.com/state-of-security/qilin-offers-call-lawyer-button-affiliates-attempting-extort-ransoms-victims
Surveillance in the US
https://www.schneier.com/blog/archives/2025/06/surveillance-in-the-us.html
Aflac says it stopped ransomware attack launched by ‘sophisticated cybercrime group’
https://therecord.media/aflac-cyberattack-potential-data-breach
Krispy Kreme: Over 160,000 people had data stolen during November 2024 cyberattack
https://therecord.media/krispy-kreme-reports-data-breach-from-2024-attack
Russian dairy supply disrupted by cyberattack on animal certification system
https://therecord.media/russia-dairy-supply-disrupted-cyberattack
Tonga Ministry of Health hit with cyberattack affecting website, IT systems
https://therecord.media/tonga-ministry-of-health-hit-with-cyberattack
Steam Phishing: popular as ever
https://bartblaze.blogspot.com/2025/06/steam-phishing-popular-as-ever.html
Judge overturns Biden-era HHS rule on HIPAA protections for those seeking reproductive care
https://therecord.media/judge-overtuns-biden-era-hhs-rule-hipaa-reproductive-care
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Qilin Offers "Call a lawyer" Button For Affiliates Attempting To Extort Ransoms From Victims Who Won't Pay
Qilin ransomware adds a “Call a Lawyer” button to aid affiliates in ransom negotiations, mimicking legit business tactics.
Top Security News for Today
CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
https://www.reddit.com/r/netsec/comments/1lgu3g6/coinmarketcap_clientside_attack_a_comprehensive/
Unexpected security footguns in Go's parsers
https://www.reddit.com/r/netsec/comments/1lgvxon/unexpected_security_footguns_in_gos_parsers/
Series 2: Implementing the WPA in RAWPA - Part 2
https://www.reddit.com/r/netsec/comments/1lh9lw5/series_2_implementing_the_wpa_in_rawpa_part_2/
🚨 Hack Our Smart Contract, Keep the ETH – $500K Open-Source Heist Challenge Is Live
https://www.reddit.com/r/netsec/comments/1lh2zmu/hack_our_smart_contract_keep_the_eth_500k/
Just casually broke bunq’s sandbox with 0day-level spoofing, and nobody seems to care 🇳🇱
https://www.reddit.com/r/netsec/comments/1lhdhmt/just_casually_broke_bunqs_sandbox_with_0daylevel/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
https://www.reddit.com/r/netsec/comments/1lgu3g6/coinmarketcap_clientside_attack_a_comprehensive/
Unexpected security footguns in Go's parsers
https://www.reddit.com/r/netsec/comments/1lgvxon/unexpected_security_footguns_in_gos_parsers/
Series 2: Implementing the WPA in RAWPA - Part 2
https://www.reddit.com/r/netsec/comments/1lh9lw5/series_2_implementing_the_wpa_in_rawpa_part_2/
🚨 Hack Our Smart Contract, Keep the ETH – $500K Open-Source Heist Challenge Is Live
https://www.reddit.com/r/netsec/comments/1lh2zmu/hack_our_smart_contract_keep_the_eth_500k/
Just casually broke bunq’s sandbox with 0day-level spoofing, and nobody seems to care 🇳🇱
https://www.reddit.com/r/netsec/comments/1lhdhmt/just_casually_broke_bunqs_sandbox_with_0daylevel/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: CoinMarketCap Client-Side Attack: A Comprehensive Analysis by c/side
Explore this post and more from the netsec community
Top Security News for Today
RAWPA - hierarchical methodology, comprehensive toolkits, and guided workflows
https://www.reddit.com/r/netsec/comments/1li2kkk/rawpa_hierarchical_methodology_comprehensive/
Introduction to SIMD
https://www.reddit.com/r/lowlevel/comments/1li557q/introduction_to_simd/
Ignition Phase : Standard Training for Fast Adversarial Robustness
https://arxiv.org/abs/2506.15685
Learning from M-Tuple Dominant Positive and Unlabeled Data
https://arxiv.org/abs/2506.15686
S$^2$GPT-PINNs: Sparse and Small models for PDEs
https://arxiv.org/abs/2506.15687
Cellular Traffic Prediction via Deep State Space Models with Attention Mechanism
https://arxiv.org/abs/2506.15688
BASE-Q: Bias and Asymmetric Scaling Enhanced Rotational Quantization for Large Language Models
https://arxiv.org/abs/2506.15689
SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play
https://securelist.com/sparkkitty-ios-android-malware/116793/
Rethinking LLM Training through Information Geometry and Quantum Metrics
https://arxiv.org/abs/2506.15830
Clean Up in the Cybersecurity Aisle: Cybercriminals and Groceries
https://www.tripwire.com/state-of-security/clean-cybersecurity-aisle-cybercriminals-and-groceries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
RAWPA - hierarchical methodology, comprehensive toolkits, and guided workflows
https://www.reddit.com/r/netsec/comments/1li2kkk/rawpa_hierarchical_methodology_comprehensive/
Introduction to SIMD
https://www.reddit.com/r/lowlevel/comments/1li557q/introduction_to_simd/
Ignition Phase : Standard Training for Fast Adversarial Robustness
https://arxiv.org/abs/2506.15685
Learning from M-Tuple Dominant Positive and Unlabeled Data
https://arxiv.org/abs/2506.15686
S$^2$GPT-PINNs: Sparse and Small models for PDEs
https://arxiv.org/abs/2506.15687
Cellular Traffic Prediction via Deep State Space Models with Attention Mechanism
https://arxiv.org/abs/2506.15688
BASE-Q: Bias and Asymmetric Scaling Enhanced Rotational Quantization for Large Language Models
https://arxiv.org/abs/2506.15689
SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play
https://securelist.com/sparkkitty-ios-android-malware/116793/
Rethinking LLM Training through Information Geometry and Quantum Metrics
https://arxiv.org/abs/2506.15830
Clean Up in the Cybersecurity Aisle: Cybercriminals and Groceries
https://www.tripwire.com/state-of-security/clean-cybersecurity-aisle-cybercriminals-and-groceries
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: RAWPA - hierarchical methodology, comprehensive toolkits, and guided workflows
Posted by Dark-stash - 3 votes and 0 comments
Top Security News for Today
AutoPwnKey – AV Evasion via Simulated User Interaction
https://www.darknet.org.uk/2025/06/autopwnkey-av-evasion-via-simulated-user-interaction/
Largest DDoS Attack to Date
https://www.schneier.com/blog/archives/2025/06/largest-ddos-attack-to-date.html
Amazon’s Schmidt talks China, cyber traps and the battle in the cloud
https://therecord.media/amazon-cso-steve-schmidt-interview-madpot-honeypot
Novel SSRF Technique Involving HTTP Redirect Loops
https://www.reddit.com/r/netsec/comments/1lidqqw/novel_ssrf_technique_involving_http_redirect_loops/
Data of more than 740,000 stolen in ransomware attack on Michigan hospital network
https://therecord.media/mclaren-health-care-data-breach-notification-ransomware
Israeli officials say Iran exploiting security cameras to guide missile strikes
https://therecord.media/iran-espionage-israeli-security-cameras-missile-attacks
Iran-linked cyberattack reportedly disrupts public services in Albania’s capital
https://therecord.media/tirana-albania-government-cyberattack-iran-linked-group
Navigating cyber risks with Microsoft Security Exposure Management eBook
https://www.microsoft.com/en-us/security/blog/2025/06/23/navigating-cyber-risks-with-microsoft-security-exposure-management-ebook/
Remote Code Execution on 40,000 WiFi alarm clocks
https://www.reddit.com/r/netsec/comments/1lirrc6/remote_code_execution_on_40000_wifi_alarm_clocks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
AutoPwnKey – AV Evasion via Simulated User Interaction
https://www.darknet.org.uk/2025/06/autopwnkey-av-evasion-via-simulated-user-interaction/
Largest DDoS Attack to Date
https://www.schneier.com/blog/archives/2025/06/largest-ddos-attack-to-date.html
Amazon’s Schmidt talks China, cyber traps and the battle in the cloud
https://therecord.media/amazon-cso-steve-schmidt-interview-madpot-honeypot
Novel SSRF Technique Involving HTTP Redirect Loops
https://www.reddit.com/r/netsec/comments/1lidqqw/novel_ssrf_technique_involving_http_redirect_loops/
Data of more than 740,000 stolen in ransomware attack on Michigan hospital network
https://therecord.media/mclaren-health-care-data-breach-notification-ransomware
Israeli officials say Iran exploiting security cameras to guide missile strikes
https://therecord.media/iran-espionage-israeli-security-cameras-missile-attacks
Iran-linked cyberattack reportedly disrupts public services in Albania’s capital
https://therecord.media/tirana-albania-government-cyberattack-iran-linked-group
Navigating cyber risks with Microsoft Security Exposure Management eBook
https://www.microsoft.com/en-us/security/blog/2025/06/23/navigating-cyber-risks-with-microsoft-security-exposure-management-ebook/
Remote Code Execution on 40,000 WiFi alarm clocks
https://www.reddit.com/r/netsec/comments/1lirrc6/remote_code_execution_on_40000_wifi_alarm_clocks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
AutoPwnKey - AV Evasion via Simulated User Interaction
AutoPwnKey is an open-source AV evasion tool that uses AutoHotKey to simulate user interaction and execute payloads without triggering antivirus or EDR detection. Learn how it works and how to use it safely.
