Top Security News for Today
Hungarian police arrest suspect in cyberattacks on independent media
https://therecord.media/hungary-arrest-suspect-hacking-independent-media
UK moves forward with plans for mandatory reporting of ransomware attacks
https://therecord.media/mandatory-reporting-ransomware-attacks-uk-proposal
Back to Business: Lumma Stealer Returns with Stealthier Methods
https://www.trendmicro.com/en_us/research/25/g/lumma-stealer-returns.html
Disrupting active exploitation of on-premises SharePoint vulnerabilities
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/
Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI
https://www.microsoft.com/en-us/security/blog/2025/07/22/microsoft-sentinel-data-lake-unify-signals-cut-costs-and-power-agentic-ai/
Autofill Phishing: The Silent Scam That Nobody Warned You About
https://therecord.media/russia-hacker-group-disrupted-local-researchers
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Hungarian police arrest suspect in cyberattacks on independent media
https://therecord.media/hungary-arrest-suspect-hacking-independent-media
UK moves forward with plans for mandatory reporting of ransomware attacks
https://therecord.media/mandatory-reporting-ransomware-attacks-uk-proposal
Back to Business: Lumma Stealer Returns with Stealthier Methods
https://www.trendmicro.com/en_us/research/25/g/lumma-stealer-returns.html
Disrupting active exploitation of on-premises SharePoint vulnerabilities
https://www.microsoft.com/en-us/security/blog/2025/07/22/disrupting-active-exploitation-of-on-premises-sharepoint-vulnerabilities/
Microsoft Sentinel data lake: Unify signals, cut costs, and power agentic AI
https://www.microsoft.com/en-us/security/blog/2025/07/22/microsoft-sentinel-data-lake-unify-signals-cut-costs-and-power-agentic-ai/
Autofill Phishing: The Silent Scam That Nobody Warned You About
https://therecord.media/russia-hacker-group-disrupted-local-researchers
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Hungarian police arrest suspect in cyberattacks on independent media
Authorities said they raided the Budapest residence of a man believed to be "Hano," the suspect in a series of cyberattacks on independent media outlets.
Top Security News for Today
New York unveils new cyber regulations, $2.5 million grant program for water systems
https://therecord.media/new-york-cyber-regulations-water-grants
Google Sues the Badbox Botnet Operators
https://www.schneier.com/blog/archives/2025/07/google-sues-the-badbox-botnet-operators.html
[CVE-2025-48932] Invision Community <= 4.7.20 (calendar/view.php) SQL Injection Vulnerability
https://www.reddit.com/r/netsec/comments/1m757kw/cve202548932_invision_community_4720/
The Guest Who Could: Exploiting LPE in VMWare Tools
https://www.reddit.com/r/netsec/comments/1m77439/the_guest_who_could_exploiting_lpe_in_vmware_tools/
Clorox lawsuit says help-desk contractors handed over passwords in 2023 cyberattack
https://therecord.media/clorox-cyberattack-lawsuit-cognizant-it-contractor
Suspected admin of major dark web cybercrime forum arrested in Ukraine
https://therecord.media/suspected-xss-cybercrime-marketplace-admin-arrested
Active Exploitation of Microsoft SharePoint Vulnerabilities
https://www.reddit.com/r/netsec/comments/1m7bv48/active_exploitation_of_microsoft_sharepoint/
Hijacking Cursor’s Agent: How We Took Over an EC2 Instance
https://www.reddit.com/r/netsec/comments/1m7dbjp/hijacking_cursors_agent_how_we_took_over_an_ec2/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
New York unveils new cyber regulations, $2.5 million grant program for water systems
https://therecord.media/new-york-cyber-regulations-water-grants
Google Sues the Badbox Botnet Operators
https://www.schneier.com/blog/archives/2025/07/google-sues-the-badbox-botnet-operators.html
[CVE-2025-48932] Invision Community <= 4.7.20 (calendar/view.php) SQL Injection Vulnerability
https://www.reddit.com/r/netsec/comments/1m757kw/cve202548932_invision_community_4720/
The Guest Who Could: Exploiting LPE in VMWare Tools
https://www.reddit.com/r/netsec/comments/1m77439/the_guest_who_could_exploiting_lpe_in_vmware_tools/
Clorox lawsuit says help-desk contractors handed over passwords in 2023 cyberattack
https://therecord.media/clorox-cyberattack-lawsuit-cognizant-it-contractor
Suspected admin of major dark web cybercrime forum arrested in Ukraine
https://therecord.media/suspected-xss-cybercrime-marketplace-admin-arrested
Active Exploitation of Microsoft SharePoint Vulnerabilities
https://www.reddit.com/r/netsec/comments/1m7bv48/active_exploitation_of_microsoft_sharepoint/
Hijacking Cursor’s Agent: How We Took Over an EC2 Instance
https://www.reddit.com/r/netsec/comments/1m7dbjp/hijacking_cursors_agent_how_we_took_over_an_ec2/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
New York unveils new cyber regulations, $2.5 million grant program for water systems
New York Gov. Kathy Hochul unveiled proposed cyber regulations for the state's water sector intended to fend off increasing threats to public infrastructure from hackers.
Top Security News for Today
How Solid Protocol Restores Digital Agency
https://www.schneier.com/blog/archives/2025/07/how-solid-protocol-restores-digital-agency.html
SharePoint ToolShell – One Request PreAuth RCE Chain
https://www.reddit.com/r/netsec/comments/1m826b7/sharepoint_toolshell_one_request_preauth_rce_chain/
FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting
https://therecord.media/fbi-the-com-ransomware-swatting-alert
Stealthy cyber spies linked to China compromising virtualization software globally
https://therecord.media/stealthy-china-spies-fire-ant-virtualization-software
Ukraine's deputy defense minister for digital affairs steps down
https://therecord.media/ukraine-deputy-defense-minister-digital-affairs-kateryna-chernohorenko-steps-down
Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble
https://therecord.media/microsoft-says-warlock-ransomware-deployed-in-sharepoint-attacks
Phishers Target Aviation Execs to Scam Customers
https://krebsonsecurity.com/2025/07/phishers-target-aviation-execs-to-scam-customers/
Fortifying Your Cloud Against Cross-Service Confused Deputy Attacks
https://blog.qualys.com/vulnerabilities-threat-research/2025/07/24/fortifying-your-cloud-against-cross-service-confused-deputy-attacks
CastleLoader Malware: Fake GitHub and Phishing Attack Hits 469 Devices
https://www.reddit.com/r/netsec/comments/1m8fw3d/castleloader_malware_fake_github_and_phishing/
Proactive Email Security: The Power of AI
https://www.trendmicro.com/en_us/research/25/g/proactive-email-security.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How Solid Protocol Restores Digital Agency
https://www.schneier.com/blog/archives/2025/07/how-solid-protocol-restores-digital-agency.html
SharePoint ToolShell – One Request PreAuth RCE Chain
https://www.reddit.com/r/netsec/comments/1m826b7/sharepoint_toolshell_one_request_preauth_rce_chain/
FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting
https://therecord.media/fbi-the-com-ransomware-swatting-alert
Stealthy cyber spies linked to China compromising virtualization software globally
https://therecord.media/stealthy-china-spies-fire-ant-virtualization-software
Ukraine's deputy defense minister for digital affairs steps down
https://therecord.media/ukraine-deputy-defense-minister-digital-affairs-kateryna-chernohorenko-steps-down
Microsoft says Warlock ransomware deployed in SharePoint attacks as governments scramble
https://therecord.media/microsoft-says-warlock-ransomware-deployed-in-sharepoint-attacks
Phishers Target Aviation Execs to Scam Customers
https://krebsonsecurity.com/2025/07/phishers-target-aviation-execs-to-scam-customers/
Fortifying Your Cloud Against Cross-Service Confused Deputy Attacks
https://blog.qualys.com/vulnerabilities-threat-research/2025/07/24/fortifying-your-cloud-against-cross-service-confused-deputy-attacks
CastleLoader Malware: Fake GitHub and Phishing Attack Hits 469 Devices
https://www.reddit.com/r/netsec/comments/1m8fw3d/castleloader_malware_fake_github_and_phishing/
Proactive Email Security: The Power of AI
https://www.trendmicro.com/en_us/research/25/g/proactive-email-security.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
How the Solid Protocol Restores Digital Agency - Schneier on Security
The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. These…
Top Security News for Today
BlackSuit ransomware gang’s darknet websites seized by police
https://therecord.media/blacksuit-ransomware-gang-website-takedown
Subliminal Learning in AIs
https://www.schneier.com/blog/archives/2025/07/subliminal-learning-in-ais.html
How we Rooted Copilot
https://www.reddit.com/r/netsec/comments/1m8wqdd/how_we_rooted_copilot/
Arizona woman sentenced to 8.5 years for running North Korean laptop farm
https://therecord.media/arizona-woman-sentenced-north-korean-laptop-farm
Despite changes, crisis pregnancy centers still attract scrutiny over HIPAA promises
https://therecord.media/crisis-pregnancy-centers-hipaa-data-privacy
How We Gained Full Access to a $100M Zero-Trust Startup
https://www.reddit.com/r/netsec/comments/1m908uy/how_we_gained_full_access_to_a_100m_zerotrust/
NASCAR confirms data breach after March cyberattack
https://therecord.media/nascar-confirms-data-breach
Friday Squid Blogging: Stable Quasi-Isodynamic Designs
https://www.schneier.com/blog/archives/2025/07/friday-squid-blogging-stable-quasi-isodynamic-designs.html
The average ransomware attack payment increased nearly 500% from 2023 to 2024.
https://www.reddit.com/r/netsec/comments/1m9bhd5/the_average_ransomware_attack_payment_increased/
Admin Emails & Passwords Exposed via HTTP Method Change
https://www.reddit.com/r/netsec/comments/1m9gwr0/admin_emails_passwords_exposed_via_http_method/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
BlackSuit ransomware gang’s darknet websites seized by police
https://therecord.media/blacksuit-ransomware-gang-website-takedown
Subliminal Learning in AIs
https://www.schneier.com/blog/archives/2025/07/subliminal-learning-in-ais.html
How we Rooted Copilot
https://www.reddit.com/r/netsec/comments/1m8wqdd/how_we_rooted_copilot/
Arizona woman sentenced to 8.5 years for running North Korean laptop farm
https://therecord.media/arizona-woman-sentenced-north-korean-laptop-farm
Despite changes, crisis pregnancy centers still attract scrutiny over HIPAA promises
https://therecord.media/crisis-pregnancy-centers-hipaa-data-privacy
How We Gained Full Access to a $100M Zero-Trust Startup
https://www.reddit.com/r/netsec/comments/1m908uy/how_we_gained_full_access_to_a_100m_zerotrust/
NASCAR confirms data breach after March cyberattack
https://therecord.media/nascar-confirms-data-breach
Friday Squid Blogging: Stable Quasi-Isodynamic Designs
https://www.schneier.com/blog/archives/2025/07/friday-squid-blogging-stable-quasi-isodynamic-designs.html
The average ransomware attack payment increased nearly 500% from 2023 to 2024.
https://www.reddit.com/r/netsec/comments/1m9bhd5/the_average_ransomware_attack_payment_increased/
Admin Emails & Passwords Exposed via HTTP Method Change
https://www.reddit.com/r/netsec/comments/1m9gwr0/admin_emails_passwords_exposed_via_http_method/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
BlackSuit ransomware gang’s darknet websites seized by police
The BlackSuit gang, which is believed to have been operational since April/May 2023, was a private ransomware group that did not license its tooling to other criminals like ransomware-as-a-service (RaaS) schemes.
Top Security News for Today
How to find the blackhat and defcon paper
https://www.reddit.com/r/netsec/comments/1m9otjm/how_to_find_the_blackhat_and_defcon_paper/
Deepfakes, Vishing, and GPT Scams: Phishing Just Levelled Up
https://www.reddit.com/r/netsec/comments/1ma4ks3/deepfakes_vishing_and_gpt_scams_phishing_just/
Created a Penetration Testing Guide to Help the Community, Feedback Welcome!
https://www.reddit.com/r/netsec/comments/1mad4u1/created_a_penetration_testing_guide_to_help_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How to find the blackhat and defcon paper
https://www.reddit.com/r/netsec/comments/1m9otjm/how_to_find_the_blackhat_and_defcon_paper/
Deepfakes, Vishing, and GPT Scams: Phishing Just Levelled Up
https://www.reddit.com/r/netsec/comments/1ma4ks3/deepfakes_vishing_and_gpt_scams_phishing_just/
Created a Penetration Testing Guide to Help the Community, Feedback Welcome!
