Top Security News for Today
Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’
https://therecord.media/wyden-probe-federal-judiciary-data-breaches
Maryland investigating cyberattack impacting transit service for disabled people
https://therecord.media/maryland-cyberattack-transit-disabled-people
South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities
https://therecord.media/south-korea-arrests-hacker-accused-of-targeting-celebrities-bts
Farmers Insurance says 1 million customers affected by cyberattack on third-party vendor
https://therecord.media/farmers-insurance-million-data-breach
Poor Password Choices
https://www.schneier.com/blog/archives/2025/08/poor-password-choices.html
Tracking malicious code execution in Python
https://www.reddit.com/r/netsec/comments/1mzk3l4/tracking_malicious_code_execution_in_python/
Vtenext 25.02: A three-way path to RCE
https://www.reddit.com/r/netsec/comments/1mzmrnp/vtenext_2502_a_threeway_path_to_rce/
Safeguarding VS Code against prompt injections
https://www.reddit.com/r/netsec/comments/1mzzh21/safeguarding_vs_code_against_prompt_injections/
Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain
https://arxiv.org/abs/2508.16579
DIAC ∞ 2: A Post-Quantum, P=NP-Resistant Cryptosystem
https://arxiv.org/abs/2508.15840
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’
https://therecord.media/wyden-probe-federal-judiciary-data-breaches
Maryland investigating cyberattack impacting transit service for disabled people
https://therecord.media/maryland-cyberattack-transit-disabled-people
South Korea arrests suspected Chinese hacker accused of targeting BTS singer and other celebrities
https://therecord.media/south-korea-arrests-hacker-accused-of-targeting-celebrities-bts
Farmers Insurance says 1 million customers affected by cyberattack on third-party vendor
https://therecord.media/farmers-insurance-million-data-breach
Poor Password Choices
https://www.schneier.com/blog/archives/2025/08/poor-password-choices.html
Tracking malicious code execution in Python
https://www.reddit.com/r/netsec/comments/1mzk3l4/tracking_malicious_code_execution_in_python/
Vtenext 25.02: A three-way path to RCE
https://www.reddit.com/r/netsec/comments/1mzmrnp/vtenext_2502_a_threeway_path_to_rce/
Safeguarding VS Code against prompt injections
https://www.reddit.com/r/netsec/comments/1mzzh21/safeguarding_vs_code_against_prompt_injections/
Implementing Zero Trust Architecture to Enhance Security and Resilience in the Pharmaceutical Supply Chain
https://arxiv.org/abs/2508.16579
DIAC ∞ 2: A Post-Quantum, P=NP-Resistant Cryptosystem
https://arxiv.org/abs/2508.15840
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Wyden calls for probe of federal judiciary data breaches, accusing it of ‘negligence’
Earlier this month court officials publicly acknowledged recent digital attacks “of a sophisticated and persistent nature on its case management system” had prompted them to boost their online defenses.
Top Security News for Today
Encryption Backdoor in Military/Police Radios
https://www.schneier.com/blog/archives/2025/08/encryption-backdoor-in-military-police-radios.html
ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies
https://research.checkpoint.com/2025/zipline-phishing-campaign/
Nevada state websites, phone lines knocked offline by cyberattack
https://therecord.media/nevada-state-websites-phones-cyberattack-disruption
MITRE Introduces AADAPT Framework to Combat Crypto-Focused Cyber Threats
https://www.tripwire.com/state-of-security/mitre-introduces-aadapt-framework-combat-crypto-focused-cyber-threats
Securing and governing the rise of autonomous agents
https://www.microsoft.com/en-us/security/blog/2025/08/26/securing-and-governing-the-rise-of-autonomous-agents/
Cybersecurity Workforce Trends in 2025 – Skills Gap, Diversity and SOC Readiness
https://www.darknet.org.uk/2025/08/cybersecurity-workforce-trends-in-2025-skills-gap-diversity-and-soc-readiness/
This House is Haunted: a decade old RCE in the AION client
https://www.reddit.com/r/netsec/comments/1n0q5h7/this_house_is_haunted_a_decade_old_rce_in_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Encryption Backdoor in Military/Police Radios
https://www.schneier.com/blog/archives/2025/08/encryption-backdoor-in-military-police-radios.html
ZipLine Campaign: A Sophisticated Phishing Attack Targeting US Companies
https://research.checkpoint.com/2025/zipline-phishing-campaign/
Nevada state websites, phone lines knocked offline by cyberattack
https://therecord.media/nevada-state-websites-phones-cyberattack-disruption
MITRE Introduces AADAPT Framework to Combat Crypto-Focused Cyber Threats
https://www.tripwire.com/state-of-security/mitre-introduces-aadapt-framework-combat-crypto-focused-cyber-threats
Securing and governing the rise of autonomous agents
https://www.microsoft.com/en-us/security/blog/2025/08/26/securing-and-governing-the-rise-of-autonomous-agents/
Cybersecurity Workforce Trends in 2025 – Skills Gap, Diversity and SOC Readiness
https://www.darknet.org.uk/2025/08/cybersecurity-workforce-trends-in-2025-skills-gap-diversity-and-soc-readiness/
This House is Haunted: a decade old RCE in the AION client
https://www.reddit.com/r/netsec/comments/1n0q5h7/this_house_is_haunted_a_decade_old_rce_in_the/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Encryption Backdoor in Military/Police Radios - Schneier on Security
I wrote about this in 2023. Here’s the story: Three Dutch security analysts discovered the vulnerabilities—five in total—in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others.…
Top Security News for Today
Flock License Plate Reader Pauses Federal Work
https://therecord.media/flock-license-plate-reader-pauses-federal-work
Finnish Police Wiretap Reveals Russian ‘Shadow Fleet’ Captain Instructed to Destroy Evidence
https://therecord.media/finnish-police-wiretap-eagles-sabotage
Hundreds of Swedish Municipalities Impacted by Suspected Ransomware Attack on IT Supplier
https://therecord.media/sweden-municipalities-ransomware-software
Allied Spy Agencies Blame Chinese Companies for Salt Typhoon Attacks
https://therecord.media/allied-spy-agencies-blame-chinese-companies-salt-typhoon
Spanish Police Arrest Student Suspected of Hacking School System to Change Grades
https://therecord.media/spanish-police-hacker-arrest-grades
