Top Security News for Today
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msre41/how_exposed_teslamate_instances_leak_sensitive/
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msrpi6/how_exposed_teslamate_instances_leak_sensitive/
LostMyPassword – Dual Use Password Recovery and Credential Dumping Tool
https://www.darknet.org.uk/2025/08/lostmypassword-dual-use-password-recovery-and-credential-dumping-tool/
Securing Agentic AI: Threat Modeling and Risk Analysis for Network Monitoring Agentic AI System
https://securelist.com/pipemagic/117270/
A Rose by Any Other Name Would Smell as Sweet: Categorical Homotopy Theory for Large Language Models
https://arxiv.org/abs/2508.10043
A2HCoder: An LLM-Driven Coding Agent for Hierarchical Algorithm-to-HDL Translation
https://arxiv.org/abs/2508.10903
PersonaTwin: A Multi-Tier Prompt Conditioning Framework for Generating and Evaluating Personalized Digital Twins
https://arxiv.org/abs/2508.10904
Uncovering Latent Connections in Indigenous Heritage: Semantic Pipelines for Cultural Preservation in Brazil
https://arxiv.org/abs/2508.10906
Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824
https://arxiv.org/abs/2508.10911
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msre41/how_exposed_teslamate_instances_leak_sensitive/
How Exposed TeslaMate Instances Leak Sensitive Tesla Data
https://www.reddit.com/r/netsec/comments/1msrpi6/how_exposed_teslamate_instances_leak_sensitive/
LostMyPassword – Dual Use Password Recovery and Credential Dumping Tool
https://www.darknet.org.uk/2025/08/lostmypassword-dual-use-password-recovery-and-credential-dumping-tool/
Securing Agentic AI: Threat Modeling and Risk Analysis for Network Monitoring Agentic AI System
https://securelist.com/pipemagic/117270/
A Rose by Any Other Name Would Smell as Sweet: Categorical Homotopy Theory for Large Language Models
https://arxiv.org/abs/2508.10043
A2HCoder: An LLM-Driven Coding Agent for Hierarchical Algorithm-to-HDL Translation
https://arxiv.org/abs/2508.10903
PersonaTwin: A Multi-Tier Prompt Conditioning Framework for Generating and Evaluating Personalized Digital Twins
https://arxiv.org/abs/2508.10904
Uncovering Latent Connections in Indigenous Heritage: Semantic Pipelines for Cultural Preservation in Brazil
https://arxiv.org/abs/2508.10906
Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824
https://arxiv.org/abs/2508.10911
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: How Exposed TeslaMate Instances Leak Sensitive Tesla Data
Explore this post and more from the netsec community
Top Security News for Today
Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition
https://www.tripwire.com/state-of-security/plagued-cyberattacks-indian-healthcare-sector-critical-condition
Eavesdropping on Phone Conversations Through Vibrations
https://www.schneier.com/blog/archives/2025/08/eavesdropping-on-phone-conversations-through-vibrations.html
Workday hit by social engineering data breach targeting its CRM platform
https://therecord.media/workday-social-engineering-data-breach
Intel Outside: Hacking every Intel employee and various internal websites
https://www.reddit.com/r/netsec/comments/1mtnqme/intel_outside_hacking_every_intel_employee_and/
Cryptomining group Kinsing expands operations to Russia, researchers warn
https://therecord.media/cryptomining-group-kinsing-hits-russia
“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development
https://www.reddit.com/r/netsec/comments/1mtpvuu/vibe_hacking_abusing_developer_trust_in_cursor/
Casino gaming company Bragg says hackers accessed ‘internal computer environment’
https://therecord.media/casino-gaming-company-cyber-incident-bragg
Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft
https://therecord.media/ransomware-gang-masking-pipemagic-backdoor
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/
CTF stats, mobile wallet attacks & magstripe demos – Payment Village @ DEF CON 33
https://www.reddit.com/r/netsec/comments/1mtw68x/ctf_stats_mobile_wallet_attacks_magstripe_demos/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition
https://www.tripwire.com/state-of-security/plagued-cyberattacks-indian-healthcare-sector-critical-condition
Eavesdropping on Phone Conversations Through Vibrations
https://www.schneier.com/blog/archives/2025/08/eavesdropping-on-phone-conversations-through-vibrations.html
Workday hit by social engineering data breach targeting its CRM platform
https://therecord.media/workday-social-engineering-data-breach
Intel Outside: Hacking every Intel employee and various internal websites
https://www.reddit.com/r/netsec/comments/1mtnqme/intel_outside_hacking_every_intel_employee_and/
Cryptomining group Kinsing expands operations to Russia, researchers warn
https://therecord.media/cryptomining-group-kinsing-hits-russia
“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development
https://www.reddit.com/r/netsec/comments/1mtpvuu/vibe_hacking_abusing_developer_trust_in_cursor/
Casino gaming company Bragg says hackers accessed ‘internal computer environment’
https://therecord.media/casino-gaming-company-cyber-incident-bragg
Ransomware gang masking PipeMagic backdoor as ChatGPT desktop app: Microsoft
https://therecord.media/ransomware-gang-masking-pipemagic-backdoor
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/
CTF stats, mobile wallet attacks & magstripe demos – Payment Village @ DEF CON 33
https://www.reddit.com/r/netsec/comments/1mtw68x/ctf_stats_mobile_wallet_attacks_magstripe_demos/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Tripwire
Plagued by Cyberattacks: Indian Healthcare Sector in Critical Condition
India’s healthcare sector faces 8,600+ weekly cyberattacks. Explore the risks, real-world impact, and defense strategies.
