DiffRays is a research-oriented tool for binary patch diffing, designed to aid in vulnerability research, exploit development, and reverse engineering. It leverages IDA Pro and the IDA Domain API to extract pseudocode of functions and perform structured diffing between patched...
Microsoft has introduced a new hardware-accelerated version of its built-in BitLocker encryption in Windows 11. The feature is designed to boost performance and reduce CPU load by offloading heavy cryptographic operations to dedicated security...
Commercial robots have proved far less secure than many assume. Security researchers are increasingly demonstrating that certain machines can be taken over in a matter of minutes, and that flaws in software logic can...
The world’s largest online black markets may no longer reside in the dark web, but openly on Telegram itself. According to analysts, a sprawling network of Chinese-language “guarantor markets” has taken root on the...
Microsoft has released an out-of-band update to address a Message Queuing issue that emerged after the December 2025 update. The newly issued patches apply to Windows 10 22H2 ESU, Windows 10 Enterprise LTSC 2021,...
SAMLSmith is a C# tool for generating custom SAML responses and implementing Silver SAML and Golden SAML attacks. It provides comprehensive functionality for security researchers and penetration testers working with SAML-based authentication systems. Use...
A critical vulnerability in the globally used workflow automation platform n8n allows attackers to execute arbitrary code remotely. Tracked as CVE-2025-68613, the flaw carries an exceptionally high CVSS score of 9.9 out of 10....
U.S. law enforcement authorities have announced the seizure of a domain used in a large-scale scheme to steal bank accounts. According to the U.S. Department of Justice, the site—web3adspanels[.]org—served as a control hub for...
Threat actors have begun repurposing a legitimate server monitoring tool as a ready-made platform for remotely controlling systems that have already been compromised. According to the Ontinue Cyber Defense Center, recent incidents involve Nezha,...
A malicious package named lotusbail has been uncovered in the npm repository, masquerading as a library for working with WhatsApp Web while quietly siphoning conversations and granting attackers persistent access to user accounts. According...
Spotify has blocked a number of accounts after the Anna’s Archive team publicly released a dataset collected from the streaming platform. According to the group, the trove comprises 86 million audio files and an...
OpenAI has released a security update for ChatGPT Atlas, a browser equipped with a built-in “agent mode” that can browse the web and act within it almost like a human—clicking, typing, and carrying out...
