US security agency urges Android and iPhone users to stop using personal VPNs
https://www.techradar.com/vpn/vpn-privacy-security/us-security-agency-urges-android-and-iphone-users-to-stop-using-personal-vpns
https://www.techradar.com/vpn/vpn-privacy-security/us-security-agency-urges-android-and-iphone-users-to-stop-using-personal-vpns
TechRadar
US security agency urges Android and iPhone users to stop using personal VPNs
CISA warned that many commercial VPNs could be putting your data at greater risk
Remote code execution via ND6 Router Advertisements
https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc
https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc
BlueDelta’s Persistent Campaign (Technical Analysis)
https://www.recordedfuture.com/research/bluedeltas-persistent-campaign-against-ukrnet
https://www.recordedfuture.com/research/bluedeltas-persistent-campaign-against-ukrnet
Recordedfuture
BlueDelta’s Persistent Campaign Against UKR.NET
Discover how Russia’s BlueDelta targets UKR.NET users with advanced credential-harvesting campaigns, evolving tradecraft, and multi-stage phishing techniques.
Time Nist Gov Incorrect Time
The affected servers are:
https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I
The affected servers are:
time-a-b.nist.gov
time-b-b.nist.gov
time-c-b.nist.gov
time-d-b.nist.gov
time-e-b.nist.gov
ntp-b.nist.gov (authenticated NTP)https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I
MacSync Stealer Evolves: From ClickFix to Code-Signed Swift Malware
https://www.jamf.com/blog/macsync-stealer-evolution-code-signed-swift-malware-analysis/
https://www.jamf.com/blog/macsync-stealer-evolution-code-signed-swift-malware-analysis/
Fake WordPress Domain Renewal Phishing Email Stealing Credit Card And 3-D Secure OTP
https://malwr-analysis.com/2025/12/31/fake-wordpress-domain-renewal-phishing-email-stealing-credit-card-and-3-d-secure-otp/
https://malwr-analysis.com/2025/12/31/fake-wordpress-domain-renewal-phishing-email-stealing-credit-card-and-3-d-secure-otp/
Malware Analysis, Phishing, and Email Scams
Fake WordPress Domain Renewal Phishing Email Stealing Credit Card And 3-D Secure OTP
Overview I investigated a phishing email impersonating WordPress.com that claims a domain renewal is due soon and urges immediate action to prevent service disruption. The campaign leads victims to…
Analyzing PHALT#BLYX: How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection
https://www.securonix.com/blog/analyzing-phaltblyx-how-fake-bsods-and-trusted-build-tools-are-used-to-construct-a-malware-infection/
https://www.securonix.com/blog/analyzing-phaltblyx-how-fake-bsods-and-trusted-build-tools-are-used-to-construct-a-malware-infection/
Securonix
Analyzing PHALT#BLYX: How Fake BSODs and Trusted Build Tools Are Used to Construct a Malware Infection
https://www.cve.org/CVERecord?id=CVE-2025-36911
In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation
In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation
Dissecting CrashFix: KongTuke's New Toy
https://www.huntress.com/blog/malicious-browser-extention-crashfix-kongtuke
https://www.huntress.com/blog/malicious-browser-extention-crashfix-kongtuke
Huntress
Dissecting CrashFix: KongTuke's New Toy | Huntress
Fake ad blocker crashes your browser, then offers a "fix." Go inside KongTuke's CrashFix campaign, from malicious extension to ModeloRAT for VIP targets.
7 ваучеров на 100% скидку The Linux Foundation
+ 7 доступов к видеокурсу Kubernetes База
Ваучеры применимы к любому:
— онлайн-курсу
— сертификационному экзамену (CKA, CKS, CKAD и не только)
— или пакету (курс + сертификация)
29 января подведем итоги и выберем 7 победителей. Каждый победитель получит ваучер + доступ к курсу от Slurm.
Актививация активна до 07.01.2027, после будет 1 год и 2 попытки, чтобы завершить обучение и сдать экзамен.
Детали здесь - https://core247.kz/cncf
+ 7 доступов к видеокурсу Kubernetes База
Ваучеры применимы к любому:
— онлайн-курсу
— сертификационному экзамену (CKA, CKS, CKAD и не только)
— или пакету (курс + сертификация)
29 января подведем итоги и выберем 7 победителей. Каждый победитель получит ваучер + доступ к курсу от Slurm.
Актививация активна до 07.01.2027, после будет 1 год и 2 попытки, чтобы завершить обучение и сдать экзамен.
Детали здесь - https://core247.kz/cncf
UNO reverse card: stealing cookies from cookie stealers
https://www.cyberark.com/resources/threat-research-blog/uno-reverse-card-stealing-cookies-from-cookie-stealers
P.S. реклама даже в панели управления малвари присутствует 😁
https://www.cyberark.com/resources/threat-research-blog/uno-reverse-card-stealing-cookies-from-cookie-stealers
P.S. реклама даже в панели управления малвари присутствует 😁
Cyberark
UNO reverse card: stealing cookies from cookie stealers
Criminal infrastructure often fails for the same reasons it succeeds: it is rushed, reused, and poorly secured. In the case of StealC, the thin line between attacker and victim turned out to be...
Weaponizing Calendar Invites: A Semantic Attack on Google Gemini
https://www.miggo.io/post/weaponizing-calendar-invites-a-semantic-attack-on-google-gemini
https://www.miggo.io/post/weaponizing-calendar-invites-a-semantic-attack-on-google-gemini
www.miggo.io
Weaponizing Calendar Invites: How Prompt Injection Bypassed Google Gemini’s Controls
A deep dive into a real-world prompt injection in Google Gemini that enabled a calendar authorization bypass and exposed AI-native attack surfaces.
Evading Elastic Security: Linux Rootkit Detection Bypass
https://matheuzsecurity.github.io/hacking/bypassing-elastic/
https://matheuzsecurity.github.io/hacking/bypassing-elastic/
0xMatheuZ
Evading Elastic Security: Linux Rootkit Detection Bypass
Bypassing YARA rules and behavioral detection through symbol randomization, module fragmentation, XOR encoding, and ICMP reverse shell staging