All posts in Uncategorized

📡🛰 For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer https://github.com/sjmurdoch/gps-special-messages https://x.com/i/status/2061829547289387209

■■■□□ Lookalike Ghidra, dnSpy, and other download sites turned trusted clicks into TDS redirects. CPR found click hijacking, gated routing, and multiple malware families downstream — including an evasive, previously undocumented framework we call SessionGate. https://research.checkpoint.com/2026/impersonation-click-hijacking-and-tds-inside-a-malware-distribution-ecosystem/

■■□□□ CYBER INTELLIGENCE ALERT: ZERO-DAY VULNERABILITY EXPLOITATION — SERVERS IN CHINA 🇨🇳 [ STATUS: UNCONFIRMED / ACTIVE EXPLOITATION / THREAT ASSESSMENT] An active exploitation campaign targeting web servers and applications in .cn domains has been detected, using zero-day vulnerabilities to gain root access. Affected Entities: Multiple web servers and applications hosted under the .cn domain.…

■■■■□ CVE-2026-48778 & CVE-2026-48800 | Notepad++ | CVSS 7.8 HIGH 🐛 Config file injection – fake Run menu entries execute attacker code and survive reboots ✅ Fixed: Notepad++ 8.9.6.1 (May 27) https://notepad-plus-plus.org/news/v8961-released/

■■■□□ Claude-Red: Offensive security skills for Claude — drop-in SKILL.md files that turn Claude into a context-aware red team operator. https://github.com/SnailSploit/Claude-Red

■■■■■ Bypassing Windows Defender and AMSI: A Practical Defense Evasion Guide for Red Team Operators. Bypassing Windows Defender and AMSI: A Practical Defense Evasion Guide for Red Team Operators

■■■□□ Air-Gap Bridge via QR codes. A side channel attack to bypass DLP mechanisms. https://ckure.org/rx/QR-Beam 🔥Developer mentioned that he shall add Giber-Link in future that will allow audio based data transfer.

🔗🆒🆒🔤🆒🆒🆒🆒 Transfer data between devices using just QR codes! QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn’t new, but was focused on turning it into a practical, production-ready solution with several improvements over…

■■□□□ Threat actor Golden Falcon is targeting US allies. And claim to have hacked Japan’s solar power station.

🇮🇷📢 Iranian signal jammers have begun jamming more frequencies, mostly used by the Israeli Navy 🇮🇱