🚩 New SAP NetWeaver Bug Lets Attackers Access Sensitive Data and Execute Commands https://t.co/1Acs20Ztbt Researchers report a critical flaw in SAP NetWeaver that can be abused to read sensitive configuration and business data and, in some cases, achieve remote command

🚩 Threat Actors Abuse Blockchain Smart Contracts to Spread Malware via WordPress Sites https://t.co/4GbzLlm7Ty Threat actor UNC5142 is leveraging smart contracts on public chains (via an “EtherHiding” technique) alongside compromised WordPress sites to distribute

💡 What is The Value of Threat Hunting Playbooks? https://t.co/OBdH8m7zvu For experienced defenders, the challenge isn’t knowing what to hunt; it’s executing hunts consistently, efficiently, and with measurable outcomes. Threat hunting playbooks solve this by providing a

@HackingLZ @ex_raritas @Huntio +1 for huntio. Especially after Censys changed its business model to exclude us poors.

🚩 Researchers Expose TA585’s “MonsterV2” Malware Campaign https://t.co/WZviXNnYxG A sophisticated cybercrime actor TA585, has been found running end-to-end phishing campaigns that deliver the high-end “MonsterV2” stealer/RAT/loader, managing its own infrastructure and

⚠️ Two New Windows Zero-Days Exploited in the Wild https://t.co/McHJNHNkOw Microsoft has confirmed two actively exploited zero-day vulnerabilities: CVE-2025-24990 (a privilege escalation in the Agere modem driver present in all Windows versions) and CVE-2025-59230 (an

🎯 𝗙𝗿𝗼𝗺 𝗠𝘂𝗻𝗶𝘁𝗶𝗼𝗻𝘀 𝘁𝗼 𝗠𝗮𝗹𝘄𝗮𝗿𝗲: 𝗝𝗼𝘀𝗲𝗽𝗵 𝗛𝗮𝗿𝗿𝗶𝘀𝗼𝗻 𝗼𝗻 𝗧𝗵𝗿𝗲𝗮𝘁 𝗗𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻 & 𝗗𝗶𝗴𝗶𝘁𝗮𝗹 𝗙𝗼𝗿𝗲𝗻𝘀𝗶𝗰𝘀 From the Air Force munitions field to leading threat detection ops at EY, Joseph Harrison’s journey shows how discipline,

Come get your pentester/CTF player

#APT #Sidewinder using #New #Exfiltration #Server in Phising Campaign Targeting #Srilanka 1/ @Huntio tracked a new collection server "mailsserver-lk[.]com" in recent sightings in 3 attacks. Observed PDF: WPS NAP 5th Core Steering comm -Meeting Minute.pdf

🚩 North Korean Hackers Merge BeaverTail & OtterCookie into a Single Advanced JS Malware https://t.co/mc5inLhJ6e Researchers at Cisco Talos found a North Korea-aligned actor refining its tool-kit by combining features of the BeaverTail info-stealer and the OtterCookie backdoor

⚠️ WatchGuard Fireware Vulnerability Permits Unauthenticated Code Execution (CVE-2025-9242) https://t.co/Mycm9VYD6m A critical out-of-bounds write vulnerability in the Fireware OS iked process allows remote, unauthenticated attackers to execute arbitrary code on Firebox

These sites were designed to harvest credentials by mimicking login pages, especially Zimbra webmail panels, and then sent captured data to centralized collection infrastructure such as mailbox3-inbox1-bd[.]com. Read our findings ➡️ https://t.co/H3uDmGmIDA #ThreatHunting

🌐 Two months ago, we uncovered APT Sidewinder’s use of Netlify and Pages[.]dev hosting platforms to deploy phishing portals that impersonated government and defense agencies throughout South Asia. ⬇️ https://t.co/H3uDmGmIDA #MalwareAnalysis #SecurityResearch

Each directory listing reveals the malware type, file count, country, size, and hosting provider. From there, researchers can pivot deeper, analyzing associated MITRE ATT&CK techniques or identifying related malware families like Meterpreter or Bulz. See how Hunt detects live

📌 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗖𝗼𝗯𝗮𝗹𝘁 𝗦𝘁𝗿𝗶𝗸𝗲 𝗶𝗻 𝘁𝗵𝗲 𝗪𝗶𝗹𝗱 𝘄𝗶𝘁𝗵 𝗔𝘁𝘁𝗮𝗰𝗸𝗖𝗮𝗽𝘁𝘂𝗿𝗲™ Hunt’s AttackCapture™ feature continuously monitors open directories to identify active malware infrastructure. Using advanced signature detection and tagging, it flags Cobalt

🚩 New .NET “CAPI Backdoor” Targets Russian Auto & E-Commerce Firms via Phishing ZIPs https://t.co/2EylQ7OuL7 Security researchers at Seqrite Labs uncovered a novel backdoor written in .NET that abuses the Windows Cryptographic API (CAPI) and uses instances of rundll32.exe to

📖 If you’re still relying on static IOCs, you’re missing the real picture. Our free eBook, Modern Threat Hunting, provides a repeatable framework for uncovering adversary infrastructure at scale, utilizing methods such as certificate tracking, IOC pivoting, C2 detection, and

You can query by tags, malware names, ports, or host providers and instantly return captures with detailed metadata: file structures, timestamps, confidence scores, and enrichment data. Book a demo and get access to your API ➡️ https://t.co/YJzGDkh8LJ #ThreatHunting

📌 𝗔𝘁𝘁𝗮𝗰𝗸𝗖𝗮𝗽𝘁𝘂𝗿𝗲™ 𝗟𝗶𝘀𝘁𝗶𝗻𝗴 𝗔𝗣𝗜 𝗘𝗻𝗱𝗽𝗼𝗶𝗻𝘁 𝗧𝗼 𝗙𝗶𝗹𝘁𝗲𝗿 𝗪𝗵𝗮𝘁 𝗠𝗮𝘁𝘁𝗲𝗿𝘀 When investigating, context is everything. The AttackCapture™ Listing endpoint lets you filter Hunt’s dataset to find exactly what you’re looking for - malware

⚠️ Chinese Threat Actors Exploit ArcGIS Server Zero-Day for Geo-Spatial Data Theft https://t.co/bQu1Z8H4Oy Nation-state actors have been exploiting a critical vulnerability in ArcGIS Server to gain remote code execution and extract sensitive infrastructure-mapping data used for