Over 300 entities hit by the Atomic macOS Stealer via malvertising campaign between June and August, CrowdStrike warns. From June and August, over 300 entities were hit by a variant of the Atomic macOS Stealer (AMOS) called SHAMOS, reports CrowdStrike. The Atomic macOS Stealer lets operators steal diverse information from infected machines. This includes Keychain […]
I’ve updated my reverse shell repo. I still use this attack during red team engagements. Unfortunately, many users/devices are still running with local admin rights. https://github.com/dvbnl/rubber-ducky I’ve build in persistence and tested it on the l…
INTERPOL arrested 1,209 cybercriminals in 18 African nations seizing $97.4M, and dismantling 11,432 malicious infrastructures. INTERPOL announced the result of the second phase of ongoing law enforcement Operation Serengeti (June to August 2025) that led to 1,209 arrests across 18 nations in Africa. The authorities are aiding 88,000 victims, seizing $97.4M, and dismantling 11,432 cybercrime […]
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures. […]
Ex-developer jailed 4 years for sabotaging Ohio employer with kill-switch malware that locked employees out after his account was disabled. Ex-developer Davis Lu (55) was sentenced to 4 years for sabotaging Ohio employer with kill-switch malware that locked staff out after his account was disabled. The Chinese national was also sentenced to three years of […]
Colt Technology Services confirmed a data breach by the WarLock ransomware group; the company is working to restore disrupted systems. Colt Technology Services confirmed that threat actors breached its systems and stole some data. The telecoms company is working to restore disrupted systems. Colt, officially known as Colt Technology Services Group Limited, is a multinational telecommunications […]
submitted by /u/CyberMasterV [link] [comments]
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS, iPadOS, and macOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS, iPadOS, and macOS flaw, tracked as CVE-2025-43300, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Apple addressed the actively exploited zero-day CVE-2025-43300 in iOS, iPadOS, and […]
msenum is an open-source reconnaissance tool for large-scale Microsoft account enumeration. It exploits endpoint(s) that lack proper rate limiting, allowing the enumeration of thousands of accounts per second. submitted by /u/p0xq …
Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing […]