Japan, South Korea Take Aim at North Korean IT Worker Scam
Japan, South Korea Take Aim at North Korean IT Worker Scam Summary Japan, South Korea and the United States convened a joint forum in Tokyo on 26 August to coordinate…
Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware
Russia’s APT28 Targets Microsoft Outlook With ‘NotDoor’ Malware Summary Researchers from Lab52 (S2 Grupo) have identified a new Outlook-focused backdoor used by APT28 (Fancy Bear) called NotDoor. The implant is…
Two arrested in Egypt as authorities take down Streameast sports piracy platform
Two arrested in Egypt as authorities take down Streameast sports piracy platform Summary The Alliance for Creativity and Entertainment (ACE) worked with Egyptian authorities to shut down Streameast, a large…
Android drops mega patch bomb – 120 fixes, two already exploited
Android drops mega patch bomb – 120 fixes, two already exploited Summary Google’s September Android security bulletin ships 120 fixes — the largest monthly bundle this year. Two high-severity flaws…
Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs
Crims claim HexStrike AI penetration tool makes quick work of Citrix bugs Content summary Attackers on underground forums claim they used HexStrike AI, an open-source AI-driven penetration testing framework, to…
US puts $10M bounty on three Russians accused of attacking critical infrastructure
US puts $10M bounty on three Russians accused of attacking critical infrastructure Summary The US State Department has offered a $10 million reward for information leading to three Russian nationals…
Congressional panel throws cyber threat intel-sharing, funding a lifeline
Congressional panel throws cyber threat intel-sharing, funding a lifeline Summary US House Homeland Security Committee advanced two bills to extend key cyber threat information‑sharing protections and state/local cybersecurity funding before…
Cloudflare Stops New World’s Largest DDoS Attack Over Labor Day Weekend
Cloudflare Stops New World’s Largest DDoS Attack Over Labour Day Weekend Summary Cloudflare says it blocked a record-breaking distributed denial-of-service (DDoS) attack over the Labour Day weekend that peaked at…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation
Summary An independent research duo built an AI-driven pipeline, dubbed Auto Exploit, that uses an LLM (Anthropic’s Claude-sonnet-4.0), CVE advisories and public patches to create vulnerable test apps, generate proof-of-concept…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation Summary An AI-powered offensive research system — dubbed Auto Exploit by its creators — used prompts to a large language model (Anthropic’s Claude-sonnet-4.0),…