Top Security News for Today
Revenge, Fame, and Fun: The Motives Behind Modern Cyberattacks
https://www.tripwire.com/state-of-security/revenge-fame-and-fun-motives-behind-modern-cyberattacks
Here’s a Subliminal Channel You Haven’t Considered Before
https://www.schneier.com/blog/archives/2025/06/heres-a-subliminal-channel-you-havent-considered-before.html
NATO Summit in The Hague hit by potential sabotage as rail cables set on fire
https://therecord.media/nato-summit-the-hague-rail-cables-set-on-fire
Social engineering and Signal chats led to new Russian malware attacks, Ukraine says
https://therecord.media/ukraine-new-russian-malware-social-engineering-signal-chats
Russia releases REvil members after convictions for payment card fraud
https://therecord.media/revil-cybercrime-gang-members-released-russia
Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent
https://www.trendmicro.com/en_us/research/25/f/why-a-classic-mcp-server-vulnerability-can-undermine-your-entire-ai-agent.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Revenge, Fame, and Fun: The Motives Behind Modern Cyberattacks
https://www.tripwire.com/state-of-security/revenge-fame-and-fun-motives-behind-modern-cyberattacks
Here’s a Subliminal Channel You Haven’t Considered Before
https://www.schneier.com/blog/archives/2025/06/heres-a-subliminal-channel-you-havent-considered-before.html
NATO Summit in The Hague hit by potential sabotage as rail cables set on fire
https://therecord.media/nato-summit-the-hague-rail-cables-set-on-fire
Social engineering and Signal chats led to new Russian malware attacks, Ukraine says
https://therecord.media/ukraine-new-russian-malware-social-engineering-signal-chats
Russia releases REvil members after convictions for payment card fraud
https://therecord.media/revil-cybercrime-gang-members-released-russia
Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent
https://www.trendmicro.com/en_us/research/25/f/why-a-classic-mcp-server-vulnerability-can-undermine-your-entire-ai-agent.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Revenge, Fame, and Fun: The Motives Behind Modern Cyberattacks
Explore the surprising motives behind cyberattacks, from revenge to thrill-seeking, and how they shape today’s digital threat landscape.
Top Security News for Today
Security Benchmarking Authorization Policy Engines
https://www.reddit.com/r/netsec/comments/1lk0v0y/security_benchmarking_authorization_policy_engines/
AI and collaboration tools: how cyberattackers are targeting SMBs in 2025
https://securelist.com/smb-threat-report-2025/116830/
What LLMs Know About Their Users
https://www.schneier.com/blog/archives/2025/06/what-llms-know-about-their-users.html
In the Wild: Malware Prototype with Embedded Prompt Injection
https://research.checkpoint.com/2025/ai-evasion-prompt-injection/
Glasgow City Council impacted by ‘cyber incident’
https://therecord.media/glasgow-city-council-cyber-incident
Ransomware attack contributed to patient’s death, says Britain’s NHS
https://therecord.media/ransomware-attack-contributed-patient-death-uk-nhs
French police reportedly arrest suspected BreachForums administrators
https://therecord.media/france-breachforums-suspects-arrests
Citrix warns of exploitation of Netscaler devices through new bugs
https://therecord.media/citrix-warns-netscaler-exploitation-bug
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Security Benchmarking Authorization Policy Engines
https://www.reddit.com/r/netsec/comments/1lk0v0y/security_benchmarking_authorization_policy_engines/
AI and collaboration tools: how cyberattackers are targeting SMBs in 2025
https://securelist.com/smb-threat-report-2025/116830/
What LLMs Know About Their Users
https://www.schneier.com/blog/archives/2025/06/what-llms-know-about-their-users.html
In the Wild: Malware Prototype with Embedded Prompt Injection
https://research.checkpoint.com/2025/ai-evasion-prompt-injection/
Glasgow City Council impacted by ‘cyber incident’
https://therecord.media/glasgow-city-council-cyber-incident
Ransomware attack contributed to patient’s death, says Britain’s NHS
https://therecord.media/ransomware-attack-contributed-patient-death-uk-nhs
French police reportedly arrest suspected BreachForums administrators
https://therecord.media/france-breachforums-suspects-arrests
Citrix warns of exploitation of Netscaler devices through new bugs
https://therecord.media/citrix-warns-netscaler-exploitation-bug
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Security Benchmarking Authorization Policy Engines
Posted by nibblesec - 4 votes and 0 comments
Top Security News for Today
Outdated Routers: The Hidden Threat to Network Security, FBI Warns
https://www.tripwire.com/state-of-security/outdated-routers-hidden-threat-network-security-fbi-warns
White House Bans WhatsApp
https://www.schneier.com/blog/archives/2025/06/white-house-bans-whatsapp.html
We built a smart, searchable infosec library indexing 20+ years of resources
https://www.reddit.com/r/netsec/comments/1lkraj4/we_built_a_smart_searchable_infosec_library/
Marketplace Takeover: How We Could’ve Taken Over Every Developer Using a VSCode Fork - Putting Millions at Risk
https://www.reddit.com/r/netsec/comments/1lkxg85/marketplace_takeover_how_we_couldve_taken_over/
Read “Windows Registry Manipulation“ by ONESithuation
https://www.reddit.com/r/netsec/comments/1lkr55r/read_windows_registry_manipulation_by/
British hacker 'IntelBroker' charged in US over spree of company breaches
