CIRCLE WITH A DOT

New.Elastic Security: Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework https://www.elastic.co/security-labs/illuminating-voidlink #infosec #Linux #malware #malwareanalysis

New.Any.Run: Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud https://any.run/cybersecurity-blog/banks-magecart-campaign/ @anyrun_app #infosec #fraud #malware #malwareanalysis

@AAKL another month, another ivanti exploit

GlassWorm update:• Solana dead drop C2 + DHT fallback• Fake Chrome extension → full browser exfil• HW wallet phishing (Ledger/Trezor)• HVNC + SOCKS modules• Targets npm, PyPI, MCPDecentralized infra = stealth persistence.Source: https://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.htmlFollow @technadu #InfoSec #ThreatIntel #Malware

What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. https://www.youtube.com/playlist?list=PLXqx05yil_mcggMNdDUD3uswzmhpv18E7#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec

THREAT INTELLIGENCEFCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk ConcernsVulnerability | MEDIUMThe Federal Communications Commission has updated its Covered List to include all consumer routers made in foreign countries, banning the sale of new...Full analysis:https://www.yazoul.net/news/news/fcc-bans-new-foreign-made-routers-over-supply-chain-and-cyber-risk-concerns#ThreatIntel #Malware #ThreatHunting

𝗙𝗥𝗢𝗠 𝗖𝗢𝗗𝗘 𝗧𝗢 𝗖𝗢𝗠𝗣𝗥𝗢𝗠𝗜𝗦𝗘: 𝗧𝗨𝗥𝗡𝗜𝗡𝗚 𝗠𝗢𝗗𝗘𝗥𝗡 𝗗𝗔𝗬 𝗜𝗗𝗘𝗦 𝗜𝗡𝗧𝗢 𝗔𝗧𝗧𝗔𝗖𝗞 𝗩𝗘𝗖𝗧𝗢𝗥𝗦 𝗩𝗜𝗔 𝗠𝗔𝗟𝗜𝗖𝗜𝗢𝗨𝗦 𝗘𝗫𝗧𝗘𝗡𝗦𝗜𝗢𝗡𝗦 (2h Workshop) Debjeet Banerjee ( @whokilleddb )Visual Studio Code isn’t just a developer favorite — it’s now a high-value target for stealthy supply-chain attacks. This talk dives into real-world hacks, from crypto-stealing Solidity extensions to self-spreading threats like GlassWorm, exposing how attackers hide in plain sight. See how TypeScript and Rust can be fused to create “trusted” extensions that secretly execute native shellcode inside your IDE. Walk away with powerful insights to detect, defend, and stay ahead of this new wave of developer-focused threats.Debjeet Banerjee is a Malware Developer at Black Hills Information Security, focused on building tools, researching evasion techniques, and advancing offensive security. Conference Dates: 6–8 May 2026 | 09:00–18:00 14, Porte de France, Esch-sur-Alzette, Luxembourg️ Tickets: https://2026.bsides.lu/tickets/ Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/ #BSidesLuxembourg #CyberSecurity #InfoSec #Malware #EthicalHacking #SecurityResearch

What’s trending in cybersecurity today? Find out with the latest YouTube playlist we’ve curated. https://www.youtube.com/playlist?list=PLXqx05yil_meaUTbm-xxwkQeFL9Xw_cO_#Malware #Phishing #IncidentResponse #CyberAwareness #AppSec

heise+ | Binary Refinery: Allrounder für die Malware-AnalyseMehrere Analyseschritte in einem einzigen Befehl? Für Binary Refinery kein Problem. Wir stellen das kostenlose Kommandozeilen-Toolkit für Profis vor.https://www.heise.de/hintergrund/Binary-Refinery-Allrounder-fuer-die-Malware-Analyse-11184502.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon#IT #Linux #Malware #Security #Windows #news

New playlist online: from malware analysis to ethical hacking demos. Check it out here https://www.youtube.com/playlist?list=PLXqx05yil_me6OZhJn2iMYDiHgTp_eotl#Malware #EthicalHacking #CyberDefense #NetworkSecurity #IncidentResponse

FFS its not "Sideloading", its installing applications on a device I own. #android #google #scams #malware #fdroid #foss #privacy #lineageos #grapheneos

Ill keep flogging this dead horse**... show me the evidence that the average person is installing malware APK from attackers. This has NOTHING to do with protecting users. As an Incident Responder, all the Android malware I have seen in my user community has been downloaded directly from the Google Play Store. All the scams I have seen have originated from ads within apps installed from the Google Play Store. If Google cared about scams and malware then they should get their app store and ad platform under control. The fact they report removing thousands of malicious apps from the app store shows that this is where they should focus their efforts. **Currently, the user needs to enable developer mode by multiple clicking the config menu, approving third party app installs, then again go through multiple windows confirming the install. https://thehackernews.com/2026/03/google-adds-24-hour-wait-for-unverified.html#android #google #scams #malware #fdroid #foss #privacy #lineageos #grapheneos

Android sideloading is getting a new speed bump: Google will require a 24-hour wait before installing apps from unverified developers, a move supposedly meant to make malware and scam-driven installs harder to pull off.https://thehackernews.com/2026/03/google-adds-24-hour-wait-for-unverified.html#AndroidSecurity #Cybersecurity #Malware #MobileSecurity #Google

More about the Trivy attack.Wiz: Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack https://www.wiz.io/blog/trivy-compromised-teampcp-supply-chain-attack @wiz #infosec #cyberattack #malware #GitHub #databreach

Sophos, from yesterday: Android devices ship with firmware-level malware https://www.sophos.com/en-us/blog/android-devices-ship-with-firmware-level-malware @SophosXOps #infosec #threatresearch #Android #malware #Google

Just remembered that Rensenware existed.Fun fact: the person who made Rensenware infected their own machine with it.https://www.youtube.com/watch?v=35mNhYY3O3khttps://en.wikipedia.org/wiki/Rensenwarehttps://github.com/0x00000FF/rensenware-cut#Tech #Technology #Rensenware #Malware #Ransomware #Virus

New.Unit42: Analyzing the Current State of AI Use in Malware https://unit42.paloaltonetworks.com/ai-use-in-malware/ @unit42_intel #infosec #malware #threatresearch

New.Microsoft Threat Intelligence: When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures https://www.microsoft.com/en-us/security/blog/2026/03/19/when-tax-season-becomes-cyberattack-season-phishing-and-malware-campaigns-using-tax-related-lures/ #Microsoft #infosec #malware #phishing #scam

#DarkSword emerges as powerful #iOS exploit tool in global attackshttps://securityaffairs.com/189662/hacking/darksword-emerges-as-powerful-ios-exploit-tool-in-global-attacks.html#securityaffairs #hacking #malware #iphone

THREAT INTELLIGENCEDarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device TakeoverVulnerability | MEDIUMThe Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's Secure Firewall Management...Full analysis:https://www.yazoul.net/news/news/darksword-ios-exploit-kit-uses-6-flaws-3-zero-days-for-full-device-takeover#ThreatIntel #Malware #SecurityOps