Storm-0501’s Evolving Techniques Lead to Cloud-Based Ransomware
https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Flock License Plate Reader Pauses Federal Work
https://therecord.media/flock-license-plate-reader-pauses-federal-work
Finnish Police Wiretap Reveals Russian ‘Shadow Fleet’ Captain Instructed to Destroy Evidence
https://therecord.media/finnish-police-wiretap-eagles-sabotage
Hundreds of Swedish Municipalities Impacted by Suspected Ransomware Attack on IT Supplier
https://therecord.media/sweden-municipalities-ransomware-software
Allied Spy Agencies Blame Chinese Companies for Salt Typhoon Attacks
https://therecord.media/allied-spy-agencies-blame-chinese-companies-salt-typhoon
Spanish Police Arrest Student Suspected of Hacking School System to Change Grades
https://therecord.media/spanish-police-hacker-arrest-grades
Storm-0501’s Evolving Techniques Lead to Cloud-Based Ransomware
https://www.microsoft.com/en-us/security/blog/2025/08/27/storm-0501s-evolving-techniques-lead-to-cloud-based-ransomware/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
License-plate reader company pauses work with federal agencies after backlash
Flock acknowledged in a Monday blog post that it has engaged in “limited pilots” with CBP and Homeland Security Investigations, the law enforcement division of the Department of Homeland Security. It said the partnerships were meant to bolster the federal…
Top Security News for Today
The UK May Be Dropping Its Backdoor Mandate
https://www.schneier.com/blog/archives/2025/08/the-uk-may-be-dropping-its-backdoor-mandate.html
The year so far: How Burp Suite DAST is leveling up enterprise security in 2025
https://portswigger.net/blog/the-year-so-far-how-burp-suite-dast-is-leveling-up-enterprise-security-in-2025
Dutch intelligence agencies report country was targeted by Chinese cyber spies
https://therecord.media/dutch-intelligence-cyber-spies-salt
Germany charges man over cyberattack on Rosneft subsidiary
https://therecord.media/germany-charges-cyberattack-rosneft
Chasing the Silver Fox: Cat & Mouse in Kernel Shadows
https://research.checkpoint.com/2025/silver-fox-apt-vulnerable-drivers/
CISA steps in to help Nevada state government recover from cyberattack
https://therecord.media/cisa-steps-nevada-cyber-state
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents
https://www.trendmicro.com/en_us/research/25/h/taoth-campaign.html
Microsoft warns of ransomware gang shifting to steal cloud data, lock companies out of systems
https://therecord.media/ransomware-gangs-shift-to-stealing-cloud-data
Data breach at TransUnion impacts 4.4 million people
https://therecord.media/transunion-data-breach-4-million
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The UK May Be Dropping Its Backdoor Mandate
https://www.schneier.com/blog/archives/2025/08/the-uk-may-be-dropping-its-backdoor-mandate.html
The year so far: How Burp Suite DAST is leveling up enterprise security in 2025
https://portswigger.net/blog/the-year-so-far-how-burp-suite-dast-is-leveling-up-enterprise-security-in-2025
Dutch intelligence agencies report country was targeted by Chinese cyber spies
https://therecord.media/dutch-intelligence-cyber-spies-salt
Germany charges man over cyberattack on Rosneft subsidiary
https://therecord.media/germany-charges-cyberattack-rosneft
Chasing the Silver Fox: Cat & Mouse in Kernel Shadows
https://research.checkpoint.com/2025/silver-fox-apt-vulnerable-drivers/
CISA steps in to help Nevada state government recover from cyberattack
https://therecord.media/cisa-steps-nevada-cyber-state
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents
https://www.trendmicro.com/en_us/research/25/h/taoth-campaign.html
Microsoft warns of ransomware gang shifting to steal cloud data, lock companies out of systems
https://therecord.media/ransomware-gangs-shift-to-stealing-cloud-data
Data breach at TransUnion impacts 4.4 million people
https://therecord.media/transunion-data-breach-4-million
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
The UK May Be Dropping Its Backdoor Mandate - Schneier on Security
The US Director of National Intelligence is reporting that the UK government is dropping its backdoor mandate against the Apple iPhone. For now, at least, assuming that Tulsi Gabbard is reporting this accurately.
Top Security News for Today
Rage Against the Authentication State Machine (CVE-2024-28080)
https://www.reddit.com/r/netsec/comments/1n31plm/rage_against_the_authentication_state_machine/
How attackers adapt to built-in macOS protection
https://securelist.com/macos-security-and-typical-attacks/117367/
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1n33j71/cache_me_if_you_can_sitecore_experience_platform/
Baggage Tag Scam
https://www.schneier.com/blog/archives/2025/08/baggage-tag-scam.html
Ransomware gang takedowns causing explosion of new, smaller groups
https://therecord.media/ransomware-gang-takedown-proliferation
AI Waifu RAT: A Ring3 malware-like RAT based on LLM manipulation is circulating in the wild.
https://www.reddit.com/r/netsec/comments/1n3a1ll/ai_waifu_rat_a_ring3_malwarelike_rat_based_on_llm/
Hidden in plain sight: a misconfigured upload path that invited trouble
https://www.reddit.com/r/netsec/comments/1n3cu26/hidden_in_plain_sight_a_misconfigured_upload_path/
Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa
https://www.trendmicro.com/en_us/research/25/h/operation-serengeti-trend-micro.html
Scammer steals $1.5 million from Baltimore by spoofing city vendor
https://therecord.media/scammer-steals-baltimore-city-impersonation-vendor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Rage Against the Authentication State Machine (CVE-2024-28080)
https://www.reddit.com/r/netsec/comments/1n31plm/rage_against_the_authentication_state_machine/
How attackers adapt to built-in macOS protection
https://securelist.com/macos-security-and-typical-attacks/117367/
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1n33j71/cache_me_if_you_can_sitecore_experience_platform/
Baggage Tag Scam
https://www.schneier.com/blog/archives/2025/08/baggage-tag-scam.html
Ransomware gang takedowns causing explosion of new, smaller groups
https://therecord.media/ransomware-gang-takedown-proliferation
AI Waifu RAT: A Ring3 malware-like RAT based on LLM manipulation is circulating in the wild.
https://www.reddit.com/r/netsec/comments/1n3a1ll/ai_waifu_rat_a_ring3_malwarelike_rat_based_on_llm/
Hidden in plain sight: a misconfigured upload path that invited trouble
https://www.reddit.com/r/netsec/comments/1n3cu26/hidden_in_plain_sight_a_misconfigured_upload_path/
Operation Serengeti 2.0: Trend Micro Helps Law Enforcement Fight Cybercrime in Africa
https://www.trendmicro.com/en_us/research/25/h/operation-serengeti-trend-micro.html
Scammer steals $1.5 million from Baltimore by spoofing city vendor
https://therecord.media/scammer-steals-baltimore-city-impersonation-vendor
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Rage Against the Authentication State Machine (CVE-2024-28080)
Posted by dn3t - 8 votes and 0 comments
Top Security News for Today
Trend Vision One Integrates Microsoft Defender for Endpoint
https://www.trendmicro.com/en_us/research/25/h/vision-one-integrates-microsoft-defender.html
Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
https://www.reddit.com/r/netsec/comments/1n43kvo/netskope_client_for_windows_local_privilege/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Trend Vision One Integrates Microsoft Defender for Endpoint
https://www.trendmicro.com/en_us/research/25/h/vision-one-integrates-microsoft-defender.html
Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
https://www.reddit.com/r/netsec/comments/1n43kvo/netskope_client_for_windows_local_privilege/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Trend Micro
Trend Vision One Integrates Microsoft Defender for Endpoint
Read how Microsoft Defender for Endpoint has now integrated with Trend Vision One, closing the gap between endpoint solutions and advanced exposure management capabilities.
Top Security News for Today
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Normalisation of SWIFT Message Counterparties with Feature Extraction and Clustering
https://arxiv.org/abs/2508.21081
CoBA: Counterbias Text Augmentation for Mitigating Various Spurious Correlations via Semantic Triples
https://arxiv.org/abs/2508.21083
2COOOL: 2nd Workshop on the Challenge Of Out-Of-Label Hazards in Autonomous Driving
https://arxiv.org/abs/2508.21080
Mapping Toxic Comments Across Demographics: A Dataset from German Public Broadcasting
https://arxiv.org/abs/2508.21084
Granite Embedding R2 Models
https://arxiv.org/abs/2508.21085
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Normalisation of SWIFT Message Counterparties with Feature Extraction and Clustering
https://arxiv.org/abs/2508.21081
CoBA: Counterbias Text Augmentation for Mitigating Various Spurious Correlations via Semantic Triples
https://arxiv.org/abs/2508.21083
2COOOL: 2nd Workshop on the Challenge Of Out-Of-Label Hazards in Autonomous Driving
https://arxiv.org/abs/2508.21080
Mapping Toxic Comments Across Demographics: A Dataset from German Public Broadcasting
https://arxiv.org/abs/2508.21084
Granite Embedding R2 Models
https://arxiv.org/abs/2508.21085
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
Explore this post and more from the netsec community
Top Security News for Today
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Cache Simulator
https://www.reddit.com/r/lowlevel/comments/1n5gb0s/cache_simulator/
1st September – Threat Intelligence Report
https://research.checkpoint.com/2025/1st-september-threat-intelligence-report/
Introducing ICMP Echo Streams (iStreams)
https://www.reddit.com/r/netsec/comments/1n5n0qk/introducing_icmp_echo_streams_istreams/
From Food to Friendship: How Scammers Prey on Our Most Basic Needs
https://www.tripwire.com/state-of-security/food-friendship-scammers-prey-basic-needs
Spanish government cancels €10m contract using Huawei equipment
https://therecord.media/spain-cancels-10-million-euro-huawei-contract
[Article] IPv6 Security: Attacks and Detection Methods
https://www.reddit.com/r/netsec/comments/1n5u9mb/article_ipv6_security_attacks_and_detection/
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://www.reddit.com/r/netsec/comments/1n5dil1/zeroday_alert_automated_discovery_of_critical/
Cache Simulator
https://www.reddit.com/r/lowlevel/comments/1n5gb0s/cache_simulator/
1st September – Threat Intelligence Report
https://research.checkpoint.com/2025/1st-september-threat-intelligence-report/
Introducing ICMP Echo Streams (iStreams)
https://www.reddit.com/r/netsec/comments/1n5n0qk/introducing_icmp_echo_streams_istreams/
From Food to Friendship: How Scammers Prey on Our Most Basic Needs
https://www.tripwire.com/state-of-security/food-friendship-scammers-prey-basic-needs
Spanish government cancels €10m contract using Huawei equipment
https://therecord.media/spain-cancels-10-million-euro-huawei-contract
[Article] IPv6 Security: Attacks and Detection Methods
https://www.reddit.com/r/netsec/comments/1n5u9mb/article_ipv6_security_attacks_and_detection/
The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft
https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
Explore this post and more from the netsec community
Top Security News for Today
Deep Specter Research Uncovers a Global Phishing Empire
https://www.reddit.com/r/netsec/comments/1n6jj7q/deep_specter_research_uncovers_a_global_phishing/
Ksmbd Fuzzing Improvements and Vulnerability Discovery
https://www.reddit.com/r/netsec/comments/1n6exne/ksmbd_fuzzing_improvements_and_vulnerability/
Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
https://securelist.com/cookies-and-session-hijacking/117390/
1965 Cryptanalysis Training Workbook Released by the NSA
https://www.schneier.com/blog/archives/2025/09/1965-cryptanalysis-training-workbook-released-by-the-nsa.html
Golden dMSA
https://www.reddit.com/r/netsec/comments/1n6g94k/golden_dmsa/
Jaguar Land Rover ‘severely disrupted’ by cybersecurity incident
https://therecord.media/jaguar-land-rover-disruption-cyber-incident
WhatsApp, Apple warn of highly targeted attacks with zero-day vulnerability
https://therecord.media/whatsapp-apple-zero-day-targeted-attacks
RapperBot: infection → DDoS in seconds (deep dive write-up)
https://www.reddit.com/r/netsec/comments/1n6lsmy/rapperbot_infection_ddos_in_seconds_deep_dive/
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
https://therecord.media/pennsylvania-attorney-general-office-ransomware-attack-recovery
Disney agrees to $10 million settlement for collecting data from children
https://therecord.media/disney-settles-with-ftc-millions
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Deep Specter Research Uncovers a Global Phishing Empire
https://www.reddit.com/r/netsec/comments/1n6jj7q/deep_specter_research_uncovers_a_global_phishing/
Ksmbd Fuzzing Improvements and Vulnerability Discovery
https://www.reddit.com/r/netsec/comments/1n6exne/ksmbd_fuzzing_improvements_and_vulnerability/
Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it
https://securelist.com/cookies-and-session-hijacking/117390/
1965 Cryptanalysis Training Workbook Released by the NSA
https://www.schneier.com/blog/archives/2025/09/1965-cryptanalysis-training-workbook-released-by-the-nsa.html
Golden dMSA
https://www.reddit.com/r/netsec/comments/1n6g94k/golden_dmsa/
Jaguar Land Rover ‘severely disrupted’ by cybersecurity incident
https://therecord.media/jaguar-land-rover-disruption-cyber-incident