https://www.reddit.com/r/netsec/comments/1mad4u1/created_a_penetration_testing_guide_to_help_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How to find the blackhat and defcon paper
Explore this post and more from the netsec community
Top Security News for Today
A Simulated Reconstruction and Reidentification Attack on the 2010 U.S. Census: Full Technical Report
https://arxiv.org/abs/2507.18640
The Geometry of LLM Quantization: GPTQ as Babai's Nearest Plane Algorithm
https://arxiv.org/abs/2507.18553
Higher-order transmissibility and its linear approximation for in-service crack identification in train wheelset axles
https://arxiv.org/abs/2507.18636
More Expert-like Eye Gaze Movement Patterns are Related to Better X-ray Reading
https://arxiv.org/abs/2507.18637
Prompt Engineering and the Effectiveness of Large Language Models in Enhancing Human Productivity
https://arxiv.org/abs/2507.18968
People Are Highly Cooperative with Large Language Models, Especially When Communication Is Possible or Following Human Interaction
https://arxiv.org/abs/2507.18638
How good are humans at detecting AI-generated images? Learnings from an experiment
https://arxiv.org/abs/2507.18639
Fourier Spectral Methods for Block Copolymer Systems on Sphere
https://arxiv.org/abs/2507.18640
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A Simulated Reconstruction and Reidentification Attack on the 2010 U.S. Census: Full Technical Report
https://arxiv.org/abs/2507.18640
The Geometry of LLM Quantization: GPTQ as Babai's Nearest Plane Algorithm
https://arxiv.org/abs/2507.18553
Higher-order transmissibility and its linear approximation for in-service crack identification in train wheelset axles
https://arxiv.org/abs/2507.18636
More Expert-like Eye Gaze Movement Patterns are Related to Better X-ray Reading
https://arxiv.org/abs/2507.18637
Prompt Engineering and the Effectiveness of Large Language Models in Enhancing Human Productivity
https://arxiv.org/abs/2507.18968
People Are Highly Cooperative with Large Language Models, Especially When Communication Is Possible or Following Human Interaction
https://arxiv.org/abs/2507.18638
How good are humans at detecting AI-generated images? Learnings from an experiment
https://arxiv.org/abs/2507.18639
Fourier Spectral Methods for Block Copolymer Systems on Sphere
https://arxiv.org/abs/2507.18640
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
How good are humans at detecting AI-generated images? Learnings...
As AI-powered image generation improves, a key question is how well human beings can differentiate between "real" and AI-generated or modified images. Using data collected from the online game...
Top Security News for Today
Microsoft SharePoint Zero-Day
https://www.schneier.com/blog/archives/2025/07/microsoft-sharepoint-zero-day.html
Social engineering attack obtains data on ‘majority’ of Allianz Life customers
https://therecord.media/allianz-life-social-engineering-data-breach
BadSuccessor – Purple Team
https://www.reddit.com/r/netsec/comments/1mben1v/badsuccessor_purple_team/
An inside look into how a coalition of state legislators plan to take on data brokers
https://therecord.media/state-coalition-lawmakers-data-broker-rules
28th July – Threat Intelligence Report
https://research.checkpoint.com/2025/28th-july-threat-intelligence-report/
Tea app data theft scandal worsens as stolen IDs leaked to cybercriminal forum
https://therecord.media/tea-app-data-breach-stolen-ids-leaked
Cyberattack on Aeroflot causing mass flight disruptions, Russia says
https://therecord.media/cyberattack-aeroflot-russia-delays
Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability
https://www.microsoft.com/en-us/security/blog/2025/07/28/sploitlight-analyzing-a-spotlight-based-macos-tcc-vulnerability/
Argus – Ultimate Reconnaissance Toolkit for Offensive Recon Operations
https://www.darknet.org.uk/2025/07/argus-ultimate-reconnaissance-toolkit-for-offensive-recon-operations/
Revisiting UNC3886 Tactics to Defend Against Present Risk
https://www.trendmicro.com/en_us/research/25/g/revisiting-unc3886-tactics-to-defend-against-present-risk.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft SharePoint Zero-Day
https://www.schneier.com/blog/archives/2025/07/microsoft-sharepoint-zero-day.html
Social engineering attack obtains data on ‘majority’ of Allianz Life customers
https://therecord.media/allianz-life-social-engineering-data-breach
BadSuccessor – Purple Team
https://www.reddit.com/r/netsec/comments/1mben1v/badsuccessor_purple_team/
An inside look into how a coalition of state legislators plan to take on data brokers
https://therecord.media/state-coalition-lawmakers-data-broker-rules
28th July – Threat Intelligence Report
https://research.checkpoint.com/2025/28th-july-threat-intelligence-report/
Tea app data theft scandal worsens as stolen IDs leaked to cybercriminal forum
https://therecord.media/tea-app-data-breach-stolen-ids-leaked
Cyberattack on Aeroflot causing mass flight disruptions, Russia says
https://therecord.media/cyberattack-aeroflot-russia-delays
Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability
https://www.microsoft.com/en-us/security/blog/2025/07/28/sploitlight-analyzing-a-spotlight-based-macos-tcc-vulnerability/
Argus – Ultimate Reconnaissance Toolkit for Offensive Recon Operations
https://www.darknet.org.uk/2025/07/argus-ultimate-reconnaissance-toolkit-for-offensive-recon-operations/
Revisiting UNC3886 Tactics to Defend Against Present Risk
https://www.trendmicro.com/en_us/research/25/g/revisiting-unc3886-tactics-to-defend-against-present-risk.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Microsoft SharePoint Zero-Day - Schneier on Security
Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint…
Top Security News for Today
Attacking GenAI applications and LLMs – Sometimes all it takes is to ask nicely!
https://security.humanativaspa.it/attacking-genai-applications-and-llms-sometimes-all-it-takes-is-to-ask-nicely/
Gunra Ransomware Group Unveils Efficient Linux Variant
https://www.trendmicro.com/en_us/research/25/g/gunra-ransomware-linux-variant.html
Aeroflot Hacked
https://www.schneier.com/blog/archives/2025/07/aeroflot-hacked.html
Google Gemini AI CLI Hijack - Code Execution Through Deception
https://www.reddit.com/r/netsec/comments/1mc5pdm/google_gemini_ai_cli_hijack_code_execution/
Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms
https://www.reddit.com/r/netsec/comments/1mc5t7b/struts_devmode_in_2025_critical_preauth/
Orange, France’s largest telecoms company, hit by cyberattack
https://therecord.media/orange-telecom-france-cyberattack
Scattered Spider is targeting victims' Snowflake data storage for quick exfiltration
https://therecord.media/scattered-spider-targeting-snowflake-access-data-exfiltration
Minnesota governor activates National Guard after cyberattack on state capital
https://therecord.media/minnesota-governor-activates-national-guard-st-paul-cyber-attack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Attacking GenAI applications and LLMs – Sometimes all it takes is to ask nicely!
https://security.humanativaspa.it/attacking-genai-applications-and-llms-sometimes-all-it-takes-is-to-ask-nicely/
Gunra Ransomware Group Unveils Efficient Linux Variant
https://www.trendmicro.com/en_us/research/25/g/gunra-ransomware-linux-variant.html
Aeroflot Hacked
https://www.schneier.com/blog/archives/2025/07/aeroflot-hacked.html
Google Gemini AI CLI Hijack - Code Execution Through Deception
https://www.reddit.com/r/netsec/comments/1mc5pdm/google_gemini_ai_cli_hijack_code_execution/
Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms
https://www.reddit.com/r/netsec/comments/1mc5t7b/struts_devmode_in_2025_critical_preauth/
Orange, France’s largest telecoms company, hit by cyberattack
https://therecord.media/orange-telecom-france-cyberattack
Scattered Spider is targeting victims' Snowflake data storage for quick exfiltration
https://therecord.media/scattered-spider-targeting-snowflake-access-data-exfiltration
Minnesota governor activates National Guard after cyberattack on state capital
https://therecord.media/minnesota-governor-activates-national-guard-st-paul-cyber-attack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
HN Security
HN Security Attacking GenAI applications and LLMs - Sometimes all it takes is to ask nicely!
Real-world attack examples against GenAI and LLMs, highlighting attack techniques and often-overlooked security risks.
Top Security News for Today
Leveraging OSINT from the Dark Web – A Practical How-To
https://www.darknet.org.uk/2025/07/leveraging-osint-from-the-dark-web-a-practical-how-to/
Decryptor released for FunkSec ransomware; Avast works with law enforcement to help victims
https://therecord.media/funksec-ransomware-decryptor-avast
Palo Alto Networks to acquire identity security provider CyberArk in $25 billion deal
https://therecord.media/palo-alto-networks-cyberark-acquisition
Cyberattack shuts down hundreds of Russian pharmacies, disrupts healthcare services
https://therecord.media/cyberattack-shuts-down-russian-pharmacies
IBM: Average cost of a data breach in US shoots to record $10 million
https://therecord.media/ibm-data-breach-report-us-losses
Russia blocks popular US-made internet speed test tool over national security concerns
https://therecord.media/russia-bans-speedtest-ookla
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Leveraging OSINT from the Dark Web – A Practical How-To
https://www.darknet.org.uk/2025/07/leveraging-osint-from-the-dark-web-a-practical-how-to/
Decryptor released for FunkSec ransomware; Avast works with law enforcement to help victims
https://therecord.media/funksec-ransomware-decryptor-avast
Palo Alto Networks to acquire identity security provider CyberArk in $25 billion deal
https://therecord.media/palo-alto-networks-cyberark-acquisition
Cyberattack shuts down hundreds of Russian pharmacies, disrupts healthcare services
https://therecord.media/cyberattack-shuts-down-russian-pharmacies
IBM: Average cost of a data breach in US shoots to record $10 million
https://therecord.media/ibm-data-breach-report-us-losses
Russia blocks popular US-made internet speed test tool over national security concerns
https://therecord.media/russia-bans-speedtest-ookla
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
Leveraging OSINT from the Dark Web - A Practical How-To
Learn how to gather dark web OSINT using tools like DarkSearch, SpiderFoot, and Maltego. Practical tactics for verifying leaked data and actor chatter.
Top Security News for Today
Engineered to Fail: The DNA of Negligent Cyber Defenses
https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
https://www.microsoft.com/en-us/security/blog/2025/07/31/frozen-in-transit-secret-blizzards-aitm-campaign-against-diplomats/
CISA unveils free Thorium malware analysis platform
https://therecord.media/cisa-unveils-free-malware-analysis-tool
Espionage costing Australia $8 billion each year, warns intelligence chief
https://therecord.media/espionage-costing-australia-8-billion
North Korean hackers targeting open-source repositories in new espionage campaign
https://therecord.media/north-korean-hackers-targeting-open-source-repositories
The State of Ransomware – Q2 2025
https://research.checkpoint.com/2025/the-state-of-ransomware-q2-2025/
Cheating on Quantum Computing Benchmarks
https://www.schneier.com/blog/archives/2025/07/cheating-on-quantum-computing-benchmarks.html
Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations
https://research.checkpoint.com/2025/before-toolshell-exploring-storm-2603s-previous-ransomware-operations/
Biotech contractor settles for $9.8 million with DOJ over alleged cybersecurity lapses
https://therecord.media/illumina-false-claims-act-doj-cybersecurity-settlement
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Engineered to Fail: The DNA of Negligent Cyber Defenses
https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
https://www.microsoft.com/en-us/security/blog/2025/07/31/frozen-in-transit-secret-blizzards-aitm-campaign-against-diplomats/
CISA unveils free Thorium malware analysis platform
https://therecord.media/cisa-unveils-free-malware-analysis-tool
Espionage costing Australia $8 billion each year, warns intelligence chief
https://therecord.media/espionage-costing-australia-8-billion
North Korean hackers targeting open-source repositories in new espionage campaign
https://therecord.media/north-korean-hackers-targeting-open-source-repositories
The State of Ransomware – Q2 2025
https://research.checkpoint.com/2025/the-state-of-ransomware-q2-2025/
Cheating on Quantum Computing Benchmarks
https://www.schneier.com/blog/archives/2025/07/cheating-on-quantum-computing-benchmarks.html
Before ToolShell: Exploring Storm-2603’s Previous Ransomware Operations
https://research.checkpoint.com/2025/before-toolshell-exploring-storm-2603s-previous-ransomware-operations/
Biotech contractor settles for $9.8 million with DOJ over alleged cybersecurity lapses
https://therecord.media/illumina-false-claims-act-doj-cybersecurity-settlement
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Medium
Engineered to Fail: The DNA of Negligent Cyber Defenses
Intro
Top Security News for Today
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
https://therecord.media/luxembourg-telecom-outage-reported-cyberattack-huawei-tech
Russia’s mobile internet shutdowns hit record high amid Ukrainian drone attacks
https://therecord.media/russia-mobile-internet-shutdowns-record
Spying on People Through Airportr Luggage Delivery Service
https://www.schneier.com/blog/archives/2025/08/spying-on-people-through-airportr-luggage-delivery-service.html
Flo settles class action lawsuit alleging improper data sharing
https://therecord.media/flo-app-settlement-class-action-suit-data-sharing-meta
Hackers leak purported Aeroflot data as Russia denies breach
https://therecord.media/hackers-leak-purported-aeroflot-data
EU preps biometric checks for foreign visitors
https://therecord.media/eu-preps-biometric-checks-travel
It opened the free, online, practical 'Introduction to Security' class from the Czech Technical University.
