WeLiveSecurity

OceanLotus: From external espionage to domestic targeting

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
WeLiveSecurity

FishMonger’s arsenal upgraded: SprySOCKS for Windows

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...
The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
ZDNet

I install these 11 apps on every new Linux system, and you should, too - here's why

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Bleeping Computer

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. Tool and payload development ...
Bleeping Computer

Chinese hackers use new Atlas RAT malware in European cyberattacks

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. Tracked as TA4922, the threat actor is ...
GitHub

hv_defeat_0304.c

uint64_t mmio_va = *(uint64_t *)(softc + IOMMU_SC_MMIO_VA); uint64_t cb2_va = *(uint64_t *)(softc + IOMMU_SC_CB2_PTR); uint64_t cb3_va = *(uint64_t *)(softc + IOMMU ...
IEEE

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Abstract: Developing a remote exploit is not easy. It requires a comprehensive understanding of a vulnerability and delicate techniques to bypass defense mechanisms. As a result, attackers may prefer ...
GitHub

AnduinOS is a custom Ubuntu-based Linux distribution that offers a familiar and easy-to-use experience for anyone moving to Linux.

If you are looking for the source code of AnduinOS 2, please check the AnduinOS 2 repository. To edit the build parameters, modify the ./src/args.sh file. That's it. The built file will be an ISO file ...
IEEE

Emoji shellcoding in RISC-V

Abstract: Shellcodes are short, executable code fragments that are utilized in various attack scenarios where code execution is possible. When they are injected through the program's inputs, they may ...
Cyber Wire

Cybersecurity Terms

Terms often used in cybersecurity discussions and education, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at [email protected].