Top Security News for Today
GodRAT – New RAT targeting financial institutions
https://securelist.com/godrat/117119/
Zero-Day Exploit in WinRAR File
https://www.schneier.com/blog/archives/2025/08/zero-day-exploit-in-winrar-file.html
UK ‘agrees to drop’ demand over Apple iCloud encryption
https://therecord.media/uk-agrees-drop-apple-encryption
Drug development company Inotiv reports ransomware attack to SEC
https://therecord.media/drug-development-innotiv-ransomware-sec
North Korea-linked hackers target embassies in Seoul in new espionage campaign
https://therecord.media/north-korean-hackers-target-foreign-embassies
Business Council of New York State says nearly 50,000 had data leaked in February cyberattack
https://therecord.media/new-york-business-council-data-breach
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories
https://www.reddit.com/r/netsec/comments/1mumb6z/how_we_exploited_coderabbit_from_a_simple_pr_to/
Trivial C# Random Exploitation
https://www.reddit.com/r/netsec/comments/1muf1om/trivial_c_random_exploitation/
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/
Darknet Communications in 2025 – From IRC Forums to Telegram Crime Networks
https://www.darknet.org.uk/2025/08/darknet-communications-in-2025-from-irc-forums-to-telegram-crime-networks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
GodRAT – New RAT targeting financial institutions
https://securelist.com/godrat/117119/
Zero-Day Exploit in WinRAR File
https://www.schneier.com/blog/archives/2025/08/zero-day-exploit-in-winrar-file.html
UK ‘agrees to drop’ demand over Apple iCloud encryption
https://therecord.media/uk-agrees-drop-apple-encryption
Drug development company Inotiv reports ransomware attack to SEC
https://therecord.media/drug-development-innotiv-ransomware-sec
North Korea-linked hackers target embassies in Seoul in new espionage campaign
https://therecord.media/north-korean-hackers-target-foreign-embassies
Business Council of New York State says nearly 50,000 had data leaked in February cyberattack
https://therecord.media/new-york-business-council-data-breach
How We Exploited CodeRabbit: From a Simple PR to RCE and Write Access on 1M Repositories
https://www.reddit.com/r/netsec/comments/1mumb6z/how_we_exploited_coderabbit_from_a_simple_pr_to/
Trivial C# Random Exploitation
https://www.reddit.com/r/netsec/comments/1muf1om/trivial_c_random_exploitation/
Oregon Man Charged in ‘Rapper Bot’ DDoS Service
https://krebsonsecurity.com/2025/08/oregon-man-charged-in-rapper-bot-ddos-service/
Darknet Communications in 2025 – From IRC Forums to Telegram Crime Networks
https://www.darknet.org.uk/2025/08/darknet-communications-in-2025-from-irc-forums-to-telegram-crime-networks/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Top Security News for Today
Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault - watchTowr Labs
https://arxiv.org/abs/2508.13214
Subverting AIOps Systems Through Poisoned Input Data
https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html
NATO's Cybersecurity Spending Proposals’ Impact on the Industry
https://www.tripwire.com/state-of-security/natos-cybersecurity-spending-proposals-impact-industry
At least three UK organizations hit by SharePoint zero-day hacking campaign
https://therecord.media/organizations-united-kingdom/sharepoint
Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000
Russian investment platform confirms cyberattack by pro-Ukraine hackers
https://therecord.media/russia-cyberattack-investment-platform-ukraine
Feds charge administrator of ‘sophisticated’ DDoS-for-hire botnet
https://therecord.media/feds-charge-botnet-admin
Engineered to Fail: The DNA of Negligent Defenses Operations
https://www.reddit.com/r/netsec/comments/1mvijcg/engineered_to_fail_the_dna_of_negligent_defenses/
Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware
https://www.trendmicro.com/en_us/research/25/h/warlock-ransomware.html
Google Unveils Enhanced Tools to Empower Defenders and Safeguard AI Progress
https://www.reddit.com/r/netsec/comments/1mvpbds/google_unveils_enhanced_tools_to_empower/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Guess Who Would Be Stupid Enough To Rob The Same Vault Twice? Pre-Auth RCE Chains in Commvault - watchTowr Labs
https://arxiv.org/abs/2508.13214
Subverting AIOps Systems Through Poisoned Input Data
https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html
NATO's Cybersecurity Spending Proposals’ Impact on the Industry
https://www.tripwire.com/state-of-security/natos-cybersecurity-spending-proposals-impact-industry
At least three UK organizations hit by SharePoint zero-day hacking campaign
https://therecord.media/organizations-united-kingdom/sharepoint
Major Belgian telecom firm says cyberattack compromised data on 850,000 accounts
https://therecord.media/belgian-telecom-says-cyberattack-compromised-data-on-850000
Russian investment platform confirms cyberattack by pro-Ukraine hackers
https://therecord.media/russia-cyberattack-investment-platform-ukraine
Feds charge administrator of ‘sophisticated’ DDoS-for-hire botnet
https://therecord.media/feds-charge-botnet-admin
Engineered to Fail: The DNA of Negligent Defenses Operations
https://www.reddit.com/r/netsec/comments/1mvijcg/engineered_to_fail_the_dna_of_negligent_defenses/
Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware
https://www.trendmicro.com/en_us/research/25/h/warlock-ransomware.html
Google Unveils Enhanced Tools to Empower Defenders and Safeguard AI Progress
https://www.reddit.com/r/netsec/comments/1mvpbds/google_unveils_enhanced_tools_to_empower/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
arXiv.org
Too Easily Fooled? Prompt Injection Breaks LLMs on Frustratingly...
Large Language Models (LLMs) have recently demonstrated strong emergent abilities in complex reasoning and zero-shot generalization, showing unprecedented potential for LLM-as-a-judge applications...