https://www.reddit.com/r/netsec/comments/1mf29r9/it_opened_the_free_online_practical_introduction/
What the Top 20 OSS Vulnerabilities Reveal About the Real Challenges in Security Governance
https://www.reddit.com/r/netsec/comments/1mfh9ol/what_the_top_20_oss_vulnerabilities_reveal_about/
Friday Squid Blogging: A Case of Squid Fossil Misidentification
https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-a-case-of-squid-fossil-misidentification.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
https://therecord.media/luxembourg-telecom-outage-reported-cyberattack-huawei-tech
Russia’s mobile internet shutdowns hit record high amid Ukrainian drone attacks
https://therecord.media/russia-mobile-internet-shutdowns-record
Spying on People Through Airportr Luggage Delivery Service
https://www.schneier.com/blog/archives/2025/08/spying-on-people-through-airportr-luggage-delivery-service.html
Flo settles class action lawsuit alleging improper data sharing
https://therecord.media/flo-app-settlement-class-action-suit-data-sharing-meta
Hackers leak purported Aeroflot data as Russia denies breach
https://therecord.media/hackers-leak-purported-aeroflot-data
EU preps biometric checks for foreign visitors
https://therecord.media/eu-preps-biometric-checks-travel
It opened the free, online, practical 'Introduction to Security' class from the Czech Technical University.
https://www.reddit.com/r/netsec/comments/1mf29r9/it_opened_the_free_online_practical_introduction/
What the Top 20 OSS Vulnerabilities Reveal About the Real Challenges in Security Governance
https://www.reddit.com/r/netsec/comments/1mfh9ol/what_the_top_20_oss_vulnerabilities_reveal_about/
Friday Squid Blogging: A Case of Squid Fossil Misidentification
https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-a-case-of-squid-fossil-misidentification.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Luxembourg probes reported attack on Huawei tech that caused nationwide telecoms outage
Authorities in Luxembourg said a nationwide telecommunications outage in July was caused by a deliberately disruptive cyberattack. Huawei networking products were reportedly the target.
Top Security News for Today
Forced to give your password? Here is the solution.
https://www.reddit.com/r/netsec/comments/1mfnsvg/forced_to_give_your_password_here_is_the_solution/
Be patient and keep it simple.
https://www.reddit.com/r/netsec/comments/1mftecp/be_patient_and_keep_it_simple/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Forced to give your password? Here is the solution.
https://www.reddit.com/r/netsec/comments/1mfnsvg/forced_to_give_your_password_here_is_the_solution/
Be patient and keep it simple.
https://www.reddit.com/r/netsec/comments/1mftecp/be_patient_and_keep_it_simple/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Forced to give your password? Here is the solution.
Posted by marcusfrex - 0 votes and 19 comments
Top Security News for Today
4th August – Threat Intelligence Report
https://research.checkpoint.com/2025/4th-august-threat-intelligence-report/
[Need Feedback] Bootloader → Long Mode in pure NASM (15 y.o self-taught dev, 370+ lines so far)
https://www.reddit.com/r/lowlevel/comments/1mghva6/need_feedback_bootloader_long_mode_in_pure_nasm/
PyRIT – AI-Powered Reconnaissance for Cloud Red Teaming
https://www.darknet.org.uk/2025/08/pyrit/
I designed a constant-free cryptographic hash function where entropy fully emerges from the input: Kaoru Hash (public blueprint with code and spec)
https://www.reddit.com/r/netsec/comments/1mh1j25/i_designed_a_constantfree_cryptographic_hash/
Building Bigraphs of the real world
https://arxiv.org/abs/2508.00003
Reasoning under uncertainty in the game of Cops and Robbers
https://arxiv.org/abs/2508.00004
ReVise: A Human-AI Interface for Incremental Algorithmic Recourse
https://arxiv.org/abs/2508.00002
Modelling Program Spaces in Program Synthesis with Constraints
https://arxiv.org/abs/2508.00005
Agent Network Protocol Technical White Paper
https://arxiv.org/abs/2508.00007
Git Context Controller: Manage the Context of LLM-based Agents like Git
https://arxiv.org/abs/2508.00031
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
4th August – Threat Intelligence Report
https://research.checkpoint.com/2025/4th-august-threat-intelligence-report/
[Need Feedback] Bootloader → Long Mode in pure NASM (15 y.o self-taught dev, 370+ lines so far)
https://www.reddit.com/r/lowlevel/comments/1mghva6/need_feedback_bootloader_long_mode_in_pure_nasm/
PyRIT – AI-Powered Reconnaissance for Cloud Red Teaming
https://www.darknet.org.uk/2025/08/pyrit/
I designed a constant-free cryptographic hash function where entropy fully emerges from the input: Kaoru Hash (public blueprint with code and spec)
https://www.reddit.com/r/netsec/comments/1mh1j25/i_designed_a_constantfree_cryptographic_hash/
Building Bigraphs of the real world
https://arxiv.org/abs/2508.00003
Reasoning under uncertainty in the game of Cops and Robbers
https://arxiv.org/abs/2508.00004
ReVise: A Human-AI Interface for Incremental Algorithmic Recourse
https://arxiv.org/abs/2508.00002
Modelling Program Spaces in Program Synthesis with Constraints
https://arxiv.org/abs/2508.00005
Agent Network Protocol Technical White Paper
https://arxiv.org/abs/2508.00007
Git Context Controller: Manage the Context of LLM-based Agents like Git
https://arxiv.org/abs/2508.00031
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
4th August – Threat Intelligence Report - Check Point Research
For the latest discoveries in cyber research for the week of 4th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Russia’s largest airline Aeroflot has been attacked by pro-Ukrainian hacktivist groups, resulting in severe…
Top Security News for Today
Panel to create roadmap for establishing US Cyber Force
https://therecord.media/panel-to-create-roadmap-cyber-force
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
https://www.schneier.com/blog/archives/2025/08/first-sentencing-in-scheme-to-help-north-koreans-infiltrate-us-companies.html
Sean Cairncross confirmed as national cyber director
https://therecord.media/sean-cairncross-confirmed-oncd
Hacked Crimean servers reveal information about abducted children, Ukraine says
https://therecord.media/hacked-crimean-servers-abducted-children
Microsoft Entra Suite delivers 131% ROI by unifying identity and network access
https://www.microsoft.com/en-us/security/blog/2025/08/04/microsoft-entra-suite-delivers-131-roi-by-unifying-identity-and-network-access/
Jury ‘sends a message’ on app privacy in ruling against Meta
https://therecord.media/jury-verdict-meta-flo-app-data-privacy-case
SonicWall urges customers to take VPN devices offline after ransomware campaign
https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
Crypto ATMs fueling criminal activity, Treasury warns
https://therecord.media/crypto-atms-fueling-cybercrime
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Panel to create roadmap for establishing US Cyber Force
https://therecord.media/panel-to-create-roadmap-cyber-force
First Sentencing in Scheme to Help North Koreans Infiltrate US Companies
https://www.schneier.com/blog/archives/2025/08/first-sentencing-in-scheme-to-help-north-koreans-infiltrate-us-companies.html
Sean Cairncross confirmed as national cyber director
https://therecord.media/sean-cairncross-confirmed-oncd
Hacked Crimean servers reveal information about abducted children, Ukraine says
https://therecord.media/hacked-crimean-servers-abducted-children
Microsoft Entra Suite delivers 131% ROI by unifying identity and network access
https://www.microsoft.com/en-us/security/blog/2025/08/04/microsoft-entra-suite-delivers-131-roi-by-unifying-identity-and-network-access/
Jury ‘sends a message’ on app privacy in ruling against Meta
https://therecord.media/jury-verdict-meta-flo-app-data-privacy-case
SonicWall urges customers to take VPN devices offline after ransomware campaign
https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn
Crypto ATMs fueling criminal activity, Treasury warns
https://therecord.media/crypto-atms-fueling-cybercrime
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Panel to create roadmap for establishing US Cyber Force
The Commission on Cyber Force Generation will develop potential routes Congress and the White House could follow in creating a separate cyber service and aim to deliver them in time for next year’s must-pass national defense authorization act.
Top Security News for Today
Surveilling Your Children with AirTags
https://www.schneier.com/blog/archives/2025/08/surveilling_your_children_with_airtags.html
HTTP Request Smuggling Explained: with seasoned bug bounty hunter NahamSec and world-class researcher James Kettle
https://portswigger.net/blog/http-request-smuggling-explained-with-seasoned-bug-bounty-hunter-nahamsec-and-world-class-researcher-james-kettle
3 Custom VT-x Hypervisors in C – EPT Cloaking, CPUID/MSR Spoofing & VMX Control
https://www.reddit.com/r/lowlevel/comments/1mi5txt/3_custom_vtx_hypervisors_in_c_ept_cloaking/
Dutch Caribbean islands respond to cyberattacks on courts, tax departments
https://therecord.media/aruba-curacao-governments-cyberattacks
CVE-2025-54136 – MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass
https://research.checkpoint.com/2025/cursor-vulnerability-mcpoison/
Taiwan’s TSMC fires engineers over suspected theft of semiconductor secrets
https://therecord.media/tsmc-fires-engineers-over-semiconductor-secrets-theft
Vietnamese-speaking hackers appear to be running global data theft operation through Telegram
https://therecord.media/pxa-infostealer-telegram-bots-vietnamese-speaking-hackers
OdooMap - A Pentesting Tool for Odoo Applications
https://www.reddit.com/r/netsec/comments/1micsmu/odoomap_a_pentesting_tool_for_odoo_applications/
Elevate your protection with expanded Microsoft Defender Experts coverage
https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/elevate-your-protection-with-expanded-microsoft-defender-experts-coverage/4439134
Bipartisan Senate duo wants answers from UnitedHealth over Episource data breach
https://therecord.media/episource-data-breach-questions-senators-cassidy-hassan
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Surveilling Your Children with AirTags
https://www.schneier.com/blog/archives/2025/08/surveilling_your_children_with_airtags.html
HTTP Request Smuggling Explained: with seasoned bug bounty hunter NahamSec and world-class researcher James Kettle
https://portswigger.net/blog/http-request-smuggling-explained-with-seasoned-bug-bounty-hunter-nahamsec-and-world-class-researcher-james-kettle
3 Custom VT-x Hypervisors in C – EPT Cloaking, CPUID/MSR Spoofing & VMX Control
https://www.reddit.com/r/lowlevel/comments/1mi5txt/3_custom_vtx_hypervisors_in_c_ept_cloaking/
Dutch Caribbean islands respond to cyberattacks on courts, tax departments
https://therecord.media/aruba-curacao-governments-cyberattacks
CVE-2025-54136 – MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass
https://research.checkpoint.com/2025/cursor-vulnerability-mcpoison/
Taiwan’s TSMC fires engineers over suspected theft of semiconductor secrets
https://therecord.media/tsmc-fires-engineers-over-semiconductor-secrets-theft
Vietnamese-speaking hackers appear to be running global data theft operation through Telegram
https://therecord.media/pxa-infostealer-telegram-bots-vietnamese-speaking-hackers
OdooMap - A Pentesting Tool for Odoo Applications
https://www.reddit.com/r/netsec/comments/1micsmu/odoomap_a_pentesting_tool_for_odoo_applications/
Elevate your protection with expanded Microsoft Defender Experts coverage
https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/elevate-your-protection-with-expanded-microsoft-defender-experts-coverage/4439134
Bipartisan Senate duo wants answers from UnitedHealth over Episource data breach
https://therecord.media/episource-data-breach-questions-senators-cassidy-hassan
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Driver of destruction: How a legitimate driver is being used to take down AV processes
https://securelist.com/av-killer-exploiting-throttlestop-sys/117026/
Who Got Arrested in the Raid on the XSS Crime Forum?