https://therecord.media/british-hacker-intelbroker-spree-breaches
Felicity Oswald, chief operating officer at UK’s NCSC, set to leave cyber agency
https://therecord.media/felicity-oswald-ncsc-coo-uk
The Journey of Bypassing Ubuntu’s Unprivileged Namespace Restriction
https://devco.re/blog/2025/06/26/the-journey-of-bypassing-ubuntus-unprivileged-namespace-restriction/
Building security that lasts: Microsoft’s journey towards durability at scale
https://www.microsoft.com/en-us/security/blog/2025/06/26/building-security-that-lasts-microsofts-journey-towards-durability-at-scale/
Bipartisan bill seeks to ban federal agencies from using DeepSeek, AI tools from ‘foreign adversaries’
https://therecord.media/bipartisan-bill-ban-deepseek-federal
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Outdated Routers: The Hidden Threat to Network Security, FBI Warns
https://www.tripwire.com/state-of-security/outdated-routers-hidden-threat-network-security-fbi-warns
White House Bans WhatsApp
https://www.schneier.com/blog/archives/2025/06/white-house-bans-whatsapp.html
We built a smart, searchable infosec library indexing 20+ years of resources
https://www.reddit.com/r/netsec/comments/1lkraj4/we_built_a_smart_searchable_infosec_library/
Marketplace Takeover: How We Could’ve Taken Over Every Developer Using a VSCode Fork - Putting Millions at Risk
https://www.reddit.com/r/netsec/comments/1lkxg85/marketplace_takeover_how_we_couldve_taken_over/
Read “Windows Registry Manipulation“ by ONESithuation
https://www.reddit.com/r/netsec/comments/1lkr55r/read_windows_registry_manipulation_by/
British hacker 'IntelBroker' charged in US over spree of company breaches
https://therecord.media/british-hacker-intelbroker-spree-breaches
Felicity Oswald, chief operating officer at UK’s NCSC, set to leave cyber agency
https://therecord.media/felicity-oswald-ncsc-coo-uk
The Journey of Bypassing Ubuntu’s Unprivileged Namespace Restriction
https://devco.re/blog/2025/06/26/the-journey-of-bypassing-ubuntus-unprivileged-namespace-restriction/
Building security that lasts: Microsoft’s journey towards durability at scale
https://www.microsoft.com/en-us/security/blog/2025/06/26/building-security-that-lasts-microsofts-journey-towards-durability-at-scale/
Bipartisan bill seeks to ban federal agencies from using DeepSeek, AI tools from ‘foreign adversaries’
https://therecord.media/bipartisan-bill-ban-deepseek-federal
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Outdated Routers: The Hidden Threat to Network Security, FBI Warns
FBI warns of TheMoon malware hijacking outdated routers. Learn how to secure your network and replace end-of-life devices.
Top Security News for Today
Advanced computer vision for extracting georeferenced vehicle trajectories from drone imagery
https://arxiv.org/abs/2411.02136
The Age of Integrity
https://www.schneier.com/blog/archives/2025/06/the-age-of-integrity.html
Sububy – A Modular Ruby Suite for Subdomain Enumeration
https://www.darknet.org.uk/2025/06/sububy-a-modular-ruby-suite-for-subdomain-enumeration/
United Natural Foods says week-long cyber incident will impact quarterly income
https://therecord.media/united-natural-foods-cyber-incident-q4-impact
Hawaiian Airlines flights operating safely after cyberattack affects some IT systems
https://therecord.media/hawaiian-airlines-cyberattack-flights-safe
Hackers stole data on 2.2 million people in cyberattack affecting American grocery chains
https://therecord.media/hackers-cyberattack-grocery-chain
NATO members aim for spending 5% of GDP on defense, with 1.5% eligible for cyber
https://therecord.media/nato-agreement-5percent-gdp-defense-spending-cyber
Demystifying MCP (Model Context Protocol): 3 Common Misconceptions
https://www.reddit.com/r/netsec/comments/1lltr7o/demystifying_mcp_model_context_protocol_3_common/
Unveiling RIFT: Enhancing Rust malware analysis through pattern matching
https://www.microsoft.com/en-us/security/blog/2025/06/27/unveiling-rift-enhancing-rust-malware-analysis-through-pattern-matching/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Advanced computer vision for extracting georeferenced vehicle trajectories from drone imagery
https://arxiv.org/abs/2411.02136
The Age of Integrity
https://www.schneier.com/blog/archives/2025/06/the-age-of-integrity.html
Sububy – A Modular Ruby Suite for Subdomain Enumeration
https://www.darknet.org.uk/2025/06/sububy-a-modular-ruby-suite-for-subdomain-enumeration/
United Natural Foods says week-long cyber incident will impact quarterly income
https://therecord.media/united-natural-foods-cyber-incident-q4-impact
Hawaiian Airlines flights operating safely after cyberattack affects some IT systems
https://therecord.media/hawaiian-airlines-cyberattack-flights-safe
Hackers stole data on 2.2 million people in cyberattack affecting American grocery chains
https://therecord.media/hackers-cyberattack-grocery-chain
NATO members aim for spending 5% of GDP on defense, with 1.5% eligible for cyber
https://therecord.media/nato-agreement-5percent-gdp-defense-spending-cyber
Demystifying MCP (Model Context Protocol): 3 Common Misconceptions
https://www.reddit.com/r/netsec/comments/1lltr7o/demystifying_mcp_model_context_protocol_3_common/
Unveiling RIFT: Enhancing Rust malware analysis through pattern matching
https://www.microsoft.com/en-us/security/blog/2025/06/27/unveiling-rift-enhancing-rust-malware-analysis-through-pattern-matching/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Advanced computer vision for extracting georeferenced vehicle...