Top Security News for Today
We Put Agentic AI Browsers to the Test - They Clicked, They Paid, They Failed
https://www.reddit.com/r/netsec/comments/1mw4dn9/we_put_agentic_ai_browsers_to_the_test_they/
Jim Sanborn Is Auctioning Off the Solution to Part Four of the Kryptos Sculpture
https://www.schneier.com/blog/archives/2025/08/jim-sanborn-is-auctioning-off-the-solution-to-part-four-of-the-kryptos-sculpture.html
Scattered Spider affiliate given 10 year sentence, ordered to pay $13 million in restitution
https://therecord.media/scattered-spider-affiliate-sentenced-10-years
Azure's Weakest Link - Full Cross-Tenant Compromise
https://www.reddit.com/r/netsec/comments/1mwbimu/azures_weakest_link_full_crosstenant_compromise/
AI can be used to create working exploits for published CVEs in a few minutes and for a few dollars
https://www.reddit.com/r/netsec/comments/1mwfks2/ai_can_be_used_to_create_working_exploits_for/
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074)
https://www.reddit.com/r/netsec/comments/1mwhisp/when_a_ssrf_is_enough_full_docker_escape_on/
Think before you Click(Fix): Analyzing the ClickFix social engineering technique
https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/
Quantum-safe security: Progress towards next-generation cryptography
https://www.microsoft.com/en-us/security/blog/2025/08/20/quantum-safe-security-progress-towards-next-generation-cryptography/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
We Put Agentic AI Browsers to the Test - They Clicked, They Paid, They Failed
https://www.reddit.com/r/netsec/comments/1mw4dn9/we_put_agentic_ai_browsers_to_the_test_they/
Jim Sanborn Is Auctioning Off the Solution to Part Four of the Kryptos Sculpture
https://www.schneier.com/blog/archives/2025/08/jim-sanborn-is-auctioning-off-the-solution-to-part-four-of-the-kryptos-sculpture.html
Scattered Spider affiliate given 10 year sentence, ordered to pay $13 million in restitution
https://therecord.media/scattered-spider-affiliate-sentenced-10-years
Azure's Weakest Link - Full Cross-Tenant Compromise
https://www.reddit.com/r/netsec/comments/1mwbimu/azures_weakest_link_full_crosstenant_compromise/
AI can be used to create working exploits for published CVEs in a few minutes and for a few dollars
https://www.reddit.com/r/netsec/comments/1mwfks2/ai_can_be_used_to_create_working_exploits_for/
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074)
https://www.reddit.com/r/netsec/comments/1mwhisp/when_a_ssrf_is_enough_full_docker_escape_on/
Think before you Click(Fix): Analyzing the ClickFix social engineering technique
https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/
Quantum-safe security: Progress towards next-generation cryptography
https://www.microsoft.com/en-us/security/blog/2025/08/20/quantum-safe-security-progress-towards-next-generation-cryptography/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: We Put Agentic AI Browsers to the Test - They Clicked, They Paid, They Failed
Explore this post and more from the netsec community
Top Security News for Today
Engineered to Fail: The DNA of Negligent Cyber Defenses
https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Chinese national who sabotaged Ohio company’s systems handed four-year jail stint
https://therecord.media/chinese-national-sentenced-prison
CISA warns of Apple zero-day used in targeted cyberattacks
https://therecord.media/cisa-warns-of-apple-zero-day
Over 1,200 arrested in Africa-wide cybercrime crackdown, Interpol says
https://therecord.media/africa-interpol-cybercrime-crackdown
US warns tech companies against complying with European and British ‘censorship’ laws
https://therecord.media/tech-companies-ftc-censorship-laws
Electronics manufacturer Data I/O reports ransomware attack to SEC
https://therecord.media/electronics-manufacturer-dataio-ransomware
ChromeAlone – Chromium Browser C2 Implant for Red Team Operations
https://www.darknet.org.uk/2025/08/chromealone-chromium-browser-c2-implant-for-red-team-operations/
Silent Harvest: Extracting Windows Secrets Under the Radar
https://www.reddit.com/r/netsec/comments/1mxcig6/silent_harvest_extracting_windows_secrets_under/
Leadership, Innovation, and the Future of AI: Lessons from Trend Micro CEO & Co-Founder Eva Chen
https://www.trendmicro.com/en_us/research/25/h/eva-chen-future-of-ai.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Engineered to Fail: The DNA of Negligent Cyber Defenses
https://reporter.deepspecter.com/engineered-to-fail-the-dna-of-negligent-cyber-defenses-22466a034b28
Chinese national who sabotaged Ohio company’s systems handed four-year jail stint
https://therecord.media/chinese-national-sentenced-prison
CISA warns of Apple zero-day used in targeted cyberattacks
https://therecord.media/cisa-warns-of-apple-zero-day
Over 1,200 arrested in Africa-wide cybercrime crackdown, Interpol says
https://therecord.media/africa-interpol-cybercrime-crackdown
US warns tech companies against complying with European and British ‘censorship’ laws
https://therecord.media/tech-companies-ftc-censorship-laws
Electronics manufacturer Data I/O reports ransomware attack to SEC
https://therecord.media/electronics-manufacturer-dataio-ransomware
ChromeAlone – Chromium Browser C2 Implant for Red Team Operations
https://www.darknet.org.uk/2025/08/chromealone-chromium-browser-c2-implant-for-red-team-operations/
Silent Harvest: Extracting Windows Secrets Under the Radar
https://www.reddit.com/r/netsec/comments/1mxcig6/silent_harvest_extracting_windows_secrets_under/
Leadership, Innovation, and the Future of AI: Lessons from Trend Micro CEO & Co-Founder Eva Chen
https://www.trendmicro.com/en_us/research/25/h/eva-chen-future-of-ai.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Medium
Engineered to Fail: The DNA of Negligent Cyber Defenses
Intro
Top Security News for Today
Countering EDRs With The Backing Of Protected Process Light (PPL)
https://www.reddit.com/r/netsec/comments/1mxwfg1/countering_edrs_with_the_backing_of_protected/
New Algorithm Detects Active Hacking Groups Targeting Companies
https://www.reddit.com/r/netsec/comments/1mxymaf/new_algorithm_detects_active_hacking_groups/