https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/
British intelligence warns cyber threat to critical infrastructure is increasing
https://therecord.media/british-intel-cyber-threat-infrastructure
Hackers using fake summonses in attacks on Ukraine's defense sector
https://therecord.media/hackers-using-fake-summonses-ukraine
Ransomware-as-a-Service Economy – Trends, Targets & Takedowns
https://www.darknet.org.uk/2025/08/ransomware-as-a-service-economy-trends-targets-takedowns/
Sharing practical guidance: Launching Microsoft Secure Future Initiative (SFI) patterns and practices
https://www.microsoft.com/en-us/security/blog/2025/08/06/sharing-practical-guidance-launching-microsoft-secure-future-initiative-sfi-patterns-and-practices/
Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge
https://therecord.media/tornado-cash-money-laundering-conviction
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
https://therecord.media/automakers-data-privacy-ratings-websites-customer-portals
HTTP/1.1 Must Die: What This Means for AppSec Leadership
https://portswigger.net/blog/http-1-1-must-die-what-this-means-for-appsec-leadership
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Driver of destruction: How a legitimate driver is being used to take down AV processes
https://securelist.com/av-killer-exploiting-throttlestop-sys/117026/
Who Got Arrested in the Raid on the XSS Crime Forum?
https://krebsonsecurity.com/2025/08/who-got-arrested-in-the-raid-on-the-xss-crime-forum/
British intelligence warns cyber threat to critical infrastructure is increasing
https://therecord.media/british-intel-cyber-threat-infrastructure
Hackers using fake summonses in attacks on Ukraine's defense sector
https://therecord.media/hackers-using-fake-summonses-ukraine
Ransomware-as-a-Service Economy – Trends, Targets & Takedowns
https://www.darknet.org.uk/2025/08/ransomware-as-a-service-economy-trends-targets-takedowns/
Sharing practical guidance: Launching Microsoft Secure Future Initiative (SFI) patterns and practices
https://www.microsoft.com/en-us/security/blog/2025/08/06/sharing-practical-guidance-launching-microsoft-secure-future-initiative-sfi-patterns-and-practices/
Tornado Cash cofounder dodges money laundering conviction, found guilty of lesser charge
https://therecord.media/tornado-cash-money-laundering-conviction
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
https://therecord.media/automakers-data-privacy-ratings-websites-customer-portals
HTTP/1.1 Must Die: What This Means for AppSec Leadership
https://portswigger.net/blog/http-1-1-must-die-what-this-means-for-appsec-leadership
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
China Accuses Nvidia of Putting Backdoors into Their Chips
https://www.schneier.com/blog/archives/2025/08/china-accuses-nvidia-of-putting-backdoors-into-their-chips.html
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
https://therecord.media/bouygues-telecom-france-cyberattack-data-breach
CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability
https://therecord.media/microsoft-exchange-server-vulnerability-cisa-alert
Building a Cyber-Aware Workforce: Mexico's Push for Security Training
https://www.tripwire.com/state-of-security/building-cyber-aware-workforce-mexicos-push-security-training
Cracking the Vault: how we found zero-day flaws in authentication, identity, and authorization in HashiCorp Vault
https://www.reddit.com/r/netsec/comments/1mjzm7g/cracking_the_vault_how_we_found_zeroday_flaws_in/
Announcing public preview: Phishing triage agent in Microsoft Defender
https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/announcing-public-preview-phishing-triage-agent-in-microsoft-defender/4438301
We replaced passwords with something worse
https://www.reddit.com/r/netsec/comments/1mk9qsy/we_replaced_passwords_with_something_worse/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
China Accuses Nvidia of Putting Backdoors into Their Chips
https://www.schneier.com/blog/archives/2025/08/china-accuses-nvidia-of-putting-backdoors-into-their-chips.html
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
https://therecord.media/bouygues-telecom-france-cyberattack-data-breach
CISA, Microsoft issue alerts on ‘high-severity’ Exchange vulnerability
https://therecord.media/microsoft-exchange-server-vulnerability-cisa-alert
Building a Cyber-Aware Workforce: Mexico's Push for Security Training
https://www.tripwire.com/state-of-security/building-cyber-aware-workforce-mexicos-push-security-training
Cracking the Vault: how we found zero-day flaws in authentication, identity, and authorization in HashiCorp Vault
https://www.reddit.com/r/netsec/comments/1mjzm7g/cracking_the_vault_how_we_found_zeroday_flaws_in/
Announcing public preview: Phishing triage agent in Microsoft Defender
https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/announcing-public-preview-phishing-triage-agent-in-microsoft-defender/4438301
We replaced passwords with something worse
https://www.reddit.com/r/netsec/comments/1mk9qsy/we_replaced_passwords_with_something_worse/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
China Accuses Nvidia of Putting Backdoors into Their Chips - Schneier on Security
The government of China has accused Nvidia of inserting a backdoor into their H20 chips: China’s cyber regulator on Thursday said it had held a meeting with Nvidia over what it called “serious security issues” with the company’s artificial intelligence chips.…
Top Security News for Today
CISA pledges to continue backing CVE Program after April funding fiasco
https://therecord.media/cisa-pledges-support-cve-program-black-hat
Columbia University says hacker stole SSNs and other data of nearly 900,000
https://therecord.media/columbia-university-data-breach-cyberattack-notifications
North Korean cyber-espionage group ScarCruft adds ransomware in recent attack
https://therecord.media/scarcruft-north-korea-hackers-add-ransomware
Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks’
https://therecord.media/federal-judiciary-tightens-digital-security-escalated-cyberattack
EU law to protect journalists from spyware takes effect
https://therecord.media/eu-law-to-protect-journalists-from-spyware-takes-effect
Embargo ransomware gang has handled at least $34 million in about a year, report says
https://therecord.media/embargo-ransomware-gang-blackcat-alphv-successor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
CISA pledges to continue backing CVE Program after April funding fiasco
https://therecord.media/cisa-pledges-support-cve-program-black-hat
Columbia University says hacker stole SSNs and other data of nearly 900,000
https://therecord.media/columbia-university-data-breach-cyberattack-notifications
North Korean cyber-espionage group ScarCruft adds ransomware in recent attack
https://therecord.media/scarcruft-north-korea-hackers-add-ransomware
Federal judiciary tightens digital security as it deals with ‘escalated cyberattacks’
https://therecord.media/federal-judiciary-tightens-digital-security-escalated-cyberattack
EU law to protect journalists from spyware takes effect
https://therecord.media/eu-law-to-protect-journalists-from-spyware-takes-effect
Embargo ransomware gang has handled at least $34 million in about a year, report says
https://therecord.media/embargo-ransomware-gang-blackcat-alphv-successor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
CISA pledges to continue backing CVE Program after April funding fiasco
Federal officials told an audience at the Black Hat conference that the Trump administration fully supports and wants to improve the CVE Program, which is heavily used to track and share cybersecurity vulnerabilities.
Top Security News for Today
Advancing Multi-Organ Disease Care: A Hierarchical Multi-Agent Reinforcement Learning Framework
https://arxiv.org/abs/2409.04224
Vulnerability Management Program - How to implement SLA and its processes
https://www.reddit.com/r/netsec/comments/1mls6sj/vulnerability_management_program_how_to_implement/
Pentest Trick: Out of sight, out of mind with Windows Long File Names
https://www.reddit.com/r/netsec/comments/1mm72n1/pentest_trick_out_of_sight_out_of_mind_with/
OMEN Improvements
https://reusablesec.blogspot.com/2025/08/omen-improvements.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Advancing Multi-Organ Disease Care: A Hierarchical Multi-Agent Reinforcement Learning Framework
https://arxiv.org/abs/2409.04224
Vulnerability Management Program - How to implement SLA and its processes
https://www.reddit.com/r/netsec/comments/1mls6sj/vulnerability_management_program_how_to_implement/
Pentest Trick: Out of sight, out of mind with Windows Long File Names
https://www.reddit.com/r/netsec/comments/1mm72n1/pentest_trick_out_of_sight_out_of_mind_with/
OMEN Improvements
https://reusablesec.blogspot.com/2025/08/omen-improvements.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Advancing Multi-Organ Disease Care: A Hierarchical Multi-Agent...
In healthcare, multi-organ system diseases pose unique and significant challenges as they impact multiple physiological systems concurrently, demanding complex and coordinated treatment...
Top Security News for Today
XSSHunter Express – Self-Hosted Blind XSS Payload Capture and Analysis
https://www.darknet.org.uk/2025/08/xsshunter-express-self-hosted-blind-xss-payload-capture-and-analysis/
Next-Level Fingerprinting: Tools, Logic, and Tactics
https://bishopfox.com/blog/next-level-fingerprinting-tools-logic-and-tactics
Automated Visualization Makeovers with LLMs
https://arxiv.org/abs/2508.05637
Request-Only Optimization for Recommendation Systems
https://arxiv.org/abs/2508.05640
A Humanoid Social Robot as a Teaching Assistant in the Classroom
https://arxiv.org/abs/2508.05646
Query-Aware Graph Neural Networks for Enhanced Retrieval-Augmented Generation
https://arxiv.org/abs/2508.05647
AquiLLM: a RAG Tool for Capturing Tacit Knowledge in Research Groups
https://arxiv.org/abs/2508.05648
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
XSSHunter Express – Self-Hosted Blind XSS Payload Capture and Analysis
https://www.darknet.org.uk/2025/08/xsshunter-express-self-hosted-blind-xss-payload-capture-and-analysis/
Next-Level Fingerprinting: Tools, Logic, and Tactics
https://bishopfox.com/blog/next-level-fingerprinting-tools-logic-and-tactics
Automated Visualization Makeovers with LLMs
https://arxiv.org/abs/2508.05637
Request-Only Optimization for Recommendation Systems
https://arxiv.org/abs/2508.05640
A Humanoid Social Robot as a Teaching Assistant in the Classroom
https://arxiv.org/abs/2508.05646
Query-Aware Graph Neural Networks for Enhanced Retrieval-Augmented Generation
https://arxiv.org/abs/2508.05647
AquiLLM: a RAG Tool for Capturing Tacit Knowledge in Research Groups
https://arxiv.org/abs/2508.05648
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
xsshunter-express - Self-Hosted Blind XSS Payload Capture and Analysis
Self-hosted blind XSS hunter via Docker. Deploy xsshunter‑express in five minutes to capture stealthy XSS payloads with screenshots, DOM dumps, and full context.
Top Security News for Today
Automatic License Plate Readers Are Coming to Schools
https://www.schneier.com/blog/archives/2025/08/automatic-license-plate-readers-are-coming-to-schools.html
Building an Autonomous AI Pentester: What Worked, What Didn’t, and Why It Matters
https://www.reddit.com/r/netsec/comments/1mnaugi/building_an_autonomous_ai_pentester_what_worked/
11th August – Threat Intelligence Report
https://research.checkpoint.com/2025/11th-august-threat-intelligence-report/
Wikipedia’s operator loses challenge to UK Online Safety Act rules
https://therecord.media/wikipedia-loses-challenge-online-safety-act-uk
Finland charges captain of suspected Russian ‘shadow fleet’ tanker for subsea cable damage
https://therecord.media/finland-charges-captain-russia-ghost-fleet-undersea-cable
Two groups exploit WinRAR flaws in separate cyber-espionage campaigns
https://therecord.media/winrar-zero-day-exploited-romcom-paper-werewolf-goffee-hackers
Romance scam suspects extradited from Ghana, charged with more than $100 million in thefts
https://therecord.media/ghana-romance-scams-bec-suspects-extradited-us
Ransomware gang claims attack on St. Paul city government
https://therecord.media/ransomware-gang-behind-minnesota-attack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Automatic License Plate Readers Are Coming to Schools
https://www.schneier.com/blog/archives/2025/08/automatic-license-plate-readers-are-coming-to-schools.html
Building an Autonomous AI Pentester: What Worked, What Didn’t, and Why It Matters
https://www.reddit.com/r/netsec/comments/1mnaugi/building_an_autonomous_ai_pentester_what_worked/
11th August – Threat Intelligence Report
https://research.checkpoint.com/2025/11th-august-threat-intelligence-report/
Wikipedia’s operator loses challenge to UK Online Safety Act rules
https://therecord.media/wikipedia-loses-challenge-online-safety-act-uk
Finland charges captain of suspected Russian ‘shadow fleet’ tanker for subsea cable damage
https://therecord.media/finland-charges-captain-russia-ghost-fleet-undersea-cable
Two groups exploit WinRAR flaws in separate cyber-espionage campaigns
https://therecord.media/winrar-zero-day-exploited-romcom-paper-werewolf-goffee-hackers
Romance scam suspects extradited from Ghana, charged with more than $100 million in thefts
https://therecord.media/ghana-romance-scams-bec-suspects-extradited-us
Ransomware gang claims attack on St. Paul city government
https://therecord.media/ransomware-gang-behind-minnesota-attack
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Automatic License Plate Readers Are Coming to Schools - Schneier on Security
Fears around children is opening up a new market for automatic license place readers.