WhatsApp, Apple warn of highly targeted attacks with zero-day vulnerability
https://therecord.media/whatsapp-apple-zero-day-targeted-attacks
RapperBot: infection → DDoS in seconds (deep dive write-up)
https://www.reddit.com/r/netsec/comments/1n6lsmy/rapperbot_infection_ddos_in_seconds_deep_dive/
Pennsylvania AG says recovery continues after office refused to pay ransomware gang
https://therecord.media/pennsylvania-attorney-general-office-ransomware-attack-recovery
Disney agrees to $10 million settlement for collecting data from children
https://therecord.media/disney-settles-with-ftc-millions
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Deep Specter Research Uncovers a Global Phishing Empire
Explore this post and more from the netsec community
Top Security News for Today
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
https://therecord.media/corruption-case-against-ousted-cyber
Salesloft, Drift among companies impacted by incident
https://therecord.media/salesloft-drift-breach-cloudflare-zscaler-palo-alto-networks
How They Got In — DaVita’s Data Breach
https://www.reddit.com/r/netsec/comments/1n7efek/how_they_got_in_davitas_data_breach/
Effective Incident Response
https://www.reddit.com/r/netsec/comments/1n7fek1/effective_incident_response/
Inline Style Exfiltration: leaking data with chained CSS conditionals
https://www.reddit.com/r/netsec/comments/1n7fexe/inline_style_exfiltration_leaking_data_with/
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel
https://www.reddit.com/r/netsec/comments/1n7dp5m/kernelhackdrill_and_a_new_approach_to_exploiting/
Two arrested in Egypt as authorities take down Streameast sports piracy platform
https://therecord.media/streameast-sports-piracy-site-takedown-arrests-egypt
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
https://therecord.media/corruption-case-against-ousted-cyber
Salesloft, Drift among companies impacted by incident
https://therecord.media/salesloft-drift-breach-cloudflare-zscaler-palo-alto-networks
How They Got In — DaVita’s Data Breach
https://www.reddit.com/r/netsec/comments/1n7efek/how_they_got_in_davitas_data_breach/
Effective Incident Response
https://www.reddit.com/r/netsec/comments/1n7fek1/effective_incident_response/
Inline Style Exfiltration: leaking data with chained CSS conditionals
https://www.reddit.com/r/netsec/comments/1n7fexe/inline_style_exfiltration_leaking_data_with/
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel
https://www.reddit.com/r/netsec/comments/1n7dp5m/kernelhackdrill_and_a_new_approach_to_exploiting/
Two arrested in Egypt as authorities take down Streameast sports piracy platform
https://therecord.media/streameast-sports-piracy-site-takedown-arrests-egypt
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
Ukraine’s security service is accusing the country’s anti-corruption agencies of seeking “revenge” by bringing charges against Illia Vitiuk, the former head of the agency’s cybersecurity unit.
Top Security News for Today
Czech cyber agency warns against using services and products that send data to China
https://therecord.media/czech-nukib-warns-against-products-sending-data-china
Generative AI as a Cybercrime Assistant
https://www.schneier.com/blog/archives/2025/09/generative-ai-as-a-cybercrime-assistant.html
BYOVD: Leveraging Raw Disk Reads to Bypass EDR
https://www.reddit.com/r/netsec/comments/1n8enqa/byovd_leveraging_raw_disk_reads_to_bypass_edr/
Free Interactive 3D Security Awareness Exercises (Better Alternative to Boring Yearly Training)
https://www.reddit.com/r/netsec/comments/1n88a0x/free_interactive_3d_security_awareness_exercises/
Watch the webinar: Scale secure coverage without scaling headcount
https://portswigger.net/blog/watch-the-webinar-scale-secure-coverage-without-scaling-headcount
Google hit with $425 million verdict in privacy class action suit
https://therecord.media/google-hit-with-425-million-privacy-class-action-verdict
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Czech cyber agency warns against using services and products that send data to China
https://therecord.media/czech-nukib-warns-against-products-sending-data-china
Generative AI as a Cybercrime Assistant
https://www.schneier.com/blog/archives/2025/09/generative-ai-as-a-cybercrime-assistant.html
BYOVD: Leveraging Raw Disk Reads to Bypass EDR
https://www.reddit.com/r/netsec/comments/1n8enqa/byovd_leveraging_raw_disk_reads_to_bypass_edr/
Free Interactive 3D Security Awareness Exercises (Better Alternative to Boring Yearly Training)
https://www.reddit.com/r/netsec/comments/1n88a0x/free_interactive_3d_security_awareness_exercises/
Watch the webinar: Scale secure coverage without scaling headcount
https://portswigger.net/blog/watch-the-webinar-scale-secure-coverage-without-scaling-headcount
Google hit with $425 million verdict in privacy class action suit
https://therecord.media/google-hit-with-425-million-privacy-class-action-verdict
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Czech cyber agency warns against using services and products that send data to China
Cloud storage and remote operation can expose critical sectors to Chinese espionage, warned the Czech Republic's NÚKIB, "making trust in the reliability of the provider absolutely crucial."
Top Security News for Today
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
https://therecord.media/jaguar-land-rover-cyberattack-workers-stay-home
SEO fraud-as-a-service' scheme hijacks Windows servers to promote gambling websites
https://therecord.media/seo-scheme-windows-malware-gambling-sites-ghostredirector
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
https://therecord.media/cisa-orders-patch-for-sitecore-zero-day
The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
https://www.reddit.com/r/netsec/comments/1n9dlkb/the_ghostaction_campaign_3325_secrets_stolen/
Three Critical Facts About Cyber Risk Management
https://www.trendmicro.com/en_us/research/25/i/cyber-risk-management-facts.html
Trend Vision One™ Email Security Raises the Standard
https://www.trendmicro.com/en_us/research/25/h/email-security-standards.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
https://therecord.media/jaguar-land-rover-cyberattack-workers-stay-home
SEO fraud-as-a-service' scheme hijacks Windows servers to promote gambling websites
https://therecord.media/seo-scheme-windows-malware-gambling-sites-ghostredirector
CISA orders federal agencies to patch Sitecore zero-day following hacking reports
https://therecord.media/cisa-orders-patch-for-sitecore-zero-day
The GhostAction Campaign: 3,325 Secrets Stolen Through Compromised GitHub Workflows
https://www.reddit.com/r/netsec/comments/1n9dlkb/the_ghostaction_campaign_3325_secrets_stolen/
Three Critical Facts About Cyber Risk Management
https://www.trendmicro.com/en_us/research/25/i/cyber-risk-management-facts.html
Trend Vision One™ Email Security Raises the Standard
https://www.trendmicro.com/en_us/research/25/h/email-security-standards.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Cyberattack forces Jaguar Land Rover to tell staff to stay at home
Luxury automaker Jaguar Land Rover says employees should stay home through the weekend as it works to mitigate the impact of a cyberattack.
Top Security News for Today
Stealthy Persistence With Non-Existent Executable File
https://www.reddit.com/r/netsec/comments/1n9sygh/stealthy_persistence_with_nonexistent_executable/
A Comprehensive Survey on Trustworthiness in Reasoning with Large Language Models
https://arxiv.org/abs/2509.03871
High Boy Gadget for Hackers
https://www.reddit.com/r/netsec/comments/1na0kcf/high_boy_gadget_for_hackers/
Minimal Webserver in a 4KiB Binary
https://www.reddit.com/r/lowlevel/comments/1na9tjn/minimal_webserver_in_a_4kib_binary/
From Theory to Practice: How Small Language Models Are Revolutionizing Human Risk Psychology
https://www.reddit.com/r/netsec/comments/1nad9wm/from_theory_to_practice_how_small_language_models/
Worldcoin Advances Quantum-Secure AMPC With UTEC Peru
https://www.reddit.com/r/netsec/comments/1namhbg/worldcoin_advances_quantumsecure_ampc_with_utec/
The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
https://www.reddit.com/r/netsec/comments/1namtpn/the_salesloftdrift_breach_analyzing_the_biggest/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Stealthy Persistence With Non-Existent Executable File
https://www.reddit.com/r/netsec/comments/1n9sygh/stealthy_persistence_with_nonexistent_executable/
A Comprehensive Survey on Trustworthiness in Reasoning with Large Language Models
https://arxiv.org/abs/2509.03871
High Boy Gadget for Hackers
https://www.reddit.com/r/netsec/comments/1na0kcf/high_boy_gadget_for_hackers/
Minimal Webserver in a 4KiB Binary
https://www.reddit.com/r/lowlevel/comments/1na9tjn/minimal_webserver_in_a_4kib_binary/
From Theory to Practice: How Small Language Models Are Revolutionizing Human Risk Psychology
https://www.reddit.com/r/netsec/comments/1nad9wm/from_theory_to_practice_how_small_language_models/
Worldcoin Advances Quantum-Secure AMPC With UTEC Peru
https://www.reddit.com/r/netsec/comments/1namhbg/worldcoin_advances_quantumsecure_ampc_with_utec/
The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
https://www.reddit.com/r/netsec/comments/1namtpn/the_salesloftdrift_breach_analyzing_the_biggest/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Stealthy Persistence With Non-Existent Executable File
Explore this post and more from the netsec community
Top Security News for Today
The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
https://www.reddit.com/r/netsec/comments/1namtpn/the_salesloftdrift_breach_analyzing_the_biggest/
New OpenSecurityTraining2 class: "Bluetooth 2222: Bluetooth reconnaissance with Blue2thprinting" (~8 hours)
https://www.reddit.com/r/netsec/comments/1natzsl/new_opensecuritytraining2_class_bluetooth_2222/
New iOS/macOS Critical DNG Image Processing Memory Corruption Exploitation Tutorial
https://www.reddit.com/r/netsec/comments/1nb4a2v/new_iosmacos_critical_dng_image_processing_memory/
Using AI Agents for Code Auditing: Full Walkthrough on Finding Security Bugs in a Rust REST Server with Hound
https://www.reddit.com/r/netsec/comments/1nbclku/using_ai_agents_for_code_auditing_full/
killerPID-BOF
https://www.reddit.com/r/netsec/comments/1nbbdyh/killerpidbof/
GitHub Actions: A Cloudy Day for Security - Part 1
https://www.reddit.com/r/netsec/comments/1nbgj2h/github_actions_a_cloudy_day_for_security_part_1/
PRREACH: Probabilistic Risk Assessment Using Reachability for UAV Control
https://arxiv.org/abs/2509.04451
INSEva: A Comprehensive Chinese Benchmark for Large Language Models in Insurance
https://arxiv.org/abs/2509.04455
Mentalic Net: Development of RAG-based Conversational AI and Evaluation Framework for Mental Health Support
https://arxiv.org/abs/2509.04456
Automotive Privacy in California: The UX Benchmark That Could Change Everything
https://www.tripwire.com/state-of-security/automotive-privacy-california-ux-benchmark-could-change-everything
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
https://www.reddit.com/r/netsec/comments/1namtpn/the_salesloftdrift_breach_analyzing_the_biggest/
New OpenSecurityTraining2 class: "Bluetooth 2222: Bluetooth reconnaissance with Blue2thprinting" (~8 hours)
https://www.reddit.com/r/netsec/comments/1natzsl/new_opensecuritytraining2_class_bluetooth_2222/
New iOS/macOS Critical DNG Image Processing Memory Corruption Exploitation Tutorial
https://www.reddit.com/r/netsec/comments/1nb4a2v/new_iosmacos_critical_dng_image_processing_memory/
Using AI Agents for Code Auditing: Full Walkthrough on Finding Security Bugs in a Rust REST Server with Hound
https://www.reddit.com/r/netsec/comments/1nbclku/using_ai_agents_for_code_auditing_full/
killerPID-BOF
https://www.reddit.com/r/netsec/comments/1nbbdyh/killerpidbof/
GitHub Actions: A Cloudy Day for Security - Part 1
https://www.reddit.com/r/netsec/comments/1nbgj2h/github_actions_a_cloudy_day_for_security_part_1/
PRREACH: Probabilistic Risk Assessment Using Reachability for UAV Control
https://arxiv.org/abs/2509.04451
INSEva: A Comprehensive Chinese Benchmark for Large Language Models in Insurance
https://arxiv.org/abs/2509.04455
Mentalic Net: Development of RAG-based Conversational AI and Evaluation Framework for Mental Health Support
https://arxiv.org/abs/2509.04456
Automotive Privacy in California: The UX Benchmark That Could Change Everything
https://www.tripwire.com/state-of-security/automotive-privacy-california-ux-benchmark-could-change-everything
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: The Salesloft-Drift Breach: Analyzing the Biggest SaaS Breach of 2025
Explore this post and more from the netsec community
Top Security News for Today
Nepal social media ban sparks protests, dozens injured
https://therecord.media/nepal-social-media-ban-protests
Kazakh oil giant denies cyberattack, says incident was 'planned' phishing drill
https://therecord.media/kazakstan-oil-company-kazmunaygas-phishing-simulation-not-cyberattack
US sanctions companies behind cyber scam centers in Cambodia, Myanmar
https://therecord.media/us-sanctions-companies-southeast-asia-scam-compounds
Cyberattack on Jaguar Land Rover threatens to hit British economic growth
https://therecord.media/cyberattack-jaguar-land-rover-economic-growth-uk-government
Hacker broke into Salesloft systems in March through GitHub account
https://therecord.media/salesloft-hacker-broke-into-github
18 Popular Code Packages Hacked, Rigged to Steal Crypto
https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/
AI in Government
https://www.schneier.com/blog/archives/2025/09/ai-in-government.html
8th September – Threat Intelligence Report
https://research.checkpoint.com/2025/8th-september-threat-intelligence-report/
Manipulating Transformer-Based Models: Controllability, Steerability, and Robust Interventions
https://arxiv.org/abs/2509.04549
Persona Vectors: Monitoring and Controlling Character Traits in Language Models
https://arxiv.org/abs/2507.21509
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Nepal social media ban sparks protests, dozens injured
https://therecord.media/nepal-social-media-ban-protests
Kazakh oil giant denies cyberattack, says incident was 'planned' phishing drill
https://therecord.media/kazakstan-oil-company-kazmunaygas-phishing-simulation-not-cyberattack
US sanctions companies behind cyber scam centers in Cambodia, Myanmar
https://therecord.media/us-sanctions-companies-southeast-asia-scam-compounds
Cyberattack on Jaguar Land Rover threatens to hit British economic growth
https://therecord.media/cyberattack-jaguar-land-rover-economic-growth-uk-government
Hacker broke into Salesloft systems in March through GitHub account
https://therecord.media/salesloft-hacker-broke-into-github
18 Popular Code Packages Hacked, Rigged to Steal Crypto
https://krebsonsecurity.com/2025/09/18-popular-code-packages-hacked-rigged-to-steal-crypto/
AI in Government
https://www.schneier.com/blog/archives/2025/09/ai-in-government.html
8th September – Threat Intelligence Report
https://research.checkpoint.com/2025/8th-september-threat-intelligence-report/
Manipulating Transformer-Based Models: Controllability, Steerability, and Robust Interventions
https://arxiv.org/abs/2509.04549
Persona Vectors: Monitoring and Controlling Character Traits in Language Models
https://arxiv.org/abs/2507.21509
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Nepal social media ban sparks protests, dozens injured
The "Gen Z protest" against Nepal's restrictions on 26 major social media platforms turned deadly as police clashed with demonstrators.
Top Security News for Today
[New Cryptanalysis of the Fiat-Shamir Protocol](https://www.schneier.com/blog/archives/2025/09/new-cryptanalysis-of-the-fiat-shamir-protocol.html)
[ASNiP – ASN Reconnaissance via Domain and IP Mapping](https://www.darknet.org.uk/2025/09/asnip-asn-reconnaissance-via-domain-and-ip-mapping/)
[Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed](https://www.trendmicro.com/en_us/research/25/i/unmasking-the-gentlemen-ransomware.html)
[Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat'](https://therecord.media/cyber-command-nsa-dual-hat-single-leader-trump-administration)
[Mitsubishi Electric to acquire Nozomi Networks for $883 million](https://therecord.media/nozomi-networks-mitsubishi-electric-acquisition)
[Brazil lesbian dating app shuts down after security flaw exposes sensitive user data](https://therecord.media/brazil-lesbian-dating-app-shuts-down-vulnerability)
[Major blood center says thousands had data leaked in January ransomware attack](https://therecord.media/blood-center-discloses-details-on--january-ransomware-attack)
[Microsoft Patch Tuesday, September 2025 Security Update Review](https://blog.qualys.com/vulnerabilities-threat-research/2025/09/09/microsoft-patch-tuesday-september-2025-security-update-review)
[Apple Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research](https://www.reddit.com/r/netsec/comments/1ncw817/apple_memory_integrity_enforcement_a_complete/)
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
[New Cryptanalysis of the Fiat-Shamir Protocol](https://www.schneier.com/blog/archives/2025/09/new-cryptanalysis-of-the-fiat-shamir-protocol.html)
[ASNiP – ASN Reconnaissance via Domain and IP Mapping](https://www.darknet.org.uk/2025/09/asnip-asn-reconnaissance-via-domain-and-ip-mapping/)
[Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed](https://www.trendmicro.com/en_us/research/25/i/unmasking-the-gentlemen-ransomware.html)
[Cyber Command, NSA to remain under single leader as officials shelve plan to end 'dual hat'](https://therecord.media/cyber-command-nsa-dual-hat-single-leader-trump-administration)
[Mitsubishi Electric to acquire Nozomi Networks for $883 million](https://therecord.media/nozomi-networks-mitsubishi-electric-acquisition)
[Brazil lesbian dating app shuts down after security flaw exposes sensitive user data](https://therecord.media/brazil-lesbian-dating-app-shuts-down-vulnerability)
[Major blood center says thousands had data leaked in January ransomware attack](https://therecord.media/blood-center-discloses-details-on--january-ransomware-attack)
[Microsoft Patch Tuesday, September 2025 Security Update Review](https://blog.qualys.com/vulnerabilities-threat-research/2025/09/09/microsoft-patch-tuesday-september-2025-security-update-review)
[Apple Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research](https://www.reddit.com/r/netsec/comments/1ncw817/apple_memory_integrity_enforcement_a_complete/)
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
New Cryptanalysis of the Fiat-Shamir Protocol - Schneier on Security
A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results. This is a pretty exciting paper from a theoretical perspective, but I don’t see it leading…
Top Security News for Today
European crypto platform SwissBorg to reimburse users after $41 million theft
https://therecord.media/swissborg-platform-solana-cryptocurrency-stolen
Nepal lifts social media ban after deadly youth protests
https://therecord.media/nepal-social-media-ban-lifted-after-deadly-protests
Chinese companies and bosses to face major fines over cybersecurity incidents
https://therecord.media/china-cybersecurity-law-update-penalties-companies-executives
Researchers find spyware on phones belonging to Kenyan filmmakers
https://therecord.media/researchers-spyware-kenya-filmmaker-phone
US investors in spyware firms nearly tripled in 2024: report
https://therecord.media/us-investors-in-spyware-tripled-in-2024
Pwn My Ride: Apple CarPlay RCE - iAP2 protocol and CVE-2025-24132 Explained
https://www.reddit.com/r/netsec/comments/1nd8u5h/pwn_my_ride_apple_carplay_rce_iap2_protocol_and/
Kerberoasting
https://www.reddit.com/r/netsec/comments/1ndc7v1/kerberoasting/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
European crypto platform SwissBorg to reimburse users after $41 million theft
https://therecord.media/swissborg-platform-solana-cryptocurrency-stolen
Nepal lifts social media ban after deadly youth protests
https://therecord.media/nepal-social-media-ban-lifted-after-deadly-protests
Chinese companies and bosses to face major fines over cybersecurity incidents
https://therecord.media/china-cybersecurity-law-update-penalties-companies-executives
Researchers find spyware on phones belonging to Kenyan filmmakers
https://therecord.media/researchers-spyware-kenya-filmmaker-phone
US investors in spyware firms nearly tripled in 2024: report
https://therecord.media/us-investors-in-spyware-tripled-in-2024
Pwn My Ride: Apple CarPlay RCE - iAP2 protocol and CVE-2025-24132 Explained
https://www.reddit.com/r/netsec/comments/1nd8u5h/pwn_my_ride_apple_carplay_rce_iap2_protocol_and/
Kerberoasting
https://www.reddit.com/r/netsec/comments/1ndc7v1/kerberoasting/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
European crypto platform SwissBorg to reimburse users after $41 million theft
Nearly 200,000 Solana coins were stolen from SwissBorg, or about 2% of its assets, according to the platform's CEO. The company pledged to pay users back.
