PoC Exploit Released for Windows Snipping Tool NTLM Hash Leak Vulnerability A proof-of-concept (PoC) exploit has been publicly released for a newly disclosed vulnerability in Microsoft's Snipping Tool that allows attackers to silently steal users' Net-NTLM credential hashes b...

share.google/y5bwlElsl17k...

APT41 Delivers 'Undetectable' Backdoor to Steal Cloud Credentials The China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to obscure C2 communication.

www.darkreading.com/cloud-securi...

Former NSA chiefs worry American offensive edge in cybersecurity is slipping A systemic numbness to cyberattacks has exposed the U.S. economy and its institutions to ever-widening threats. Retired four-star military officials worry the worst day in cyber is yet to come.

Source: CyberScoop share.google/B1iPbMw0h4sF...

Source: X share.google/OZSd5VR78Faj...

FBI investigates breach of surveillance and wiretap systems The U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it's investigating a breach that affected systems used to manage surveillance and wiretap warrants.

www.bleepingcomputer.com/news/securit...

Lab 37 – Using gobuster to discover directories - 101Labs.net Gobuster is a free opensource tool used to brute force URLs, discovering available files and directories in web sites. It can also discover DNS subdomains.

www.101labs.net/comptia-secu...

Hackers target Microsoft Entra accounts in device code vishing attacks Threat actors are targeting technology, manufacturing, and financial organizations in campaigns that combine device code phishing and voice phishing (vishing) to abuse the OAuth 2.0 Device Authorizati...

Source: BleepingComputer share.google/iAOQhP4KSnX2...

Russian Hackers Hit Poland's Grid with Wiper Malware Sandworm's DynoWiper malware targeted Poland's energy infrastructure in failed attack

www.techbuzz.ai/articles/rus...

Argus - Python-powered Toolkit for Information Gathering and Reconnaissance Argus is a comprehensive Python-based toolkit designed for reconnaissance tasks in cybersecurity. The developers recently released version 2.0, expanding it to include 135 modules.

Source: Cyber Security News share.google/4yPkddCzVIFp...

Doing some rooms in TryHackme about reading logs, this Linux command helped me a lot grep -woi “word” file.txt | wc -l

amp.9news.com.au/article/182a...

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024 CISA has closed 10 emergency cybersecurity directives issued between 2019 and 2024 after required actions were completed and enforced under BOD 22-01.

Source: The Hacker News share.google/GDEL1yQToFcE...

A closer look at a BGP anomaly in Venezuela There has been speculation about the cause of a BGP anomaly observed in Venezuela on January 2. We take a look at BGP route leaks, and dive into what the data suggests caused the anomaly in question.

blog.cloudflare.com/bgp-route-le...

European Space Agency Confirms Breach of External Servers - ClearPhish | Best Phishing Simulation The European Space Agency (ESA) has confirmed a cybersecurity breach impacting external servers used for collaborative engineering, with hackers claiming access to source code, credentials, and intern...

www.clearphish.ai/news/europea...

IBM warns of critical API Connect auth bypass vulnerability IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely.

Source: BleepingComputer share.google/B0dAFjOEKvpy...

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper A new MacSync macOS stealer spreads via a signed, notarized fake installer, bypassing Apple Gatekeeper before Apple revoked the certificate.

Source: The Hacker News share.google/1A1u7Vm1RyFM...

CVE-2025-68664 - GitHub Advisory Database LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs

github.com/advisories/G...

mlq.ai/news/700cred...

Over 10,000 Docker Hub images found leaking credentials, auth keys More than 10,000 Docker Hub container images expose data that should be protected, including live credentials to production systems, CI/CD databases, or LLM model keys.

Source: BleepingComputer share.google/hBVc0JvgYqI6...

Windows PowerShell now warns when running Invoke-WebRequest scripts Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing.

www.bleepingcomputer.com/news/securit...

Exploitation Activity Ramps Up Against React2Shell Attacks against CVE-2025-55182, which began almost immediately after public disclosure, have increased as more threat actors take advantage of the flaw.

www.darkreading.com/vulnerabilit...

Over 70 US banks and credit unions affected by Marquis ransomware breach - here's what we know Marquis was struck with ransomware

Source: TechRadar share.google/1tkAZOH90uHN...

Google Starts Sharing All Your Text Messages With Your Employer Warning: What happens on your Android, doesn’t stay on your Android — not if it's a work phone.

Source: Forbes share.google/4MZTelpmmeA9...

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks An advanced threat actor exploited the critical vulnerabilities "Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-...

Source: BleepingComputer share.google/9XyCtzUWXiuq...

Attackers Exploit Active Directory Sites to Escalate Privileges and Compromise Domain Researchers have uncovered a dangerous attack vector targeting Active Directory Sites, a critical yet often overlooked component of enterprise network infrastructure.

Source: GBHackers News share.google/j39USur3S1lC...

Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and...

Source: The Hacker News share.google/uqrxQs1pBk0w...

OAuth Device Code Phishing: Azure vs. Google Compared Device code phishing abuses the OAuth device flow, and Google and Azure produce strikingly different attack surfaces. Register for Huntress Labs' Live Hack to learn about attack techniques, defensive ...

www.bleepingcomputer.com/news/securit...

Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns Three myths debunked in one warning from America's Cyber Defense Agency, CISA: Ransomware is not dead. Windows is not the only attack surface. Linux can be exploited.

www.forbes.com/sites/daveyw...

The cryptography behind electronic passports This blog post describes how electronic passports work, the threats within their threat model, and how they protect against those threats using cryptography. It also discusses the implications of usin...

Source: The Trail of Bits Blog share.google/zjo1BusyyK2u...

Interesting reading

Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide In a report shared with Recorded Future News, Unit 42 attributed the targeting of Cisco ASA devices to Storm-1849 — a China-based threat group that Cisco previously said has been attacking the tools s...

Source: The Record from Recorded Future News share.google/Dk5m3WaaNZdp...