This paper presents a framework for extracting georeferenced vehicle trajectories from high-altitude drone imagery, addressing key challenges in urban traffic monitoring and the limitations of...
Top Security News for Today
The Ideation-Execution Gap: Execution Outcomes of LLM-Generated versus Human Research Ideas
https://arxiv.org/abs/2506.20803
Leveraging Google's Agent Development Kit for Automated Threat Analysis
https://www.reddit.com/r/netsec/comments/1ln2xn0/leveraging_googles_agent_development_kit_for/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Ideation-Execution Gap: Execution Outcomes of LLM-Generated versus Human Research Ideas
https://arxiv.org/abs/2506.20803
Leveraging Google's Agent Development Kit for Automated Threat Analysis
https://www.reddit.com/r/netsec/comments/1ln2xn0/leveraging_googles_agent_development_kit_for/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
The Ideation-Execution Gap: Execution Outcomes of LLM-Generated...
Large Language Models (LLMs) have shown promise in accelerating the scientific research pipeline. A key capability for this process is the ability to generate novel research ideas, and prior...
Top Security News for Today
Structuralist Approach to AI Literary Criticism: Leveraging Greimas Semiotic Square for Large Language Models
https://arxiv.org/abs/2506.21360
Scalable Bayesian Low-Rank Adaptation of Large Language Models via Stochastic Variational Subspace Inference
https://arxiv.org/abs/2506.21408
Potemkin Understanding in Large Language Models
https://arxiv.org/abs/2506.21521
Bridging Offline and Online Reinforcement Learning for LLMs
https://arxiv.org/abs/2506.21495
SceneGenAgent: Precise Industrial Scene Generation with Coding Agent
https://arxiv.org/abs/2506.21555
Efficient Multilingual ASR Finetuning via LoRA Language Experts
https://arxiv.org/abs/2506.21556
VAT-KG: Knowledge-Intensive Multimodal Knowledge Graph Dataset for Retrieval-Augmented Generation
https://arxiv.org/abs/2506.21557
Debunk and Infer: Multimodal Fake News Detection via Diffusion-Generated Evidence and LLM Reasoning
https://arxiv.org/abs/2506.21558
Bench to the Future: A Pastcasting Benchmark for Forecasting Agents
https://arxiv.org/abs/2506.21559
Essential Features to Look for in a VM Solution
https://www.tripwire.com/state-of-security/essential-features-look-vm-solution
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Structuralist Approach to AI Literary Criticism: Leveraging Greimas Semiotic Square for Large Language Models
https://arxiv.org/abs/2506.21360
Scalable Bayesian Low-Rank Adaptation of Large Language Models via Stochastic Variational Subspace Inference
https://arxiv.org/abs/2506.21408
Potemkin Understanding in Large Language Models
https://arxiv.org/abs/2506.21521
Bridging Offline and Online Reinforcement Learning for LLMs
https://arxiv.org/abs/2506.21495
SceneGenAgent: Precise Industrial Scene Generation with Coding Agent
https://arxiv.org/abs/2506.21555
Efficient Multilingual ASR Finetuning via LoRA Language Experts
https://arxiv.org/abs/2506.21556
VAT-KG: Knowledge-Intensive Multimodal Knowledge Graph Dataset for Retrieval-Augmented Generation
https://arxiv.org/abs/2506.21557
Debunk and Infer: Multimodal Fake News Detection via Diffusion-Generated Evidence and LLM Reasoning
https://arxiv.org/abs/2506.21558
Bench to the Future: A Pastcasting Benchmark for Forecasting Agents
https://arxiv.org/abs/2506.21559
Essential Features to Look for in a VM Solution
https://www.tripwire.com/state-of-security/essential-features-look-vm-solution
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Structuralist Approach to AI Literary Criticism: Leveraging...