Top Security News for Today
Practice spotting typo squatted domains (Browser game: Typosquat Detective)
https://www.reddit.com/r/netsec/comments/1ne4f2u/practice_spotting_typo_squatted_domains_browser/
Why File Integrity Monitoring (FIM) Is a Must for Compliance — And How to Pick the Right Solution
https://www.tripwire.com/state-of-security/file-integrity-monitoring-fim-compliance-right-solution
Dark Web Search Engines in 2025 – Rankings, Risks & Ethical Trade-offs
https://www.darknet.org.uk/2025/09/dark-web-search-engines-in-2025-rankings-risks-ethical-trade-offs/
UK delays introducing new cybersecurity legislation, again
https://therecord.media/uk-cybersecurity-law-update-csrb-delayed-again
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
https://www.trendmicro.com/en_us/research/25/i/evilai.html
FTC should investigate Microsoft after Ascension ransomware attack, senator says
https://therecord.media/ascension-ransomware-attack-wyden-seeks-ftc-microsoft-investigation
Cyberattacks against schools driven by a rise in student hackers, ICO warns
https://therecord.media/cyberattacks-against-schools-driven-by-student-hackers
Inboxfuscation - a free, open-source obfuscation and detection framework to help security teams detect and stop Unicode-obfuscated Microsoft Exchange inbox rules
https://www.reddit.com/r/netsec/comments/1neaop8/inboxfuscation_a_free_opensource_obfuscation_and/
FTC opens inquiry into how AI chatbots impact child safety, privacy
https://therecord.media/ftc-opens-inquiry-ai-chatbots-kids
Bulletproof Host Stark Industries Evades EU Sanctions
https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Practice spotting typo squatted domains (Browser game: Typosquat Detective)
https://www.reddit.com/r/netsec/comments/1ne4f2u/practice_spotting_typo_squatted_domains_browser/
Why File Integrity Monitoring (FIM) Is a Must for Compliance — And How to Pick the Right Solution
https://www.tripwire.com/state-of-security/file-integrity-monitoring-fim-compliance-right-solution
Dark Web Search Engines in 2025 – Rankings, Risks & Ethical Trade-offs
https://www.darknet.org.uk/2025/09/dark-web-search-engines-in-2025-rankings-risks-ethical-trade-offs/
UK delays introducing new cybersecurity legislation, again
https://therecord.media/uk-cybersecurity-law-update-csrb-delayed-again
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
https://www.trendmicro.com/en_us/research/25/i/evilai.html
FTC should investigate Microsoft after Ascension ransomware attack, senator says
https://therecord.media/ascension-ransomware-attack-wyden-seeks-ftc-microsoft-investigation
Cyberattacks against schools driven by a rise in student hackers, ICO warns
https://therecord.media/cyberattacks-against-schools-driven-by-student-hackers
Inboxfuscation - a free, open-source obfuscation and detection framework to help security teams detect and stop Unicode-obfuscated Microsoft Exchange inbox rules
https://www.reddit.com/r/netsec/comments/1neaop8/inboxfuscation_a_free_opensource_obfuscation_and/
FTC opens inquiry into how AI chatbots impact child safety, privacy
https://therecord.media/ftc-opens-inquiry-ai-chatbots-kids
Bulletproof Host Stark Industries Evades EU Sanctions
https://krebsonsecurity.com/2025/09/bulletproof-host-stark-industries-evades-eu-sanctions/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Practice spotting typo squatted domains (Browser game: Typosquat Detective)
Posted by unknownhad - 6 votes and 4 comments
Top Security News for Today
Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal
https://therecord.media/finland-vastaamo-hacker-free-during-appeal-conviction
How this seasoned bug bounty hunter combines Burp Suite and HackerOne to uncover high-impact vulnerabilities
https://portswigger.net/blog/how-this-seasoned-bug-bounty-hunter-combines-burp-suite-and-hackerone-to-uncover-high-impact-vulnerabilities
Yurei & The Ghost of Open Source Ransomware
https://research.checkpoint.com/2025/yurei-the-ghost-of-open-source-ransomware/
CISA official calls on lawmakers to extend cyber info-sharing law
https://therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015
Vietnam, Panama governments suffer incidents leaking citizen data
https://therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks
DHS inspector general: CISA mismanaged multimillion-dollar employee incentives program
https://therecord.media/cisa-cybersecurity-retention-incentives-dhs-ig-audit
Philippine military company spied upon with new China-linked malware
https://therecord.media/philippines-military-company-suspected-china-espionage-eggstreme-malware
A Cyberattack Victim Notification Framework
https://www.schneier.com/blog/archives/2025/09/a-cyberattack-victim-notification-framework.html
Fine-grained HTTP filtering for Claude Code
https://www.reddit.com/r/netsec/comments/1nff57n/finegrained_http_filtering_for_claude_code/
WSASS - Old But Gold, Dumping LSASS With Windows Error Reporting On Modern Windows 11
https://www.reddit.com/r/netsec/comments/1nfrgc1/wsass_old_but_gold_dumping_lsass_with_windows/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal
https://therecord.media/finland-vastaamo-hacker-free-during-appeal-conviction
How this seasoned bug bounty hunter combines Burp Suite and HackerOne to uncover high-impact vulnerabilities
https://portswigger.net/blog/how-this-seasoned-bug-bounty-hunter-combines-burp-suite-and-hackerone-to-uncover-high-impact-vulnerabilities
Yurei & The Ghost of Open Source Ransomware
https://research.checkpoint.com/2025/yurei-the-ghost-of-open-source-ransomware/
CISA official calls on lawmakers to extend cyber info-sharing law
https://therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015
Vietnam, Panama governments suffer incidents leaking citizen data
https://therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks
DHS inspector general: CISA mismanaged multimillion-dollar employee incentives program
https://therecord.media/cisa-cybersecurity-retention-incentives-dhs-ig-audit
Philippine military company spied upon with new China-linked malware
https://therecord.media/philippines-military-company-suspected-china-espionage-eggstreme-malware
A Cyberattack Victim Notification Framework
https://www.schneier.com/blog/archives/2025/09/a-cyberattack-victim-notification-framework.html
Fine-grained HTTP filtering for Claude Code
https://www.reddit.com/r/netsec/comments/1nff57n/finegrained_http_filtering_for_claude_code/
WSASS - Old But Gold, Dumping LSASS With Windows Error Reporting On Modern Windows 11
https://www.reddit.com/r/netsec/comments/1nfrgc1/wsass_old_but_gold_dumping_lsass_with_windows/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Hacker convicted of extorting 20,000 psychotherapy victims walks free during appeal
A Finnish judge set free Aleksanteri "Julius" Kivimäki, convicted of extorting victims of the Vastaamo psychotherapy center's data breach, as his appeal in the case continues.
Top Security News for Today
🛡️ I’ve started a Pentesting Weekly Digest — would love your feedback & thoughts!
https://www.reddit.com/r/netsec/comments/1nfpp7o/ive_started_a_pentesting_weekly_digest_would_love/
WSASS - Old But Gold, Dumping LSASS With Windows Error Reporting On Modern Windows 11
https://www.reddit.com/r/netsec/comments/1nfrgc1/wsass_old_but_gold_dumping_lsass_with_windows/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
🛡️ I’ve started a Pentesting Weekly Digest — would love your feedback & thoughts!
https://www.reddit.com/r/netsec/comments/1nfpp7o/ive_started_a_pentesting_weekly_digest_would_love/
WSASS - Old But Gold, Dumping LSASS With Windows Error Reporting On Modern Windows 11
https://www.reddit.com/r/netsec/comments/1nfrgc1/wsass_old_but_gold_dumping_lsass_with_windows/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: 🛡️ I’ve started a Pentesting Weekly Digest — would love your feedback & thoughts!
Explore this post and more from the netsec community
Top Security News for Today
On the Security of SSH Client Signatures
https://reporter.deepspecter.com/
2025 Supabase Security Best Practices Guide - Common Misconfigs from Recent Pentests.
https://www.reddit.com/r/netsec/comments/1ngzvfi/2025_supabase_security_best_practices_guide/
New OpenSecurityTraining2 class: "TPM 2.0 Programming using Python and the tpm2-pytss libraries" (~13 hours)
https://www.reddit.com/r/netsec/comments/1nh52qm/new_opensecuritytraining2_class_tpm_20/
Strategies for Analyzing Native Code in Android Applications: Combining Ghidra and Symbolic…
https://www.reddit.com/r/netsec/comments/1nh7yuo/strategies_for_analyzing_native_code_in_android/
pyLDAPGui - Python based GUI for browsing LDAP
https://www.reddit.com/r/netsec/comments/1nh8qvn/pyldapgui_python_based_gui_for_browsing_ldap/
DB3 Team's Solution For Meta KDD Cup' 25
https://arxiv.org/abs/2509.09684
Faster and Memory-Efficient Training of Sequential Recommendation Models for Large Catalogs
https://arxiv.org/abs/2509.09681
Forecasting Clicks in Digital Advertising: Multimodal Inputs and Interpretable Outputs
https://arxiv.org/abs/2509.09682
Text-to-SQL Oriented to the Process Mining Domain: A PT-EN Dataset for Query Translation
https://arxiv.org/abs/2509.09683
TalkPlayData 2: An Agentic Synthetic Data Pipeline for Multimodal Conversational Music Recommendation
https://arxiv.org/abs/2509.09331
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
On the Security of SSH Client Signatures
https://reporter.deepspecter.com/
2025 Supabase Security Best Practices Guide - Common Misconfigs from Recent Pentests.
https://www.reddit.com/r/netsec/comments/1ngzvfi/2025_supabase_security_best_practices_guide/
New OpenSecurityTraining2 class: "TPM 2.0 Programming using Python and the tpm2-pytss libraries" (~13 hours)
https://www.reddit.com/r/netsec/comments/1nh52qm/new_opensecuritytraining2_class_tpm_20/
Strategies for Analyzing Native Code in Android Applications: Combining Ghidra and Symbolic…
https://www.reddit.com/r/netsec/comments/1nh7yuo/strategies_for_analyzing_native_code_in_android/
pyLDAPGui - Python based GUI for browsing LDAP
https://www.reddit.com/r/netsec/comments/1nh8qvn/pyldapgui_python_based_gui_for_browsing_ldap/
DB3 Team's Solution For Meta KDD Cup' 25
https://arxiv.org/abs/2509.09684
Faster and Memory-Efficient Training of Sequential Recommendation Models for Large Catalogs
https://arxiv.org/abs/2509.09681
Forecasting Clicks in Digital Advertising: Multimodal Inputs and Interpretable Outputs
https://arxiv.org/abs/2509.09682
Text-to-SQL Oriented to the Process Mining Domain: A PT-EN Dataset for Query Translation
https://arxiv.org/abs/2509.09683
TalkPlayData 2: An Agentic Synthetic Data Pipeline for Multimodal Conversational Music Recommendation
https://arxiv.org/abs/2509.09331
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Medium
Deep Specter Research – Medium
Read writing from Deep Specter Research on Medium. Exposing digital fraud, regulatory evasion, and corporate manipulation through cyber intelligence.
https://deepspecter.com
https://deepspecter.com