VibeCoding VPN Deployment
https://www.reddit.com/r/netsec/comments/1my7486/vibecoding_vpn_deployment/
New Gmail Phishing Scam Uses AI-Style Prompt Injection to Evade Detection
https://www.reddit.com/r/netsec/comments/1myccmq/new_gmail_phishing_scam_uses_aistyle_prompt/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Countering EDRs With The Backing Of Protected Process Light (PPL)
https://www.reddit.com/r/netsec/comments/1mxwfg1/countering_edrs_with_the_backing_of_protected/
New Algorithm Detects Active Hacking Groups Targeting Companies
https://www.reddit.com/r/netsec/comments/1mxymaf/new_algorithm_detects_active_hacking_groups/
VibeCoding VPN Deployment
https://www.reddit.com/r/netsec/comments/1my7486/vibecoding_vpn_deployment/
New Gmail Phishing Scam Uses AI-Style Prompt Injection to Evade Detection
https://www.reddit.com/r/netsec/comments/1myccmq/new_gmail_phishing_scam_uses_aistyle_prompt/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Countering EDRs With The Backing Of Protected Process Light (PPL)
Explore this post and more from the netsec community
Top Security News for Today
AzureStrike – Offensive Toolkit for Attacking Azure Active Directory Environments
https://www.darknet.org.uk/2025/08/azurestrike-offensive-toolkit-for-attacking-azure-active-directory-environments/
Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain
https://arxiv.org/abs/2508.15776
Harmonious Color Pairings: Insights from Human Preference and Natural Hue Statistics
https://arxiv.org/abs/2508.15777
Towards Stealthy and Effective Backdoor Attacks on Lane Detection: A Naturalistic Data Poisoning Approach
https://arxiv.org/abs/2508.15778
Observer-Free Sliding Mode Control via Structured Decomposition: a Smooth and Bounded Control Framework
https://arxiv.org/abs/2508.15787
VR Fire safety training application
https://arxiv.org/abs/2508.15788
Tracking malicious code execution in Python
https://www.reddit.com/r/netsec/comments/1mzk3l4/tracking_malicious_code_execution_in_python/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
AzureStrike – Offensive Toolkit for Attacking Azure Active Directory Environments
https://www.darknet.org.uk/2025/08/azurestrike-offensive-toolkit-for-attacking-azure-active-directory-environments/
Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain
https://arxiv.org/abs/2508.15776
Harmonious Color Pairings: Insights from Human Preference and Natural Hue Statistics
https://arxiv.org/abs/2508.15777
Towards Stealthy and Effective Backdoor Attacks on Lane Detection: A Naturalistic Data Poisoning Approach
https://arxiv.org/abs/2508.15778
Observer-Free Sliding Mode Control via Structured Decomposition: a Smooth and Bounded Control Framework
https://arxiv.org/abs/2508.15787
VR Fire safety training application
https://arxiv.org/abs/2508.15788
Tracking malicious code execution in Python
https://www.reddit.com/r/netsec/comments/1mzk3l4/tracking_malicious_code_execution_in_python/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Darknet - Hacking Tools, Hacker News & Cyber Security
AzureStrike - Offensive Toolkit for Attacking Azure Active Directory Environments
AzureStrike is a red team toolkit for attacking Azure Active Directory, enabling reconnaissance, credential abuse, and persistence in cloud environments.
Top Security News for Today
Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’
https://therecord.media/wyden-probe-federal-judiciary-data-breaches
Maryland investigating cyberattack impacting transit service for disabled people
https://therecord.media/maryland-cyberattack-transit-disabled-people
South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities
https://therecord.media/south-korea-arrests-hacker-accused-of-targeting-celebrities-bts
Farmers Insurance says 1 million customers affected by cyberattack on third-party vendor
https://therecord.media/farmers-insurance-million-data-breach
Poor Password Choices
https://www.schneier.com/blog/archives/2025/08/poor-password-choices.html
Tracking malicious code execution in Python
https://www.reddit.com/r/netsec/comments/1mzk3l4/tracking_malicious_code_execution_in_python/
Vtenext 25.02: A three-way path to RCE
https://www.reddit.com/r/netsec/comments/1mzmrnp/vtenext_2502_a_threeway_path_to_rce/
Safeguarding VS Code against prompt injections
https://www.reddit.com/r/netsec/comments/1mzzh21/safeguarding_vs_code_against_prompt_injections/
Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain
https://arxiv.org/abs/2508.16579
DIAC ∞ 2: A Post-Quantum, P=NP-Resistant Cryptosystem
https://arxiv.org/abs/2508.15840
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’
https://therecord.media/wyden-probe-federal-judiciary-data-breaches
Maryland investigating cyberattack impacting transit service for disabled people
https://therecord.media/maryland-cyberattack-transit-disabled-people
South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities
https://therecord.media/south-korea-arrests-hacker-accused-of-targeting-celebrities-bts
Farmers Insurance says 1 million customers affected by cyberattack on third-party vendor
https://therecord.media/farmers-insurance-million-data-breach
Poor Password Choices
https://www.schneier.com/blog/archives/2025/08/poor-password-choices.html
Tracking malicious code execution in Python
https://www.reddit.com/r/netsec/comments/1mzk3l4/tracking_malicious_code_execution_in_python/
Vtenext 25.02: A three-way path to RCE
https://www.reddit.com/r/netsec/comments/1mzmrnp/vtenext_2502_a_threeway_path_to_rce/
Safeguarding VS Code against prompt injections
https://www.reddit.com/r/netsec/comments/1mzzh21/safeguarding_vs_code_against_prompt_injections/
Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain
https://arxiv.org/abs/2508.16579
DIAC ∞ 2: A Post-Quantum, P=NP-Resistant Cryptosystem
https://arxiv.org/abs/2508.15840
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’
Earlier this month court officials publicly acknowledged recent digital attacks “of a sophisticated and persistent nature on its case management system” had prompted them to boost their online defenses.
