So excited that the Japanese edition of my global best-selling book, The Palestine Laboratory, is out with @Iwanami_Shinsho on 9 December. More details here:

Building an IPv6-focused #OpenBSD home router 👉 https://t.co/Dt28ADpSOB

🔐 https://t.co/R2t2w20XUW — One feed. All BSD security advisories. Stay patched. Stay secure. → https://t.co/dfEZRcdTK5 #BSD #InfoSec #OpenBSD #FreeBSD #NetBSD #pfSense #SysAdmin

BREAKING: A new UN report finds that Israel’s assault on Gaza - with the destruction of health care, education, infrastructure, even the banking system - has erased 69 years of human development, marking the worst economic collapse ever recorded. This is not war: it is genocide.

K7 Labs analyse a campaign ongoing in Brazil, spreading malware via WhatsApp web from the victim’s machine to their contacts by using the open-source WhatsApp automation script from GitHub whilst also loading a banking trojan into memory. https://t.co/iHX7VPEAP5

K7's Praveen Babu analyses a Python-based malware sample that uses multi-stage obfuscation. https://t.co/ylHGvT9Q9h

Jamf Threat Labs analyses DigitStealer, a new macOS infostealer that uses advanced hardware checks and multi-stage attacks to evade detection and steal sensitive data. https://t.co/0B509wsB84

Monitoring for too many old indicators not only costs money, it can even inhibit detection of real intrusions. 📆 Include "last seen" when publishing IOCs ❌ Prune old IOCs 📜 Prioritize long lived IOCs over short lived ones https://t.co/7PvNbgsbRX

ZAP Updates for October: https://t.co/awPFO4Om5r #zaproxy #appsec

Suricata 7.0.13 and 8.0.2 packages are now available for Ubuntu on Ubuntu PPA. Check it out here: https://t.co/YZjUQOThjp #Suricata7 #Suricata8 #Suricata

👀 OpenSource Malware an open database for tracking malicious open-source packages from npm, PyPI, GitHub repos! Great source of intel feed for supply-chain attacks! 👇 https://t.co/y6ELpxxX1S

Elastic Security Labs publishes nightMARE, a Python library (v0.16) for malware analysis and for building configuration extractors. https://t.co/Cdofl8Lazn

👀 A malicious MCP server spotted in the wild! The Postmark MCP server (used to send and track emails through Postmark API) introduced a suspicious behavior in version 1.0.16. The attacker cloned the legitimate Postmark MCP code and added a malicious BCC line, then published it

The Resecurity HUNTER Team warns of a mass exploitation of CVE-2025-61882 in Oracle E-Business Suite, enabling remote code execution. Several victims received extortion emails from Cl0p in late September 2025. https://t.co/n9tecnB77M

This is NOT the first genocide that happens under "our" watch. It is the first genocide that WE, The People, can and will stop. Against all odds and adversities.

Keeping track of your DF/IR webinars so you don't have to.

🥷 FLARE-On 12 starts today - prepare yourself with this episode of Behind the Binary 👇 https://t.co/4edhmjnMm7

Three vulnerabilities (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363) affecting Cisco ASA and FTD software are under active exploitation. We discuss the lifecycle of zero-day vulnerabilities and the phenomenon of “patch-or-perish.” https://t.co/zTcQCf8hFP

👀 New Microsoft threat report shows how attackers are using AI for evasion and obfuscation in a phishing campaign! One part is very interesting, the team spotted 5 AI fingerprints in the code. But instead of hiding the attack (the initial goal), these fingerprints actually

🎙️ Behind the Binary: Did you miss our latest episode on crypto heists and Web3? We dove into the "Wild West" of Web3 and decentralized finance, where thefts and hacks are now more common than in traditional finance. Blas Kojusner, Robert Wallace, and Joseph Dobson joined us to