TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign #TROXStealer #MalwareAsAService #UrgencyBasedAttacks #HackersAdvantage #DeepDiveAnalysis https://sublime.security/blog/trox-stealer-a-deep-dive-into-a-new-malware-as-a-service-maas-attack-campaign/
sublime.security
TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign · Blog · Sublime Security
Deep dive analysis of TROX Stealer, an urgency-based MaaS offering
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet #SuperNoteNomad #0ClickRCE #EInkTablet #SecurityResearch #CVE202532409 https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet
Prizm Labs Website
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet
Details of our SuperNote Nomad research which led to the disclosure of a 0-click RCE vulnerability
🔥2
Dashboard with cybersecurity metrics and statistics from the last 30 days #cyber #monitoring #technology #security #onlineprivacy https://cybermonit.com/
Cybermonit
Cybermonit is a modern platform for monitoring CVS vulnerabilities, data leaks, ransomware attacks and ongoing DDoS attacks, enabling rapid threat identification and effective response to cyber incidents.
We Have a Package for You! A Comprehensive Analysis of Package Hallucinations
by Code Generating LLMs #technical #security #PDF #text #document https://arxiv.org/pdf/2406.10279
by Code Generating LLMs #technical #security #PDF #text #document https://arxiv.org/pdf/2406.10279
Security Analysis: Potential AI Agent Hijacking via MCP and A2A Protocol Insights #SecurityAnalysis #AIAgentHijacking #MCPProtocol #A2AProtocol #SecurityFlaws https://medium.com/@foraisec/security-analysis-potential-ai-agent-hijacking-via-mcp-and-a2a-protocol-insights-cd1ec5e6045f
Medium
Security Analysis: Potential AI Agent Hijacking via MCP and A2A Protocol Insights
Communication protocols represent a core infrastructure accelerating the development and deployment of AI Agents. Anthropic’s Model Context…
Aiding reverse engineering with Rust and a local LLM #Rust #ReverseEngineering #LocalLLM #Security #Vulnerabilities https://security.humanativaspa.it/aiding-reverse-engineering-with-rust-and-a-local-llm/
HN Security
Aiding reverse engineering with Rust and a local LLM - HN Security
Offensive Rust series article that introduces a new AI tool (oneiromancer) to aid with reverse engineering.
SAP Emarsys SDK for Android Sensitive Data Leak (CVE-2023-6542) #SAPEmarsysSDK #AndroidVulnerability #DataLeak #RemoteCodeExecution #RCESecurity https://www.rcesecurity.com/2025/04/sap-emarsys-sdk-for-android-sensitive-data-leak-cve-2023-6542/
Everyone knows your location, Part 2: try it yourself and share the results #LocationData #PrivacyRights #TrafficAnalysis #AppData #Crowdsourcing https://timsh.org/everyone-knows-your-location-part-2-try-it-yourself/
tim.sh
Everyone knows your location, Part 2: try it yourself and share the results
Learn how to record and analyse your mobile device traffic, take an app from the list of "shady" apps and share the results.
SSD Advisory – extract() double-free(5.X)/use-after-free(7.X/8.X) #SSDAdvisory #PHPVulnerability #DoubleFree #UseAfterFree #ArbitraryCodeExecution https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/
SSD Secure Disclosure
SSD Advisory - extract() double-free(5.X)/use-after-free(7.X/8.X) - SSD Secure Disclosure
Summary A vulnerability in PHP’s extract() function allows attackers to trigger a double-free in version 5.x or a user-after-free in versions 7.x, 8.x, which in turn allows arbitrary code execution (native code). Credit An independent security researcher…
AES & ChaCha — A Case for Simplicity in Cryptography #AES #ChaCha #Cryptography #Simplicity #Comparison https://phase.dev/blog/chacha-and-aes-simplicity-in-cryptography/
phase
AES & ChaCha — A Case for Simplicity in Cryptography | Phase Blog
A technical deep dive into how the ChaCha20 cipher is taking on AES as the gold standard for symmetric encryption, and a lesson about the power of simplicity in cryptographic design.
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation #SuperCardX #NFCRelayFraud #ChineseMaaS #AndroidMalware #LowDetectionRate https://www.cleafy.com/cleafy-labs/supercardx-exposing-chinese-speaker-maas-for-nfc-relay-fraud-operation
Cleafy
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation | Cleafy
A new fraud campaign based on the Android malware "SuperCard X" and innovative NFC relay techniques is impacting Italian's banking. Read our latest report to learn more.
CVE-2025-25364: Speedify VPN MacOS privilege Escalation #CVE-2025-25364 #SpeedifyVPN #MacOS #PrivilegeEscalation #Patch https://blog.securelayer7.net/cve-2025-25364-speedify-vpn-macos-escalation/
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
CVE-2025-25364: Speedify VPN MacOS privilege Escalation
SecureLayer7 discovered CVE-2025-25364, which is a critical command injection vulnerability discovered in the me.connectify.SMJobBlessHelper XPC service, a privileged helper tool...
New Bug Bounty Programs #BugBountyRadar #PublicPrograms #LatestPrograms #Scope #Rewards https://bbradar.io/
bbradar.io
The Bug Bounty Radar - The Latest Public Bug Bounty Programs | The Bug Bounty Radar
The Bug Bounty Radar - Discover and explore the latest public bug bounty programs from top platforms. Find security research opportunities, compare rewards, and access the most comprehensive bug bounty database. 8 new programs added recently.
IoT Network Security: Analyzing Decrypted Zigbee Traffic Data #IoTNetworkSecurity #DecryptedZigbeeTraffic #DataAnalysis #NetworkEncryption #DeviceCommunicationBehaviors https://rackenzik.com/enhancing-iot-network-security-and-performance-insights-from-decrypted-zigbee-traffic-data/
Compilation Parser And AST #ParserWorkflow #V8internals #LazyParsing #ParserBug #ScopesInJavascript https://w1redch4d.github.io/post/parser-workflow/
Jumping the line: How MCP servers can attack you before you ever use them #MCP #Vulnerabilities #PromptInjection #SecurityThreats #LineJumpingAttacks https://blog.trailofbits.com/2025/04/21/jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them/?hss_channel=lcp-912286
The Trail of Bits Blog
Jumping the line: How MCP servers can attack you before you ever use them
MCP’s ’line jumping’ vulnerability lets malicious servers inject prompts through tool descriptions to manipulate AI behavior before tools are ever invoked.
New Pacu Module: Secret Enumeration in Elastic Beanstalk #NewPacuModule #SecretEnumeration #ElasticBeanstalk #RhinoSecurityLabs #PenetrationTesting https://rhinosecuritylabs.com/tools/new-pacu-module-enumerating-elastic-beanstalk/
Rhino Security Labs
New Pacu Module: Secret Enumeration in Elastic Beanstalk
Pacu's newest scenario, enumerating Elastic Beanstalk for Secrets, was built to save users hours of testing during an AWS penetration test.
How I made $64k from deleted files — a bug bounty story #BugBountyStory #GitHubSecrets #AutomationSuccess #DeletedFiles #64kBounty https://medium.com/@sharon.brizinov/how-i-made-64k-from-deleted-files-a-bug-bounty-story-c5bd3a6f5f9b
Medium
How I made $64k from deleted files — a bug bounty story
TL;DR — I built an automation that cloned and scanned tens of thousands of public GitHub repos for leaked secrets. For each repository I…
Local privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731) #LocalPrivilegeEscalation #ZyxelUSGFLEX #CVE20251731 #HNsecurity #fuzzing https://security.humanativaspa.it/local-privilege-escalation-on-zyxel-usg-flex-h-series-cve-2025-1731/
hn security
Local privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731) - hn security
“So we wait, this is our […]
👍1
XRP supply chain attack: Official NPM package infected with crypto stealing backdoor #XRPsupplychainattack #OfficialNPMpackage #CryptoStealingBackdoor #MalwareDetection #AikidoSecurity https://www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor
www.aikido.dev
XRP supply chain attack: Official NPM package infected with crypto stealing backdoor
The official XPRL (Ripple) NPM package was compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets.