My top #GitHub list for cybersecurity projects is updated for this month. Explore top FOSS projects spanning both the defensive and offensive sides ππ
Find a high-res pdf book with all my #cybersecurity related infographics from study-notes.org
#infosec #pentesting #informationsecurity
Great read! Very interesting use of stenography to obfuscate payloads.
Scoop: CISA plans to embark on a hiring spree and change some workforce policies in an effort to rebuild its depleted ranks ahead of a possible conflict with China, according to a memo from its acting director that I obtained.
www.cybersecuritydive.com/news/cisa-hi...
We identified a malvertising campaign targeting users searching for legitimate software, leading to the download of a trojanized WinSCP installer that deployed Broomstick/OysterLoader.
All files involved in the initial access phase were signed with valid certificates.
Seems the 1 billion records is a collection of all the organizations breached. Salesforce will not be paying the ransom. Also, an interesting note at the end about the leak site potentially being seized
www.bleepingcomputer.com/news/securit...
Super helpful thread - thanks for the intel
LAPSUS have the Red Hat gitlab breach up on their portal
Theyβve posted Consulting Engagement Requests for AIR, AMEX_GBT, Atos_Group (NHS Scotland), BOC, HSBC and Walmart. Also a file tree, 370,852 directories, 3,438,976 files.
cyberplace.social/@GossiTheDog...
The lead U.S. cyber defense agency has furloughed 65% of its staff. The 20-year-old law that encourages organizations to share information on attacks just expired. Happy Cybersecurity Awareness Month! wapo.st/46Nk53R
New: The Multi-State Information Sharing and Analysis Center lost its federal funding at midnight. Here's my story about what happened, why it matters, and how the group β a critical resource for state and local governments β is trying to move forward: www.cybersecuritydive.com/news/ms-isac...
Great write-up from NVISO Labs on #CVE-2025-41244
blog.nviso.eu/2025/09/29/y...
Privilege escalation zero-day in VMWare Tools & Aria Operations actively exploited
When sharing articles or open-source intel, be sure to read and digest the entire article. Be an expert on the data or information you're communicating, or things may slip through the cracks.
Don't just be a reposter; communicate *how* or *why* the information being shared is important.
Public S3 Bucket is not a mistake, it's a 'Growth Hacking Funnel'
www.youtube.com/watch?v=xIk0...
Supply chains are so much fun! jdstaerk.substack.com/p/we-just-fo...
Reading material:
www.nsa.gov/Press-Room/P...
FBI has issued an alert about Russian hackers exploiting a vulnerability in Cisco networking devices to target critical infrastructure orgs & do recon on industrial control systems: www.ic3.gov/PSA/2025/PSA...
Cisco also published research on the group: blog.talosintelligence.com/static-tundra/
Cariddi is a CLI tool for IT pros, developers & infosec pros that scans websites to find hidden endpoints, exposed secrets like API keys and credentials, and sensitive files. It's an ideal tool for bug pentester, providing customizable scans with options for custom endpoint lists, regex patterns etc
Itβs wild that the same day the president did a weird roof dance for no apparent reason, the state dept implements huge visa fees and the head of the HHS cancels vaccine research. This is just one day! And not even all the terrible things that happened! I feel insane!
Scoop: CISA's contract with ICF has expired, reducing the JCDC's contractor workforce from 100+ to just 10. CISA can use emergency money & 2-week extensions to keep those 10 around, but only through Sept. Other contracts also caught up in huge backlog. www.cybersecuritydive.com/news/cisa-jo...
Bose + Windows 11 + Updates rechecking 'handsfree telophony' has one of the deepest rabbit holes through the Windows 11 settings menu. If your audio sucks, check this out.
www.reddit.com/r/Windows11/...
YouTube's changes for payout of AI generated content is promising. There's so much AI garage that pushes genuine and creative content down.
www.merca20.com/goodbye-yout...
I Tried Pre-Ordering the Trump Phone. The Page Failed and It Charged My Credit Card the Wrong Amount
π
This is a big deal. Predatory Sparrowβs past cyber attacks on Iranian steel plants and gas stations have demonstrated tangible effects in Iran. Disrupting the availability of this bankβs funds, or triggering a broader collapse of trust in Iranian banks, could have major impacts there.
CVE-2025-33053 is really interesting. Setting a working directory to a remote WebDAV location and it works. Even worse than hash coercion since you can run something.
Abuse will continue until we fix the legal system to the point they are afraid to do this on camera.
That's the bare minimum. They must be afraid to be recorded in their misdeeds. If we can't hit that VERY LOW bar, abuse will continue unchecked. That was so obviously assault.
ποΈ New Podcast Episode Dropping Soon!
We dive into our latest public report with Randy Pargman, Jake Ouellette, Kostas T., and Mangatas Tondang.
Stay tuned for deep insights, behind-the-scenes analysis, and expert commentary from the front lines of DFIR. π
By me @forbes.com: Ooh, this one could be nasty. #kudos Akamai for the exquisite research.
#infosec
www.forbes.com/sites/daveyw...
Humorous thread on watching Microsoft employees wrangle AI to fix bugs in code.
I don't think developers are going anywhere soon
www.reddit.com/r/Experience...
Another prime example of 'it's in the cloud, its secure'. It's super important to understand attack vectors in the cloud. Serverless is extremely powerful and popular solution, but not immune to attack or misconfigurations.
blog.talosintelligence.com/duping-cloud...
