India's sovereign platform for aggregating and disseminating cyber threat intelligence.

https://ctigrid.arpsyndicate.io

SlowMist Researchers dive deep into the Lockbit Breach.

https://slowmist.medium.com/when-hackers-get-hacked-analyzing-the-breach-of-lockbit-23b8f553747d

Ben Folland explores how defenders can exploit flaws in Telegram-based malware to disrupt C2 communications subsequently revealing insights into their backend infrastructure and other cybercrime activities.

https://polygonben.github.io/malware%20analysis/Compromising-Threat-Actor-Communications/

U.S. is investigating hidden communication tech in Chinese solar and battery equipment while pushing for trusted gear in its power grid.

https://www.reuters.com/sustainability/climate-energy/ghost-machine-rogue-communication-devices-found-chinese-inverters-2025-05-14/

OpenBullet 2 is a popular tool among attackers for credential-stuffing attacks, offering features like proxy support and CAPTCHA farm integration. Its user-friendly interface and availability of pre-made LoliScript configurations make it accessible even to non-developers.

https://blog.castle.io/open-bullet-2-fraudsters-preferred-credential-stuffing-tool-2/

In 2017, Qihoo 360 founder Zhou Hongyi criticized Chinese experts joining foreign hackathons, urging that discovered vulnerabilities stay within China. His stance aligned with national policy, as domestic competitions now require reporting all findings to the government.

https://youtu.be/8kpnSb4yGR0

https://www.bloomberg.com/news/articles/2025-04-30/chinese-hacking-competitions-fuel-the-country-s-broad-cyber-ambitions

🚨 Stay ahead with real-time CVE scoring updates!

Track daily changes in EPSS & VEDAS at:
👉 https://vedas.arpsyndicate.io

We also push bulk updates to GitHub:
📈 https://github.com/ARPSyndicate/cve-scores

Need deeper CVE insights?
Try our enrichment API:
🔍 https://api.exploit.observer/?keyword=CVE-2025-32370&enrich=True

Sean Heelan discovered a critical zero-day vulnerability, CVE-2025-37899 in the Linux kernel's ksmbd module using OpenAI's o3 language model. This marks one of the first instances where a large language model has independently identified a complex kernel-level security flaw.

https://sean.heelan.io/2025/05/22/how-i-used-o3-to-find-cve-2025-37899-a-remote-zeroday-vulnerability-in-the-linux-kernels-smb-implementation/

In late October 2024, GTIG identified a compromised government website being used to distribute malware targeting multiple other government organizations. This site delivered a malware strain named TOUGHPROGRESS which utilized Google Calendar as a command and control (C2) mechanism.

https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics