The malicious JS deployed by Lazarus in the ByBit hack, 0/61 on VT.

I’ve clustered these CharmingKitten BTC addresses into @arkham and identified some TXs with KYC exchanges like Binance, Coinbase, and Kraken. Some good leads for investigators here: https://t.co/bGEK1Dazvs

->

Cryptocurrency wallet addresses associated with #CharmingKitten / #APT35 operations:

KittenBusters Episode 4 just dropped with some interesting credentials and IOCs ->

#ChatControl is OFF the table for now. 💪 But the Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December. 😡 He now even claims your activism was paid for by Big Tech! 😡 Remember, this is the

Found ELF_PLEAD / SSHTD (aarch64) samples uploaded to VirusTotal in June 2025. Might be used for campaign in 2024. #BlackTech #APT #malware #iocs a653ae9e9906c0e5a5b5ba6330e10c9bb6b42e71abd6e80198eaa1386ea03cfb - Campaign Code: x240129-1 - C2: csp.fortinetline[.]com:443 (1/2)

The HackingTeam is back! New name, new malware, new exploits

Wow, so recording of my talk "Silent Killers: Unmasking a Large-Scale Legacy Driver Exploitation Campaign", presenting our @_CPResearch_ ( https://t.co/utX1IzrFZS) at #HackLu 2025 was already published 🤗: https://t.co/OCebCtt9kJ I'd like to thank @hack_lu organizers for one of

I’m presenting something interesting at @TheSAScon tomorrow! Large-scale malware database + code similarity = magic ✨

China releases 'UBIOS' standard to replace UEFI — Huawei-backed BIOS firmware replacement charges China's domestic computing goals

New drop from the Three Buddy Problem: Apple’s iOS forensics freeze, WhatsApp zero-click, China outs NSA https://t.co/jhEOTQNcaO

The show is available on all platforms

New episode ALERT! @craiu @juanandres_gs We dig into news that Apple's iOS 26 has quietly killed the shutdown.log forensic artifact used to spot signs of infections and what it means for threat hunters. Plus, whispers of a million-dollar WhatsApp zero-click exploit that never

Probably one of the biggest losses of US cyberweapons in years. 👇 All from private companies... ❓How were stolen capabilities used? ❓Were NSA etc ops burned? ❓Were they turned against Americans? Raises alarming questions about for-profit offensive sector's reliability.

This significantly changes the context of the “iOS Vuln dev hacked!” story. It is a clear national security issue, with exploits sold to the U.S. being resold to Russia. Both Russia and the U.S. (e.g. FBI) would have legitimate reasons to investigate the suspected leaker.

It’s been a pleasure working side by side with @julien_c and the @huggingface team to make this happen... and this is just the beginning. Thanks for the great collaboration! https://t.co/XaNIBLuIy4

Just why?

@radian is this intentional behavior?

New crazy anti forensic technique just dropped

@craiu Costin, you are looking at this the wrong way. It’s a brave decision right? No indication of bad if indicators can’t be found right?