The pentester's Swiss knife

Storm-0501

How Storm-0501 is Pivoting to Cloud-Native Attacks

According to a report by Microsoft Threat Intelligence, the group Storm-0501 has shifted its focus from traditional on-premises ransomware campaigns to tactics centered on cloud services. Whereas in the past attackers deployed encryptors onto...

Chinese APT Data I/O Ransomware Canadian government cyberattack Luxembourg Cyberattack Air Serbia Cyberattack, Airline Breach Brazil Bank Hack ICC Cyberattack CVE-2024-21410

NSA, CISA, & Partners Expose Chinese APT Groups

The U.S. National Security Agency, the U.K.’s National Cyber Security Centre, and partners from more than ten countries have attributed the global Salt Typhoon operations to three Chinese technology companies. Now, the FBI and...

Github osint framework

Octosuite: Advanced Github OSINT Framework

Octosuite Octosuite is an open-source lightweight yet advanced osint framework that targets GitHub users and organizations. With over 20+ features, Octosuite only runs on 2 external dependencies. And returns the gathered intelligence in a...

Citrix NetScaler, Critical Vulnerability

CVE-2025-7775: NetScaler Zero-Day Is Under Active Attack

NetScaler has issued an urgent advisory warning administrators of three newly discovered vulnerabilities in NetScaler ADC and NetScaler Gateway—one of which is already being actively exploited. Updates are now available, and the vendor strongly...

ZipLine

ZipLine: New Campaign Triggers Victims to Call Hackers

Researchers at Check Point Research have uncovered a new targeted campaign, dubbed ZipLine, which leverages the malicious tool MixShell against industrial and high-tech companies. The hallmark of this operation lies in its unorthodox delivery...