All posts by John Doe

■■□□□ Ransomware group sought BBC reporter’s help in hacking media giant. https://www.bleepingcomputer.com/news/security/ransomware-gang-sought-bbc-reporters-help-in-hacking-media-giant/

■■□□□ Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader. Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader

■■■■□ Zero-Day: DefCon lock picking.

■■■■□ Write-up focuses on bypass of file upload. Known technique. https://infosecwriteups.com/new-technique-bypass-file-upload-4c18cef9f9ed

■■■■□ Iranian State Sponsored Hackers Use SSL.com Certificates to Sign Malware. Security researchers say multiple threat groups, including Iran’s Charming Kitten APT offshoot Subtle Snail, are deploying malware with code-signing certificates from the Houston-based company. https://www.darkreading.com/vulnerabilities-threats/iranian-hackers-ssl-certificates-sign-malware

■■■■□ 🔥CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens 🚀POC -https://github.com/formbricks/formbricks/security/advisories/GHSA-7229-q9pv-j6p4 Dorks: http://product.name=”Formbricks”

■■■□□ Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise. Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise

Claude is hacker as it gets Kali tools via MCP

■■■□□ Federal agencies given one day to patch exploited Cisco firewall bugs. https://therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning

■■■□□ Widespread Infostealer Campaign Targeting macOS Users. Threat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer. https://www.securityweek.com/widespread-infostealer-campaign-targeting-macos-users/