Best deal of the year...

South Korea's largest cryptocurrency exchange, Upbit, has confirmed a major security breach involving the unauthorized withdrawal of 54 Billion KRW (~$39M) in Solana-based assets. Key Details: ▶️Incident Confirmation: The breach was acknowledged on November 27, 2025, at 04:42

‼️ Secret Chinese documents have been leaked, revealing their internal cyberwarfare training program. The documents show a focus on products from Cisco, Fortinet, WatchGuard, and Juniper as primary operational targets. China has built digital cyber ranges that allow operatives

Massive APT35 (Charming Kitten) internal leak exposes a highly mature, quota-driven cyber-espionage machine focused on long-term mailbox persistence & HUMINT collection. Core technical tradecraft is Exchange-centric & credential-obsessed: Initial Access & Exploitation • Heavy

These guys published a great report on Operation DreamJob by the DPRK threat actor, and I can relate to how hard it is to build that malware relationship table. Kudos to the team!

#bitter Group used the WinRAR vulnerability CVE-2025-6218. When users decompress with a vulnerable WinRAR version, the special paths (constructed with ".. " spaces) in the compressed package release the malicious file Normal.dotm to

he’s right on point. you can actually LOVE studying new subjects. here’s how (i broke down 26 minutes of video): > approach it with curiosity like a kid. gaslight yourself into having that curiosity, it produces dopamine, and brings focus and enjoyment. be like Feynman. > track

Knowing how to write assembly is a skill you should learn, and these guys have a great resource for you! I've debugged 10,000 lines of assembly for every line I've ever written... but writing assembly from scratch is a core computer science skill, I believe: even if you never

YARA-X but ported to PyQT6. Experimenting with different themes :D

Awesome new threat report from Google Threat Intel Group documenting how threat actors are leveraging Gemini. A lot of information and actionable avalable in the report! Great work 👌 https://t.co/0ktEQbUhmq

Check Point Research demonstrates how generative AI can speed up reverse engineering from days to hours by exporting IDA data to ChatGPT for deep static analysis. https://t.co/nhfXopg5vw

#APT Since the disclosure of the #ZipperDown vulnerability in 2018, this is the first observed case of its in-the-wild exploitation by APT groups. Northeast Asian threat actors used it to target Android devices of individuals in North Korea and Northeast China.

Microsoft Incident Response – Detection and Response Team (DART) uncovered SesameOp, a new backdoor that uses the OpenAI Assistants API for C2. DART shared the findings with OpenAI, who identified and disabled an API key and associated account. https://t.co/xflPrSQReI SesameOp

Effective Malware Analysis using Unicorn | IIJ Security Diary (in English) https://t.co/qSl3ABxeXx @IIJSECT

https://t.co/0LBnlqQ5EL

Cryptocurrency wallet addresses associated with #CharmingKitten / #APT35 operations:

🔥 Parallel Pulse 2025 @nanosec_asia is coming! HRDC Claimable Training + Conference for defenders, researchers & builders. https://t.co/ZXy0cHrO9Q HRDC Registration: https://t.co/mca0XEJamn Normal Conference Registration: https://t.co/JUdp71IdH4

thanks to everyone who attended my #TheSAS2025 talk "Typographic hit job: when fonts pull the trigger". 🙏 I've written an accompanying blogpost that goes over all the details:

It was truly an honor to be part of #TheSAS2025 as a speaker! I and Omar (@beacon_exe) shared some juicy insights from our extensive research on #BlueNoroff's #GhostCall and #GhostHire campaign, part of #SnatchCrypto. You can find our research below. ✅ https://t.co/UVH5GGQHBc

BYOVD to the next level (part 1). exploiting a vulnerable driver (CVE-2025-8061) TLDR; This blog post is about how to abuse a vulnerable driver to gain access to Ring-0 capabilities. https://t.co/sAnlLn9rXS