🚨 We discovered that some versions of WeChat were vulnerable to CVE-2023-3420 due to the outdated V8 engine in Xweb. We reported this to the vendor in April. WeChat users should update to the latest version to stay secure. More details in #vulnerability.

RT @natashenka: While most vendors ship timely patches for vulnerabilities reported by Project Zero, they don’t always reach users. Today,….

Session information:

Can’t believe it’s only a week away! Join us on Aug 6th at “Hacking the Status Quo” @BlackHatEvents USA with @chompie1337, @natashenka & @InfosecVandana. Truly honored to share the stage with such inspiring voices!.

I shared my journey of how I started in cybersecurity in a @DarkReading interview highlighting women who have navigated and shaped the cybersecurity industry. Excited to dig deeper and meet you all at #BHUSA soon!.

Excited to see another threat intel focused conference taking place in Europe, and it’s organized by threat analyst in the field! The CFP is opened until Sept 1st. Looking forward to see your amazing research!.#What_is_SOS #StateOfStatecraft.

Had a great time on the @malspace podcast with Julien talking about my PIVOTcon presentation from tracking compartmentalized attacks to thoughts on attribution. Fun convo (and I loved the theme song at the end!). 🎶 Thanks for having me!.

🧀 We are having a new Rhacklette event on July 11th! I’ll be giving a presentation on the world of spyware! The event is open to FINTA folks including non-members. #Rhacklette #womenincyber.

I'm excited to return to Black Hat USA this year and have the opportunity to give away one briefings pass to the conference. If you're a student or someone who could use a little support to attend, I'd love to hear from you. DM me if you're interested! .#BHUSA

RT @silascutler: Really excited to see this research go live. We found 400 web based HMIs for US Water facilities open on Censys. With the….

Looking forward to my week at @Botconf ! Please come say hi if you are around! #Botconf2025

RT @chompie1337: Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native….

Huge thanks to @vtxproject for updating Synapse to support the new "relationship" context. We’re excited to see this research foster collaboration and push real change across the threat intelligence community.

In blog 2, we dive into the challenges of investigating compartmentalized campaigns. We share our approach to identifying them and propose an extended Diamond Model with a new "relationship" layer to close the analytical gaps.

📡New blogs out: Compartmentalized attacks are no longer limited to financially motivated actors, state-sponsored groups are adopting them too. We propose a new taxonomy for initial access groups to reflect broader motivations and affiliations.

Had an amazing time speaking at @pivot_con last week! Grateful for the chance to share insights and connect with the brilliant minds. PIVOTcon remains my favorite threat intel event in Europe. Huge thanks to the organizers for creating this community and the memorable experience.

A lot of you have been asking, YES!.@HacksInTaiwan 2025 CFP is open! The conference will be host on August 15 - August 16. Submit your talk before June 8th. Looking forward to your submissions! #HITCON #HITCON2025 CFP:

RT @_clem1: @0xAlexei Story behind CVE-2024-44308 and CVE-2024-44309 added in

RT @hasherezade: New #PEbear : 0.7.1: - is out! Updated with some important fixes.

I’ve seen companies set up detection pipelines that submit files to public sandboxing services 🤦‍♀️ It made me wonder, could attackers manipulate detections to trigger the pipeline? That might be an overlooked path to launch a supply chain-style attack causing sensitive data leaks.

We just published our investigation into a Cactus ransomware campaign, uncovering TOYMAKER, an IAB group using a custom backdoor LAGTOY. It’s still challenging to identify compartmentalized attacks. We’ll share our approach and solutions at @pivot_con in 2 weeks! #toymaker.