Delinea Protocol Handler - Return of the MSI: RCE via Custom Launcher

MacNoise is an extensible and modular macOS system telemetry generation framework. It generates real system events (network connections, file writes, process spawns, plist mutations, TCC permissionetc

What Windows Server 2025 Quietly Did to Your NTLM Relay

Zerobot Malware Targets n8n Automation Platform - active exploitation of command injection vulnerabilities CVE-2025-7544 and CVE-2025-68613 against Tenda AC1206 routers and the n8n automation platform

Exploiting Integer Overflow in the Nginx Web Server: A Deep Dive into the Vulnerability

CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad

Hydra Saiga: Covert Espionage and Infiltration of Critical Utilities

Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852

apimspray: Azure apim mini proxy

TTPRunner: Run TTPs - Feed it a threat report. It builds the attack plan. You approve. It executes

Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain(s))

Building virtual iPhone using VPHONE600AP component of recently released PCC firmware

Beyond Borders: How Threat Intelligence Provenance Can Save Global Cybersecurity From Geopolitical Fragmentation - Internet Governance Project

Github를 통해 유포된 VSCode 악용 Contagious Interview 캠페인 | 엔키화이트햇 - Githubcast containersun youphoDone VSCode evildragon Contagious Interview campainting

litebox: A security-focused library OS supporting kernel- and user-mode execution

SynthAPT: Generate malware with AI

Hiding in Plain Pixels: Malicious NPM Package Found

Nemesis 2.2 - We want to thank the United Kingdom’s National Cyber Security Centre (NCSC) for helping to fund this development effort that produced all this great new defensive functionality!

PlugX Meeting Invitation via MSBuild and GDATA