Top Security News for Today
Encryption Backdoor in Military/Police Radios
https://www.schneier.com/blog/archives/2025/08/encryption-backdoor-in-military-police-radios.html
ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies
https://research.checkpoint.com/2025/zipline-phishing-campaign/
Nevada state websites, phone lines knocked offline by cyberattack
https://therecord.media/nevada-state-websites-phones-cyberattack-disruption
MITRE Introduces AADAPT Framework to Combat Crypto-Focused Cyber Threats
https://www.tripwire.com/state-of-security/mitre-introduces-aadapt-framework-combat-crypto-focused-cyber-threats
Securing and governing the rise of autonomous agents
https://www.microsoft.com/en-us/security/blog/2025/08/26/securing-and-governing-the-rise-of-autonomous-agents/
Cybersecurity Workforce Trends in 2025 – Skills Gap, Diversity and SOC Readiness
https://www.darknet.org.uk/2025/08/cybersecurity-workforce-trends-in-2025-skills-gap-diversity-and-soc-readiness/
This House is Haunted: a decade old RCE in the AION client
https://www.reddit.com/r/netsec/comments/1n0q5h7/this_house_is_haunted_a_decade_old_rce_in_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Encryption Backdoor in Military/Police Radios
https://www.schneier.com/blog/archives/2025/08/encryption-backdoor-in-military-police-radios.html
ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies
https://research.checkpoint.com/2025/zipline-phishing-campaign/
Nevada state websites, phone lines knocked offline by cyberattack
https://therecord.media/nevada-state-websites-phones-cyberattack-disruption
MITRE Introduces AADAPT Framework to Combat Crypto-Focused Cyber Threats
https://www.tripwire.com/state-of-security/mitre-introduces-aadapt-framework-combat-crypto-focused-cyber-threats
Securing and governing the rise of autonomous agents
https://www.microsoft.com/en-us/security/blog/2025/08/26/securing-and-governing-the-rise-of-autonomous-agents/
Cybersecurity Workforce Trends in 2025 – Skills Gap, Diversity and SOC Readiness
https://www.darknet.org.uk/2025/08/cybersecurity-workforce-trends-in-2025-skills-gap-diversity-and-soc-readiness/
This House is Haunted: a decade old RCE in the AION client
https://www.reddit.com/r/netsec/comments/1n0q5h7/this_house_is_haunted_a_decade_old_rce_in_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Encryption Backdoor in Military/Police Radios - Schneier on Security
I wrote about this in 2023. Here’s the story: Three Dutch security analysts discovered the vulnerabilities—five in total—in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others.…
Top Security News for Today
Flock License Plate Reader Pauses Federal Work
https://therecord.media/flock-license-plate-reader-pauses-federal-work
Finnish Police Wiretap Reveals Russian ‘Shadow Fleet’ Captain Instructed to Destroy Evidence
https://therecord.media/finnish-police-wiretap-eagles-sabotage
Hundreds of Swedish Municipalities Impacted by Suspected Ransomware Attack on IT Supplier
https://therecord.media/sweden-municipalities-ransomware-software
Allied Spy Agencies Blame Chinese Companies for Salt Typhoon Attacks
https://therecord.media/allied-spy-agencies-blame-chinese-companies-salt-typhoon
Spanish Police Arrest Student Suspected of Hacking School System to Change Grades
https://therecord.media/spanish-police-hacker-arrest-grades
Storm-0501’s Evolving Techniques Lead to Cloud-Based Ransomware
https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Flock License Plate Reader Pauses Federal Work
https://therecord.media/flock-license-plate-reader-pauses-federal-work
Finnish Police Wiretap Reveals Russian ‘Shadow Fleet’ Captain Instructed to Destroy Evidence
https://therecord.media/finnish-police-wiretap-eagles-sabotage
Hundreds of Swedish Municipalities Impacted by Suspected Ransomware Attack on IT Supplier
https://therecord.media/sweden-municipalities-ransomware-software
Allied Spy Agencies Blame Chinese Companies for Salt Typhoon Attacks
https://therecord.media/allied-spy-agencies-blame-chinese-companies-salt-typhoon
Spanish Police Arrest Student Suspected of Hacking School System to Change Grades
https://therecord.media/spanish-police-hacker-arrest-grades
Storm-0501’s Evolving Techniques Lead to Cloud-Based Ransomware
https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
License-plate reader company pauses work with federal agencies after backlash
Flock acknowledged in a Monday blog post that it has engaged in “limited pilots” with CBP and Homeland Security Investigations, the law enforcement division of the Department of Homeland Security. It said the partnerships were meant to bolster the federal…
Top Security News for Today
The UK May Be Dropping Its Backdoor Mandate
https://www.schneier.com/blog/archives/2025/08/the-uk-may-be-dropping-its-backdoor-mandate.html
The year so far: How Burp Suite DAST is leveling up enterprise security in 2025
https://portswigger.net/blog/the-year-so-far-how-burp-suite-dast-is-leveling-up-enterprise-security-in-2025
Dutch intelligence agencies report country was targeted by Chinese cyber spies
https://therecord.media/dutch-intelligence-cyber-spies-salt
Germany charges man over cyberattack on Rosneft subsidiary
https://therecord.media/germany-charges-cyberattack-rosneft
Chasing the Silver Fox: Cat & Mouse in Kernel Shadows
https://research.checkpoint.com/2025/silver-fox-apt-vulnerable-drivers/
CISA steps in to help Nevada state government recover from cyberattack
https://therecord.media/cisa-steps-nevada-cyber-state
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents
https://www.trendmicro.com/en_us/research/25/h/taoth-campaign.html
Microsoft warns of ransomware gang shifting to steal cloud data, lock companies out of systems
https://therecord.media/ransomware-gangs-shift-to-stealing-cloud-data
Data breach at TransUnion impacts 4.4 million people
https://therecord.media/transunion-data-breach-4-million
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The UK May Be Dropping Its Backdoor Mandate
https://www.schneier.com/blog/archives/2025/08/the-uk-may-be-dropping-its-backdoor-mandate.html
The year so far: How Burp Suite DAST is leveling up enterprise security in 2025
https://portswigger.net/blog/the-year-so-far-how-burp-suite-dast-is-leveling-up-enterprise-security-in-2025
Dutch intelligence agencies report country was targeted by Chinese cyber spies
https://therecord.media/dutch-intelligence-cyber-spies-salt
Germany charges man over cyberattack on Rosneft subsidiary
https://therecord.media/germany-charges-cyberattack-rosneft
Chasing the Silver Fox: Cat & Mouse in Kernel Shadows
https://research.checkpoint.com/2025/silver-fox-apt-vulnerable-drivers/
CISA steps in to help Nevada state government recover from cyberattack
https://therecord.media/cisa-steps-nevada-cyber-state
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents
https://www.trendmicro.com/en_us/research/25/h/taoth-campaign.html
Microsoft warns of ransomware gang shifting to steal cloud data, lock companies out of systems
https://therecord.media/ransomware-gangs-shift-to-stealing-cloud-data
Data breach at TransUnion impacts 4.4 million people
https://therecord.media/transunion-data-breach-4-million
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
The UK May Be Dropping Its Backdoor Mandate - Schneier on Security
The US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately.
Top Security News for Today
Rage Against the Authentication State Machine (CVE-2024-28080)
https://www.reddit.com/r/netsec/comments/1n31plm/rage_against_the_authentication_state_machine/
How attackers adapt to built-in macOS protection
https://securelist.com/macos-security-and-typical-attacks/117367/
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1n33j71/cache_me_if_you_can_sitecore_experience_platform/
Baggage Tag Scam
https://www.schneier.com/blog/archives/2025/08/baggage-tag-scam.html
Ransomware gang takedowns causing explosion of new, smaller groups
https://therecord.media/ransomware-gang-takedown-proliferation
AI Waifu RAT: A Ring3 malware-like RAT based on LLM manipulation is circulating in the wild.
https://www.reddit.com/r/netsec/comments/1n3a1ll/ai_waifu_rat_a_ring3_malwarelike_rat_based_on_llm/
Hidden in plain sight: a misconfigured upload path that invited trouble
https://www.reddit.com/r/netsec/comments/1n3cu26/hidden_in_plain_sight_a_misconfigured_upload_path/
Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa
https://www.trendmicro.com/en_us/research/25/h/operation-serengeti-trend-micro.html
Scammer steals $1.5 million from Baltimore by spoofing city vendor
https://therecord.media/scammer-steals-baltimore-city-impersonation-vendor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Rage Against the Authentication State Machine (CVE-2024-28080)
https://www.reddit.com/r/netsec/comments/1n31plm/rage_against_the_authentication_state_machine/
How attackers adapt to built-in macOS protection
https://securelist.com/macos-security-and-typical-attacks/117367/
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1n33j71/cache_me_if_you_can_sitecore_experience_platform/
Baggage Tag Scam
https://www.schneier.com/blog/archives/2025/08/baggage-tag-scam.html
Ransomware gang takedowns causing explosion of new, smaller groups
https://therecord.media/ransomware-gang-takedown-proliferation
AI Waifu RAT: A Ring3 malware-like RAT based on LLM manipulation is circulating in the wild.
https://www.reddit.com/r/netsec/comments/1n3a1ll/ai_waifu_rat_a_ring3_malwarelike_rat_based_on_llm/
Hidden in plain sight: a misconfigured upload path that invited trouble
https://www.reddit.com/r/netsec/comments/1n3cu26/hidden_in_plain_sight_a_misconfigured_upload_path/
Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa
https://www.trendmicro.com/en_us/research/25/h/operation-serengeti-trend-micro.html
Scammer steals $1.5 million from Baltimore by spoofing city vendor
https://therecord.media/scammer-steals-baltimore-city-impersonation-vendor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Rage Against the Authentication State Machine (CVE-2024-28080)
Posted by dn3t - 8 votes and 0 comments
Top Security News for Today
Trend Vision One Integrates Microsoft Defender for Endpoint
https://www.trendmicro.com/en_us/research/25/h/vision-one-integrates-microsoft-defender.html
Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
https://www.reddit.com/r/netsec/comments/1n43kvo/netskope_client_for_windows_local_privilege/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Trend Vision One Integrates Microsoft Defender for Endpoint
https://www.trendmicro.com/en_us/research/25/h/vision-one-integrates-microsoft-defender.html
Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
https://www.reddit.com/r/netsec/comments/1n43kvo/netskope_client_for_windows_local_privilege/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Trend Micro
Trend Vision One Integrates Microsoft Defender for Endpoint
Read how Microsoft Defender for Endpoint has now integrated with Trend Vision One, closing the gap between endpoint solutions and advanced exposure management capabilities.
Top Security News for Today
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Normalisation of SWIFT Message Counterparties with Feature Extraction and Clustering
https://arxiv.org/abs/2508.21081
CoBA: Counterbias Text Augmentation for Mitigating Various Spurious Correlations via Semantic Triples
https://arxiv.org/abs/2508.21083
2COOOL: 2nd Workshop on the Challenge Of Out-Of-Label Hazards in Autonomous Driving
https://arxiv.org/abs/2508.21080
Mapping Toxic Comments Across Demographics: A Dataset from German Public Broadcasting
https://arxiv.org/abs/2508.21084
Granite Embedding R2 Models
https://arxiv.org/abs/2508.21085
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Normalisation of SWIFT Message Counterparties with Feature Extraction and Clustering
https://arxiv.org/abs/2508.21081
CoBA: Counterbias Text Augmentation for Mitigating Various Spurious Correlations via Semantic Triples
https://arxiv.org/abs/2508.21083
2COOOL: 2nd Workshop on the Challenge Of Out-Of-Label Hazards in Autonomous Driving
https://arxiv.org/abs/2508.21080
Mapping Toxic Comments Across Demographics: A Dataset from German Public Broadcasting
https://arxiv.org/abs/2508.21084
Granite Embedding R2 Models
https://arxiv.org/abs/2508.21085
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
Explore this post and more from the netsec community
Top Security News for Today
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Cache Simulator
https://www.reddit.com/r/lowlevel/comments/1n5gb0s/cache_simulator/
1st September – Threat Intelligence Report
https://research.checkpoint.com/2025/1st-september-threat-intelligence-report/
Introducing ICMP Echo Streams (iStreams)
https://www.reddit.com/r/netsec/comments/1n5n0qk/introducing_icmp_echo_streams_istreams/
From Food to Friendship: How Scammers Prey on Our Most Basic Needs
https://www.tripwire.com/state-of-security/food-friendship-scammers-prey-basic-needs
Spanish government cancels €10m contract using Huawei equipment
https://therecord.media/spain-cancels-10-million-euro-huawei-contract
[Article] IPv6 Security: Attacks and Detection Methods
https://www.reddit.com/r/netsec/comments/1n5u9mb/article_ipv6_security_attacks_and_detection/
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Cache Simulator
