Meta is waging an intense campaign against organized scam networks in Southeast Asia, where dozens of fraudulent schemes operate in parallel. In just the first half of the year, more than 6.8 million WhatsApp...
The Kimsuky group has once again found itself at the center of attention following a campaign that deftly combined social engineering tactics with sophisticated techniques for bypassing Windows security mechanisms. Their targets included South...
TeamFiltration TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the Example Attack flow at the bottom of this readme for a general introduction into how TeamFiltration works! This tool has...
The concept of connecting large language models to external data sources is swiftly transitioning from experimental novelty to everyday practice. Today, ChatGPT is capable not only of engaging in conversation, but also of interacting...
toxssin toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by...
The NetBSD team has officially announced the commencement of preparations for the release of version 11: a dedicated code branch has been created, and the project has now entered the phase of active testing....
Microsoft has unveiled an autonomous artificial intelligence system capable of analyzing and classifying software without any human intervention. The prototype, named Project Ire, is designed to detect malicious code at scale. According to Microsoft...
The top spot in HackerOne’s global ranking is no longer held by a human, but by a machine. Behind the alias “XBOW” is not a living researcher, but an AI-driven system that has already...
Trust in familiar IT tools is increasingly being weaponized by malicious actors: remote monitoring and management (RMM) solutions—originally designed for administration and support—are now leveraged for attacks, covert control, and data exfiltration. Security professionals...
Google has released a series of urgent security updates for Android, addressing multiple critical vulnerabilities, including two actively exploited flaws within Qualcomm components. This round of patches places particular emphasis on CVE-2025-21479 (rated 8.6...