Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets
https://dti.domaintools.com/threat-intelligence-report-apt35-internal-leak-of-hacking-campaigns-against-lebanon-kuwait-turkey-saudi-arabia-korea-and-domestic-iranian-targets/
https://dti.domaintools.com/threat-intelligence-report-apt35-internal-leak-of-hacking-campaigns-against-lebanon-kuwait-turkey-saudi-arabia-korea-and-domestic-iranian-targets/
DomainTools Investigations | DTI
Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and…
Unmasking APT35 (Charming Kitten). New report analyzes leaked internal documents, revealing their operational profile, Exchange attack chains (ProxyShell, EWS), and quota-driven compromise strategies.
Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows
https://connormcgarr.github.io/km-shadow-stacks/
https://connormcgarr.github.io/km-shadow-stacks/
Connor McGarr’s Blog
Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows
Using SourcePoint’s JTAG debugger to investigate the implementation of Intel CET Shadow Stacks in kernel-mode on Windows
This media is not supported in your browser
VIEW IN TELEGRAM
Как быстро почистить картошку
ReCopilot: A Reverse Engineering Copilot for Boosting Binary Analysis with Decompiler
https://github.com/XingTuLab/recopilot
https://github.com/XingTuLab/recopilot
GitHub
GitHub - XingTuLab/recopilot: ReCopilot: Reverse Engineering Copilot in Binary Analysis
ReCopilot: Reverse Engineering Copilot in Binary Analysis - XingTuLab/recopilot
Patch Wednesday: Root Cause Analysis with LLMs
https://www.akamai.com/blog/security-research/patch-wednesday-root-cause-analysis-with-llms
https://www.akamai.com/blog/security-research/patch-wednesday-root-cause-analysis-with-llms
Akamai
Patch Wednesday: Root Cause Analysis with LLMs | Akamai
PatchDiff-AI is a new AI-driven multi-agent system that ingests Patch Tuesday metadata and generates a fully automated root-cause analysis report.
deep dive into an electronic detection and response system deployed by China’s security agencies
https://netaskari.substack.com/p/chinas-guardian-of-secrets
https://netaskari.substack.com/p/chinas-guardian-of-secrets
Substack
China's guardian of secrets: 保密管理系统
NetAskari got exclusive access to internal software used by Chinese security agencies to control data leakage from the internal government network.
Predator iOS Malware: Building a Surveillance Framework - Part 1
https://blog.reversesociety.co/blog/2025/predator-ios-malware-surveillance-framework-part-1
https://blog.reversesociety.co/blog/2025/predator-ios-malware-surveillance-framework-part-1
blog.reversesociety.co
Predator iOS Malware: Building a Surveillance Framework - Part 1 | Reverse Society
How does Predator spyware transform from running code into active surveillance? This technical deep-dive reverse-engineers the internal factory architecture that dynamically creates camera monitoring, VoIP interception, and keylogging modules through Unix…
MCP to help Defenders Detection Engineer Harder and Smarter
https://github.com/MHaggis/Security-Detections-MCP
https://github.com/MHaggis/Security-Detections-MCP
GitHub
GitHub - MHaggis/Security-Detections-MCP: MCP to help Defenders Detection Engineer Harder and Smarter
MCP to help Defenders Detection Engineer Harder and Smarter - MHaggis/Security-Detections-MCP