1. Zscaler researchers identified 239 malicious apps downloaded…
Zscaler researchers identified 239 malicious apps downloaded 42 million times between June 2024 and May 2025 from Google Play, noting a 67% annual increase in mobile malware with prominent threats including banking trojans and remote access tools.
Category: Newsletter
2. A severe vulnerability in the Post SMTP WordPress plugin all…
A severe vulnerability in the Post SMTP WordPress plugin allows attackers to view password reset emails and take over accounts; urgent updates to version 3.6.1 are recommended to prevent exploitation.
Category: Newsletter
3. Attackers exploit globally scoped GitLab runners configured …
Attackers exploit globally scoped GitLab runners configured with shell executors to execute code, steal secrets, and access cloud environments; recommended defenses include removing global runners, container isolation, restrictive IAM roles, and limited access controls.
Category: Newsletter
4. Secure Calls allow communication between the Windows NT kern…
Secure Calls allow communication between the Windows NT kernel and secure kernel via hypercalls managed by the hypervisor; this post reverse-engineers the process and presents a tool to invoke secure calls with custom arguments.
Category: Newsletter
5. Vectra AI integrates cloud, identity, and network tools for …
Vectra AI integrates cloud, identity, and network tools for faster threat detection and fewer false positives; Texas A&M demonstrated savings through Attack Signal Intelligence™ improving SOC performance.
Category: Newsletter
6. curl-impersonate is a customized curl build that mimics popu…
curl-impersonate is a customized curl build that mimics popular browsers like Chrome, Edge, Safari, and Firefox for enhanced HTTP request compatibility.
Category: Newsletter
7. Undelete tool retrieves deleted NPM packages from five regis…
Undelete tool retrieves deleted NPM packages from five registries with metadata, aiding security researchers in malware analysis and threat intelligence gathering.
Category: Newsletter
8. Malanta uses AI to detect attacker digital traces during pre…
Malanta uses AI to detect attacker digital traces during preparation phases to dismantle malicious infrastructure proactively before attacks occur.
Category: Newsletter
9. A China-linked breach of F5 software exposed vulnerabilities…
A China-linked breach of F5 software exposed vulnerabilities for exploits, while workforce reductions and federal shutdowns are impairing US cyber incident response, requiring prioritized defensive strategies by security teams.
Category: Newsletter
10. Meta and CrowdStrike released CyberSOCEval benchmark reveali…
Meta and CrowdStrike released CyberSOCEval benchmark revealing current LLMs show moderate to low performance in malware analysis and threat intelligence reasoning tasks, highlighting the need for domain-specific training and cautious model use.
Category: Newsletter
11. Internal documents show Meta expects 10% of 2024 revenue fro…
Internal documents show Meta expects 10% of 2024 revenue from fraudulent ads, using automated systems with high thresholds before banning advertisers, resulting in recurring exposure of scam ads to users.
Category: Newsletter
12. A federal judge reaffirmed a non-custodial sentence for the …
A federal judge reaffirmed a non-custodial sentence for the engineer responsible for the Capital One breach, maintaining supervised release and restitution despite appeals for harsher punishment.
Category: Newsletter
13. Marks & Spencer reported £136 million in costs from a cybera…
Marks & Spencer reported £136 million in costs from a cyberattack that caused online operations to halt and profits to drop by over 55%.
Category: Newsletter
14. A nation-state actor breached SonicWall’s cloud backups, ste…
A nation-state actor breached SonicWall’s cloud backups, stealing firewall configuration data while no other data was compromised.
Category: Newsletter
15. Venture capital market shows reduced competition with firms …
Venture capital market shows reduced competition with firms converging on similar deals and risk-averse behavior, raising concerns about innovation and market dynamics.
Category: Newsletter