All posts by John Doe

■■■■□ Hacking My Car, and probably yours— Security Flaws in Volkswagen’s App. https://loopsec.medium.com/hacking-my-car-and-probably-yours-security-flaws-in-volkswagens-app-24b34c47ba89

■■■■■ Windows 11 Hacked — Three New Pwn²Own Zero-Days Deployed. 75,000 💵 USD rewarded for Windows 11 EoP bugs. https://www.forbes.com/sites/daveywinder/2025/05/17/windows-11-hacked—three-new-zero-days-deployed-by-pwn2own-elite/

■■■■□ Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attack. Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. https://thehackernews.com/2025/05/fileless-remcos-rat-delivered-via-lnk.html

3️⃣ HTML to PDF Renderer: A tale of local file access and shellcode execution. https://neodyme.io/en/blog/html_renderer_to_rce/

■■■■□ United States 🇺🇸 Considers Banning TP-Link Routers Over Security Concerns Three US federal agencies are investigating TP-Link, which makes up 65% of the US router market, according to a new report. https://www.pcmag.com/news/tp-link-accused-of-keeping-router-prices-low-to-help-china-conduct-cyberattacks https://www.hudson.org/information-technology/chinese-wireless-routers-next-entry-point-state-sponsored-hackers-michael-orielly

■■■□□ Metamorphic Code Example (Malware Mutation). https://stackoverflow.com/questions/10113254/metamorphic-code-examples

■■■■■ Writing a Self-Mutating Malware. https://0x00sec.org/t/writing-a-self-mutating-malware/40213/2

■■■■■ Litterbox: Sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment. https://github.com/BlackSnufkin/LitterBox

■■■□□ Google says hackers behind UK retail cyber campaign now also targeting US. https://therecord.media/scattered-spider-suspected-retail-hackers-google-alert

■■□□□ DEFCON32 Exploiting insecure OTA updates to create the worlds first toothbrush Botnet. The author dumped the firmware and discovered that the toothbrush tries to connect to a specific Wi-Fi network with the password “12345678” to search for updates. Now, they can connect to other toothbrushes.