digicat@infosec.pubMEnglish · 12 hours agoCTO at NCSC Summary: week ending December 28thplus-squarepinctoatncsc.substack.comexternal-linkmessage-square0linkfedilinkarrow-up13arrow-down10
arrow-up13arrow-down1external-linkCTO at NCSC Summary: week ending December 28thplus-squarepinctoatncsc.substack.comdigicat@infosec.pubMEnglish · 12 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 12 hours ago‘All brakes are off’: Russia’s attempt to rein in illicit market for leaked data backfiresplus-squarewww.theguardian.comexternal-linkmessage-square1linkfedilinkarrow-up18arrow-down10
arrow-up18arrow-down1external-link‘All brakes are off’: Russia’s attempt to rein in illicit market for leaked data backfiresplus-squarewww.theguardian.comdigicat@infosec.pubMEnglish · 12 hours agomessage-square1linkfedilink
digicat@infosec.pubMEnglish · 37 minutes agogpg.failplus-squaregpg.failexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down11
arrow-up10arrow-down1external-linkgpg.failplus-squaregpg.faildigicat@infosec.pubMEnglish · 37 minutes agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoRegistry Writes Without Registry Callbacksdeceptiq.comexternal-linkmessage-square1linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkRegistry Writes Without Registry Callbacksdeceptiq.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square1linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoUAC-0184 | "The Dark Side of the Fallen Files" Pitching Operation - They attack Ukrainian military personnel by deploying malicious LNK files or PowerShell scripts, leading to Remcos infections.mp.weixin.qq.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkUAC-0184 | "The Dark Side of the Fallen Files" Pitching Operation - They attack Ukrainian military personnel by deploying malicious LNK files or PowerShell scripts, leading to Remcos infections.mp.weixin.qq.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 10 hours agoCVE-2025-54322 - XSpeeder (SXZOS) pre-auth RCE - Unauthenticated Root RCE affecting ~70,000+ Hosts - Xspeeder is a Chinese networking vendor known for edge devices like routers, SD-WAN appliances etc.plus-squarepwn.aiexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCVE-2025-54322 - XSpeeder (SXZOS) pre-auth RCE - Unauthenticated Root RCE affecting ~70,000+ Hosts - Xspeeder is a Chinese networking vendor known for edge devices like routers, SD-WAN appliances etc.plus-squarepwn.aidigicat@infosec.pubMEnglish · 10 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 12 hours agoMalwareTracesGenerator: Generate malware traces for detection testsplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkMalwareTracesGenerator: Generate malware traces for detection testsplus-squaregithub.comdigicat@infosec.pubMEnglish · 12 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoCross-Site ETag Length Leak - can be used as an XS-Leak oracleplus-squareblog.arkark.devexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkCross-Site ETag Length Leak - can be used as an XS-Leak oracleplus-squareblog.arkark.devdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agomonitors a given folder and dumps the contents to a dump directory - useful to obtain changed/dropped/extracted files during dynamic malware analysiplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkmonitors a given folder and dumps the contents to a dump directory - useful to obtain changed/dropped/extracted files during dynamic malware analysiplus-squaregithub.comdigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 11 hours agoColdFusion++ Christmas Campaign: Catching a Coordinated Callback Calamityplus-squarewww.labs.greynoise.ioexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkColdFusion++ Christmas Campaign: Catching a Coordinated Callback Calamityplus-squarewww.labs.greynoise.iodigicat@infosec.pubMEnglish · 11 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 12 hours agoLinux.Detection.CVE202514847.MongoBleed :: Velociraptorplus-squaredocs.velociraptor.appexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkLinux.Detection.CVE202514847.MongoBleed :: Velociraptorplus-squaredocs.velociraptor.appdigicat@infosec.pubMEnglish · 12 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 12 hours agoFindExposedMongoDB.kql - Find Internet exposed assets, onboard to MDE and mongoDB installed. Based on common network port or TVM dataplus-squaregist.github.comexternal-linkmessage-square0linkfedilinkarrow-up11arrow-down10
arrow-up11arrow-down1external-linkFindExposedMongoDB.kql - Find Internet exposed assets, onboard to MDE and mongoDB installed. Based on common network port or TVM dataplus-squaregist.github.comdigicat@infosec.pubMEnglish · 12 hours agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 1 day agoHP Aruba Privileged Escalation Dec 2025plus-squarethecontractor.ioexternal-linkmessage-square0linkfedilinkarrow-up12arrow-down10
arrow-up12arrow-down1external-linkHP Aruba Privileged Escalation Dec 2025plus-squarethecontractor.iodigicat@infosec.pubMEnglish · 1 day agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoSpearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizationsplus-squaresocket.devexternal-linkmessage-square0linkfedilinkarrow-up17arrow-down11
arrow-up16arrow-down1external-linkSpearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizationsplus-squaresocket.devdigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoCVE-2025-14847 - MongoDB Unauthenticated Memory Leak Exploit - A proof-of-concept exploit for the MongoDB zlib decompression vulnerability that allows unauthenticated attackers to leak sensitive serveplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up16arrow-down10
arrow-up16arrow-down1external-linkCVE-2025-14847 - MongoDB Unauthenticated Memory Leak Exploit - A proof-of-concept exploit for the MongoDB zlib decompression vulnerability that allows unauthenticated attackers to leak sensitive serveplus-squaregithub.comdigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoReviving Discarded Vulnerabilities: Exploiting Previously Unexploitable Linux Kernel Bugs Through Control Metadata Fieldslujie.ac.cnexternal-linkmessage-square0linkfedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkReviving Discarded Vulnerabilities: Exploiting Previously Unexploitable Linux Kernel Bugs Through Control Metadata Fieldslujie.ac.cndigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoLangChain serialization injection vulnerability enables secret extraction in dumps/loads APIsplus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkLangChain serialization injection vulnerability enables secret extraction in dumps/loads APIsplus-squaregithub.comdigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoCPLDCOMTrigger: CPL remote trigger - A Python script depends on Impacket scripts to trigger the loading of a .cpl file into memory using a DCOM object.plus-squaregithub.comexternal-linkmessage-square0linkfedilinkarrow-up15arrow-down10
arrow-up15arrow-down1external-linkCPLDCOMTrigger: CPL remote trigger - A Python script depends on Impacket scripts to trigger the loading of a .cpl file into memory using a DCOM object.plus-squaregithub.comdigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoTRM Traces Stolen Crypto from 2022 LastPass Breach — On-chain Indicators Suggest Russian Cybercriminal Involvementplus-squarewww.trmlabs.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkTRM Traces Stolen Crypto from 2022 LastPass Breach — On-chain Indicators Suggest Russian Cybercriminal Involvementplus-squarewww.trmlabs.comdigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
digicat@infosec.pubMEnglish · 2 days agoEmEditor 供应链事件细节披露:分发窃密特马席卷国内政企 - Details of the EmEditor supply chain incident revealed: Distribution of stolen MITBBS tokens sweeps across domestic government and enterprises.mp.weixin.qq.comexternal-linkmessage-square0linkfedilinkarrow-up14arrow-down10
arrow-up14arrow-down1external-linkEmEditor 供应链事件细节披露:分发窃密特马席卷国内政企 - Details of the EmEditor supply chain incident revealed: Distribution of stolen MITBBS tokens sweeps across domestic government and enterprises.mp.weixin.qq.comdigicat@infosec.pubMEnglish · 2 days agomessage-square0linkfedilink