Large Language Models (LLMs) excel in understanding and generating text but struggle with providing professional literary criticism for works with profound thoughts and complex narratives. This...
Top Security News for Today
Comparing Semgrep Community and Code for Static Analysis
https://www.reddit.com/r/netsec/comments/1lo32y7/comparing_semgrep_community_and_code_for_static/
How Cybersecurity Fears Affect Confidence in Voting Systems
https://www.schneier.com/blog/archives/2025/06/cyberattacks-shake-voters-trust-in-elections.html
29th June – Threat Intelligence Report
https://research.checkpoint.com/2025/29th-june-threat-intelligence-report/
New free 7h OpenSecurityTraining2 class: "Fuzzing 1001: Introductory white-box fuzzing with AFL++" by Francesco Pollicino is now released
https://www.reddit.com/r/netsec/comments/1lo4kwu/new_free_7h_opensecuritytraining2_class_fuzzing/
Disgruntled British IT worker jailed for hacking employer after being suspended
https://therecord.media/uk-it-worker-jailed-hacking-former-employer
État de l’art sur le phishing Azure en 2025 (partie 1) – Device code flow
https://www.reddit.com/r/netsec/comments/1lo8r1y/état_de_lart_sur_le_phishing_azure_en_2025_partie/
OnionC2 – Tor Powered Rust Command and Control Framework
https://www.darknet.org.uk/2025/06/onionc2-tor-powered-rust-command-and-control-framework/
Senator Chides FBI for Weak Advice on Mobile Security
https://krebsonsecurity.com/2025/06/senator-chides-fbi-for-weak-advice-on-mobile-security/
Canada suspends Hikvision operations over national security concerns
https://therecord.media/canada-suspends-hikvision-operations-national-security
C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption
https://www.reddit.com/r/netsec/comments/1lod5nx/c4_bomb_blowing_up_chromes_appbound_cookie/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Comparing Semgrep Community and Code for Static Analysis
https://www.reddit.com/r/netsec/comments/1lo32y7/comparing_semgrep_community_and_code_for_static/
How Cybersecurity Fears Affect Confidence in Voting Systems
https://www.schneier.com/blog/archives/2025/06/cyberattacks-shake-voters-trust-in-elections.html
29th June – Threat Intelligence Report
https://research.checkpoint.com/2025/29th-june-threat-intelligence-report/
New free 7h OpenSecurityTraining2 class: "Fuzzing 1001: Introductory white-box fuzzing with AFL++" by Francesco Pollicino is now released
https://www.reddit.com/r/netsec/comments/1lo4kwu/new_free_7h_opensecuritytraining2_class_fuzzing/
Disgruntled British IT worker jailed for hacking employer after being suspended
https://therecord.media/uk-it-worker-jailed-hacking-former-employer
État de l’art sur le phishing Azure en 2025 (partie 1) – Device code flow
https://www.reddit.com/r/netsec/comments/1lo8r1y/état_de_lart_sur_le_phishing_azure_en_2025_partie/
OnionC2 – Tor Powered Rust Command and Control Framework
https://www.darknet.org.uk/2025/06/onionc2-tor-powered-rust-command-and-control-framework/
Senator Chides FBI for Weak Advice on Mobile Security
https://krebsonsecurity.com/2025/06/senator-chides-fbi-for-weak-advice-on-mobile-security/
Canada suspends Hikvision operations over national security concerns
https://therecord.media/canada-suspends-hikvision-operations-national-security
C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption
https://www.reddit.com/r/netsec/comments/1lod5nx/c4_bomb_blowing_up_chromes_appbound_cookie/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Comparing Semgrep Community and Code for Static Analysis
Posted by nibblesec - 14 votes and 3 comments
Top Security News for Today
Critical Security Risks Facing COBOL Mainframes
https://www.tripwire.com/state-of-security/critical-security-risks-facing-cobol-mainframes
Iranian Blackout Affected Misinformation Campaigns
https://www.schneier.com/blog/archives/2025/07/iranian-blackout-affected-misinformation-campaigns.html
International Criminal Court targeted by new ‘sophisticated’ attack
https://therecord.media/international-criminal-court-cyberattack-2025
Spanish police arrest five over $542 million crypto investment scheme
https://therecord.media/spain-europol-cryptocurrency-investment-scheme-takedown
How we got persistent XSS on every AEM cloud site
https://www.reddit.com/r/netsec/comments/1lovolp/how_we_got_persistent_xss_on_every_aem_cloud_site/
Trump’s national cyber director nominee clears Senate committee
https://therecord.media/trump-national-cyber-director-pick-clears-senate-panel
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Critical Security Risks Facing COBOL Mainframes
https://www.tripwire.com/state-of-security/critical-security-risks-facing-cobol-mainframes
Iranian Blackout Affected Misinformation Campaigns
https://www.schneier.com/blog/archives/2025/07/iranian-blackout-affected-misinformation-campaigns.html
International Criminal Court targeted by new ‘sophisticated’ attack
https://therecord.media/international-criminal-court-cyberattack-2025
Spanish police arrest five over $542 million crypto investment scheme
https://therecord.media/spain-europol-cryptocurrency-investment-scheme-takedown
How we got persistent XSS on every AEM cloud site
https://www.reddit.com/r/netsec/comments/1lovolp/how_we_got_persistent_xss_on_every_aem_cloud_site/
Trump’s national cyber director nominee clears Senate committee
https://therecord.media/trump-national-cyber-director-pick-clears-senate-panel
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
5 Critical Security Risks Facing COBOL Mainframes
Discover COBOL’s critical role in legacy systems and the top 5 security risks threatening mainframe stability and data integrity.
Top Security News for Today
Ubuntu Disables Spectre/Meltdown Protections
https://www.schneier.com/blog/archives/2025/07/ubuntu-disables-spectre-meltdown-protections.html
From Web Dog's Perspective on OSEE — Advanced Windows Exploitation from 0.1
https://devco.re/blog/2025/07/02/webdog-view-on-osee-advanced-windows-exploitation-from-0.1/
French cybersecurity agency confirms government affected by Ivanti hacks
https://therecord.media/france-anssi-report-ivanti-bugs-exploited
"Schizophrenic" zip files. Different contents depending on your archive reader.
https://www.reddit.com/r/netsec/comments/1lpurc5/schizophrenic_zip_files_different_contents/
Ransomware gang attacks German charity that feeds starving children
https://therecord.media/welthungerhilfe-german-hunger-relief-charity-ransomware-attack
‘Significant’ amount of customer data accessed during cyberattack on Qantas airline
https://therecord.media/qantas-airline-data-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Ubuntu Disables Spectre/Meltdown Protections
https://www.schneier.com/blog/archives/2025/07/ubuntu-disables-spectre-meltdown-protections.html
From Web Dog's Perspective on OSEE — Advanced Windows Exploitation from 0.1
https://devco.re/blog/2025/07/02/webdog-view-on-osee-advanced-windows-exploitation-from-0.1/
French cybersecurity agency confirms government affected by Ivanti hacks
https://therecord.media/france-anssi-report-ivanti-bugs-exploited
"Schizophrenic" zip files. Different contents depending on your archive reader.
https://www.reddit.com/r/netsec/comments/1lpurc5/schizophrenic_zip_files_different_contents/
Ransomware gang attacks German charity that feeds starving children
https://therecord.media/welthungerhilfe-german-hunger-relief-charity-ransomware-attack
‘Significant’ amount of customer data accessed during cyberattack on Qantas airline
https://therecord.media/qantas-airline-data-breach
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Ubuntu Disables Spectre/Meltdown Protections - Schneier on Security
A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative execution was a way to speed up CPUs, and removing those enhancements resulted in significant…
Top Security News for Today
Surveillance Used by a Drug Cartel
https://www.schneier.com/blog/archives/2025/07/surveillance_used_by_a_drug_cartel.html
Hunters International ransomware group claims to be shutting down
https://therecord.media/hunters-international-ransomware-extortion-group-claims-shutdown
How Coinbase's $400M Problem Started in an Indian Call Center
https://www.reddit.com/r/netsec/comments/1lqk78h/how_coinbases_400m_problem_started_in_an_indian/
Russia jails man for 16 years over pro-Ukraine cyberattacks on critical infrastructure
https://therecord.media/russia-jails-man-over-pro-ukraine-cyberattacks
Microsoft shuts down 3,000 email accounts created by North Korean IT workers
https://therecord.media/microsoft-shuts-down-3000-north-korea-it-worker-email
Interpol identifies West Africa as potential new hotspot for cybercrime compounds
https://therecord.media/interpol-west-africa-cybercrime-compounds
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Surveillance Used by a Drug Cartel
https://www.schneier.com/blog/archives/2025/07/surveillance_used_by_a_drug_cartel.html
Hunters International ransomware group claims to be shutting down
https://therecord.media/hunters-international-ransomware-extortion-group-claims-shutdown
How Coinbase's $400M Problem Started in an Indian Call Center
https://www.reddit.com/r/netsec/comments/1lqk78h/how_coinbases_400m_problem_started_in_an_indian/
Russia jails man for 16 years over pro-Ukraine cyberattacks on critical infrastructure
https://therecord.media/russia-jails-man-over-pro-ukraine-cyberattacks
Microsoft shuts down 3,000 email accounts created by North Korean IT workers
https://therecord.media/microsoft-shuts-down-3000-north-korea-it-worker-email
Interpol identifies West Africa as potential new hotspot for cybercrime compounds
https://therecord.media/interpol-west-africa-cybercrime-compounds
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Web Metadata search - search for headers, web apps, CMSs, and their versions
https://www.reddit.com/r/netsec/comments/1lr9c1q/web_metadata_search_search_for_headers_web_apps/
Estonia’s cyber ambassador on digitalization, punching upwards and outing GRU spies
https://therecord.media/estonia-cyber-ambassador-interview
CVE-2025-32462: sudo: LPE via host option
https://www.reddit.com/r/netsec/comments/1lrdqbu/cve202532462_sudo_lpe_via_host_option/
Friday Squid Blogging: How Squid Skin Distorts Light
https://www.schneier.com/blog/archives/2025/07/friday-squid-blogging-how-squid-skin-distorts-light.html
MGC: A Compiler Framework Exploiting Compositional Blindness in Aligned LLMs for Malware Generation
https://arxiv.org/abs/2507.02057
Can Artificial Intelligence solve the blockchain oracle problem? Unpacking the Challenges and Possibilities
https://arxiv.org/abs/2507.02125
How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1lrr23e/how_much_more_must_we_bleed_citrix_netscaler/
Tokyo Ghoul — TryHackMe CTF Walkthrough | Web Exploitation & Privilege Escalation
https://www.reddit.com/r/netsec/comments/1lrj974/tokyo_ghoul_tryhackme_ctf_walkthrough_web/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Web Metadata search - search for headers, web apps, CMSs, and their versions
https://www.reddit.com/r/netsec/comments/1lr9c1q/web_metadata_search_search_for_headers_web_apps/
Estonia’s cyber ambassador on digitalization, punching upwards and outing GRU spies
https://therecord.media/estonia-cyber-ambassador-interview
CVE-2025-32462: sudo: LPE via host option
https://www.reddit.com/r/netsec/comments/1lrdqbu/cve202532462_sudo_lpe_via_host_option/
Friday Squid Blogging: How Squid Skin Distorts Light
https://www.schneier.com/blog/archives/2025/07/friday-squid-blogging-how-squid-skin-distorts-light.html
MGC: A Compiler Framework Exploiting Compositional Blindness in Aligned LLMs for Malware Generation
https://arxiv.org/abs/2507.02057
Can Artificial Intelligence solve the blockchain oracle problem? Unpacking the Challenges and Possibilities
https://arxiv.org/abs/2507.02125
How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1lrr23e/how_much_more_must_we_bleed_citrix_netscaler/
Tokyo Ghoul — TryHackMe CTF Walkthrough | Web Exploitation & Privilege Escalation
https://www.reddit.com/r/netsec/comments/1lrj974/tokyo_ghoul_tryhackme_ctf_walkthrough_web/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Web Metadata search - search for headers, web apps, CMSs, and their versions
Posted by rmddos - 4 votes and 0 comments
Top Security News for Today
Schizophrenic ZIP file - Yet Another ZIP Trick Writeup
https://www.reddit.com/r/netsec/comments/1lt4dht/schizophrenic_zip_file_yet_another_zip_trick/
Help🙂🙏
https://www.reddit.com/r/lowlevel/comments/1lt9gsp/help/
This Linux boot flaw bypasses Secure Boot and full disk encryption but the fix is easy
https://www.reddit.com/r/netsec/comments/1lt9wgx/this_linux_boot_flaw_bypasses_secure_boot_and/
État de l’art sur le phishing Azure en 2025 (partie 2) – Étendre l’accès
https://www.reddit.com/r/netsec/comments/1ltcvcs/état_de_lart_sur_le_phishing_azure_en_2025_partie/
Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation
https://www.darknet.org.uk/2025/07/caracal-rust-ebpf-rootkit-for-stealthy-post-exploitation/
Aligning Software Security Practices with the EU CRA Requirements
https://www.tripwire.com/state-of-security/aligning-software-security-practices-eu-cra-requirements
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schizophrenic ZIP file - Yet Another ZIP Trick Writeup
https://www.reddit.com/r/netsec/comments/1lt4dht/schizophrenic_zip_file_yet_another_zip_trick/
Help🙂🙏
https://www.reddit.com/r/lowlevel/comments/1lt9gsp/help/
This Linux boot flaw bypasses Secure Boot and full disk encryption but the fix is easy
https://www.reddit.com/r/netsec/comments/1lt9wgx/this_linux_boot_flaw_bypasses_secure_boot_and/
État de l’art sur le phishing Azure en 2025 (partie 2) – Étendre l’accès
https://www.reddit.com/r/netsec/comments/1ltcvcs/état_de_lart_sur_le_phishing_azure_en_2025_partie/
Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation
https://www.darknet.org.uk/2025/07/caracal-rust-ebpf-rootkit-for-stealthy-post-exploitation/
Aligning Software Security Practices with the EU CRA Requirements
https://www.tripwire.com/state-of-security/aligning-software-security-practices-eu-cra-requirements
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Schizophrenic ZIP file - Yet Another ZIP Trick Writeup
Explore this post and more from the netsec community