https://www.reddit.com/r/lowlevel/comments/1n5gb0s/cache_simulator/
1st September – Threat Intelligence Report
https://research.checkpoint.com/2025/1st-september-threat-intelligence-report/
Introducing ICMP Echo Streams (iStreams)
https://www.reddit.com/r/netsec/comments/1n5n0qk/introducing_icmp_echo_streams_istreams/
From Food to Friendship: How Scammers Prey on Our Most Basic Needs
https://www.tripwire.com/state-of-security/food-friendship-scammers-prey-basic-needs
Spanish government cancels €10m contract using Huawei equipment
https://therecord.media/spain-cancels-10-million-euro-huawei-contract
[Article] IPv6 Security: Attacks and Detection Methods
https://www.reddit.com/r/netsec/comments/1n5u9mb/article_ipv6_security_attacks_and_detection/
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
Explore this post and more from the netsec community
Top Security News for Today
Deep Specter Research Uncovers a Global Phishing Empire
https://www.reddit.com/r/netsec/comments/1n6jj7q/deep_specter_research_uncovers_a_global_phishing/
Ksmbd Fuzzing Improvements and Vulnerability Discovery
https://www.reddit.com/r/netsec/comments/1n6exne/ksmbd_fuzzing_improvements_and_vulnerability/
Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
https://securelist.com/cookies-and-session-hijacking/117390/
1965 Cryptanalysis Training Workbook Released by the NSA
https://www.schneier.com/blog/archives/2025/09/1965-cryptanalysis-training-workbook-released-by-the-nsa.html
Golden dMSA
https://www.reddit.com/r/netsec/comments/1n6g94k/golden_dmsa/
Jaguar Land Rover ‘severely disrupted’ by cybersecurity incident
https://therecord.media/jaguar-land-rover-disruption-cyber-incident
WhatsApp, Apple warn of highly targeted attacks with zero-day vulnerability
https://therecord.media/whatsapp-apple-zero-day-targeted-attacks
RapperBot: infection → DDoS in seconds (deep dive write-up)
https://www.reddit.com/r/netsec/comments/1n6lsmy/rapperbot_infection_ddos_in_seconds_deep_dive/
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
https://therecord.media/pennsylvania-attorney-general-office-ransomware-attack-recovery
Disney agrees to $10 million settlement for collecting data from children
https://therecord.media/disney-settles-with-ftc-millions
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Deep Specter Research Uncovers a Global Phishing Empire
https://www.reddit.com/r/netsec/comments/1n6jj7q/deep_specter_research_uncovers_a_global_phishing/
Ksmbd Fuzzing Improvements and Vulnerability Discovery
https://www.reddit.com/r/netsec/comments/1n6exne/ksmbd_fuzzing_improvements_and_vulnerability/
Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
https://securelist.com/cookies-and-session-hijacking/117390/
1965 Cryptanalysis Training Workbook Released by the NSA
https://www.schneier.com/blog/archives/2025/09/1965-cryptanalysis-training-workbook-released-by-the-nsa.html
Golden dMSA
https://www.reddit.com/r/netsec/comments/1n6g94k/golden_dmsa/
Jaguar Land Rover ‘severely disrupted’ by cybersecurity incident
https://therecord.media/jaguar-land-rover-disruption-cyber-incident
WhatsApp, Apple warn of highly targeted attacks with zero-day vulnerability
https://therecord.media/whatsapp-apple-zero-day-targeted-attacks
RapperBot: infection → DDoS in seconds (deep dive write-up)
https://www.reddit.com/r/netsec/comments/1n6lsmy/rapperbot_infection_ddos_in_seconds_deep_dive/
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
https://therecord.media/pennsylvania-attorney-general-office-ransomware-attack-recovery
Disney agrees to $10 million settlement for collecting data from children
https://therecord.media/disney-settles-with-ftc-millions
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Deep Specter Research Uncovers a Global Phishing Empire
Explore this post and more from the netsec community
Top Security News for Today
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
https://therecord.media/corruption-case-against-ousted-cyber
Salesloft, Drift among companies impacted by incident
https://therecord.media/salesloft-drift-breach-cloudflare-zscaler-palo-alto-networks
How They Got In — DaVita’s Data Breach
https://www.reddit.com/r/netsec/comments/1n7efek/how_they_got_in_davitas_data_breach/
Effective Incident Response
https://www.reddit.com/r/netsec/comments/1n7fek1/effective_incident_response/
Inline Style Exfiltration: leaking data with chained CSS conditionals
https://www.reddit.com/r/netsec/comments/1n7fexe/inline_style_exfiltration_leaking_data_with/
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel
https://www.reddit.com/r/netsec/comments/1n7dp5m/kernelhackdrill_and_a_new_approach_to_exploiting/
Two arrested in Egypt as authorities take down Streameast sports piracy platform
https://therecord.media/streameast-sports-piracy-site-takedown-arrests-egypt
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
https://therecord.media/corruption-case-against-ousted-cyber
Salesloft, Drift among companies impacted by incident
https://therecord.media/salesloft-drift-breach-cloudflare-zscaler-palo-alto-networks
How They Got In — DaVita’s Data Breach
https://www.reddit.com/r/netsec/comments/1n7efek/how_they_got_in_davitas_data_breach/
Effective Incident Response
https://www.reddit.com/r/netsec/comments/1n7fek1/effective_incident_response/
Inline Style Exfiltration: leaking data with chained CSS conditionals
https://www.reddit.com/r/netsec/comments/1n7fexe/inline_style_exfiltration_leaking_data_with/
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel
https://www.reddit.com/r/netsec/comments/1n7dp5m/kernelhackdrill_and_a_new_approach_to_exploiting/
Two arrested in Egypt as authorities take down Streameast sports piracy platform
https://therecord.media/streameast-sports-piracy-site-takedown-arrests-egypt
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
Ukraine’s security service is accusing the country’s anti-corruption agencies of seeking “revenge” by bringing charges against Illia Vitiuk, the former head of the agency’s cybersecurity unit.
Top Security News for Today
Czech cyber agency warns against using services and products that send data to China
https://therecord.media/czech-nukib-warns-against-products-sending-data-china
Generative AI as a Cybercrime Assistant
https://www.schneier.com/blog/archives/2025/09/generative-ai-as-a-cybercrime-assistant.html
BYOVD: Leveraging Raw Disk Reads to Bypass EDR
https://www.reddit.com/r/netsec/comments/1n8enqa/byovd_leveraging_raw_disk_reads_to_bypass_edr/
Free Interactive 3D Security Awareness Exercises (Better Alternative to Boring Yearly Training)
https://www.reddit.com/r/netsec/comments/1n88a0x/free_interactive_3d_security_awareness_exercises/
Watch the webinar: Scale secure coverage without scaling headcount
https://portswigger.net/blog/watch-the-webinar-scale-secure-coverage-without-scaling-headcount
Google hit with $425 million verdict in privacy class action suit
https://therecord.media/google-hit-with-425-million-privacy-class-action-verdict
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Czech cyber agency warns against using services and products that send data to China
https://therecord.media/czech-nukib-warns-against-products-sending-data-china
Generative AI as a Cybercrime Assistant
https://www.schneier.com/blog/archives/2025/09/generative-ai-as-a-cybercrime-assistant.html
BYOVD: Leveraging Raw Disk Reads to Bypass EDR
https://www.reddit.com/r/netsec/comments/1n8enqa/byovd_leveraging_raw_disk_reads_to_bypass_edr/
Free Interactive 3D Security Awareness Exercises (Better Alternative to Boring Yearly Training)
https://www.reddit.com/r/netsec/comments/1n88a0x/free_interactive_3d_security_awareness_exercises/
Watch the webinar: Scale secure coverage without scaling headcount
https://portswigger.net/blog/watch-the-webinar-scale-secure-coverage-without-scaling-headcount
Google hit with $425 million verdict in privacy class action suit
https://therecord.media/google-hit-with-425-million-privacy-class-action-verdict
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Czech cyber agency warns against using services and products that send data to China
Cloud storage and remote operation can expose critical sectors to Chinese espionage, warned the Czech Republic's NÚKIB, "making trust in the reliability of the provider absolutely crucial."
Top Security News for Today
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
https://therecord.media/jaguar-land-rover-cyberattack-workers-stay-home
SEO fraud-as-a-service' scheme hijacks Windows servers to promote gambling websites
https://therecord.media/seo-scheme-windows-malware-gambling-sites-ghostredirector
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
https://therecord.media/cisa-orders-patch-for-sitecore-zero-day
The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
https://www.reddit.com/r/netsec/comments/1n9dlkb/the_ghostaction_campaign_3325_secrets_stolen/
Three Critical Facts About Cyber Risk Management
https://www.trendmicro.com/en_us/research/25/i/cyber-risk-management-facts.html
Trend Vision One™ Email Security Raises the Standard
https://www.trendmicro.com/en_us/research/25/h/email-security-standards.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
https://therecord.media/jaguar-land-rover-cyberattack-workers-stay-home
SEO fraud-as-a-service' scheme hijacks Windows servers to promote gambling websites
https://therecord.media/seo-scheme-windows-malware-gambling-sites-ghostredirector
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
https://therecord.media/cisa-orders-patch-for-sitecore-zero-day
The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
https://www.reddit.com/r/netsec/comments/1n9dlkb/the_ghostaction_campaign_3325_secrets_stolen/
Three Critical Facts About Cyber Risk Management
https://www.trendmicro.com/en_us/research/25/i/cyber-risk-management-facts.html
Trend Vision One™ Email Security Raises the Standard
https://www.trendmicro.com/en_us/research/25/h/email-security-standards.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
Luxury automaker Jaguar Land Rover says employees should stay home through the weekend as it works to mitigate the impact of a cyberattack.
Top Security News for Today
Stealthy Persistence With Non-Existent Executable File
https://www.reddit.com/r/netsec/comments/1n9sygh/stealthy_persistence_with_nonexistent_executable/
A Comprehensive Survey on Trustworthiness in Reasoning with Large Language Models
https://arxiv.org/abs/2509.03871
High Boy Gadget for Hackers
https://www.reddit.com/r/netsec/comments/1na0kcf/high_boy_gadget_for_hackers/
Minimal Webserver in a 4KiB Binary
https://www.reddit.com/r/lowlevel/comments/1na9tjn/minimal_webserver_in_a_4kib_binary/
From Theory to Practice: How Small Language Models Are Revolutionizing Human Risk Psychology
https://www.reddit.com/r/netsec/comments/1nad9wm/from_theory_to_practice_how_small_language_models/
Worldcoin Advances Quantum-Secure AMPC With UTEC Peru
https://www.reddit.com/r/netsec/comments/1namhbg/worldcoin_advances_quantumsecure_ampc_with_utec/
The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
https://www.reddit.com/r/netsec/comments/1namtpn/the_salesloftdrift_breach_analyzing_the_biggest/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Stealthy Persistence With Non-Existent Executable File
https://www.reddit.com/r/netsec/comments/1n9sygh/stealthy_persistence_with_nonexistent_executable/
A Comprehensive Survey on Trustworthiness in Reasoning with Large Language Models
https://arxiv.org/abs/2509.03871
High Boy Gadget for Hackers
https://www.reddit.com/r/netsec/comments/1na0kcf/high_boy_gadget_for_hackers/
Minimal Webserver in a 4KiB Binary
https://www.reddit.com/r/lowlevel/comments/1na9tjn/minimal_webserver_in_a_4kib_binary/
From Theory to Practice: How Small Language Models Are Revolutionizing Human Risk Psychology
https://www.reddit.com/r/netsec/comments/1nad9wm/from_theory_to_practice_how_small_language_models/
Worldcoin Advances Quantum-Secure AMPC With UTEC Peru
https://www.reddit.com/r/netsec/comments/1namhbg/worldcoin_advances_quantumsecure_ampc_with_utec/
The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
https://www.reddit.com/r/netsec/comments/1namtpn/the_salesloftdrift_breach_analyzing_the_biggest/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Stealthy Persistence With Non-Existent Executable File
Explore this post and more from the netsec community