Sys-Admin InfoSec

05 March 2026 07:04

The Forgotten Bug: How a Node.js Core Design Flaw Enables HTTP Request Splitting

https://r3verii.github.io/cve/2026/02/27/nodejs-toctou.html

Sys-Admin InfoSec

25 February 2026 17:07

Refund scam impersonates Avast to harvest credit card details

https://www.malwarebytes.com/blog/threat-intel/2026/02/refund-scam-impersonates-avast-to-harvest-credit-card-details

Sys-Admin InfoSec

19 February 2026 11:39

AI in the Middle: Turning Web-Based AI Services into C2 Proxies & The Future Of AI Driven Attacks

https://research.checkpoint.com/2026/ai-in-the-middle-turning-web-based-ai-services-into-c2-proxies-the-future-of-ai-driven-attacks/

Sys-Admin InfoSec

11 February 2026 08:11

Fake 7-Zip downloads are turning home PCs into proxy nodes

https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes

Sys-Admin InfoSec

05 February 2026 07:45

LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem)

https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout

Sys-Admin InfoSec

29 January 2026 17:29

PeckBirdy: A Versatile Script Framework for LOLBins Exploitation

https://www.trendmicro.com/en_us/research/26/a/peckbirdy-script-framework.html

Sys-Admin InfoSec

27 January 2026 10:36

Microsoft mishandling example.com

Microsoft's Autodiscover service has incorrectly routed the IANA-reserved example.com to Sumitomo Electric Industries' mail servers at sei.co.jp, potentially sending test credentials there.

https://tinyapps.org/blog/microsoft-mishandling-example-com.html

Sys-Admin InfoSec

22 January 2026 03:14

Threat Actors Expand Abuse of Microsoft Visual Studio Code

This activity involved the deployment of a backdoor implant that provides remote code execution capabilities on the victim system:

https://www.jamf.com/blog/threat-actors-expand-abuse-of-visual-studio-code/

Sys-Admin InfoSec

20 January 2026 11:14

7 ваучеров на 100% скидку The Linux Foundation

+ 7 доступов к видеокурсу Kubernetes База

Ваучеры применимы к любому:

— онлайн-курсу
— сертификационному экзамену (CKA, CKS, CKAD и не только)
— или пакету (курс + сертификация)

29 января подведем итоги и выберем 7 победителей. Каждый победитель получит ваучер + доступ к курсу от Slurm.

Актививация активна до 07.01.2027, после будет 1 год и 2 попытки, чтобы завершить обучение и сдать экзамен.

Детали здесь - https://core247.kz/cncf

Sys-Admin InfoSec

19 January 2026 12:37

Malware Peddlers Are Now Hijacking Snap Publisher Domains

There’s a relentless campaign by scammers to publish malware in the Canonical Snap Store. Some gets caught by automated filters, but plenty slips through. Recently, these miscreants have changed tactics - they’re now registering expired domains belonging to legitimate snap publishers, taking over their accounts, and pushing malicious updates to previously trustworthy applications..:

https://blog.popey.com/2026/01/malware-purveyors-taking-over-published-snap-email-domains/

Sys-Admin InfoSec

14 January 2026 07:19

UNVEILING VOIDLINK – A STEALTHY, CLOUD-NATIVE LINUX MALWARE FRAMEWORK

https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/

Sys-Admin InfoSec

05 January 2026 10:22

VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion

https://unit42.paloaltonetworks.com/vvs-stealer/

Sys-Admin InfoSec

25 December 2025 03:10

Time Nist Gov Incorrect Time

The affected servers are:
time-a-b.nist.gov
time-b-b.nist.gov
time-c-b.nist.gov
time-d-b.nist.gov
time-e-b.nist.gov
ntp-b.nist.gov (authenticated NTP)

https://groups.google.com/a/list.nist.gov/g/internet-time-service/c/o0dDDcr1a8I

Sys-Admin InfoSec

17 December 2025 11:49

Inside GhostPoster: How a PNG Icon Infected 50,000 Firefox Users

https://www.koi.ai/blog/inside-ghostposter-how-a-png-icon-infected-50-000-firefox-browser-users

Sys-Admin InfoSec

10 December 2025 03:00

December 2025 Security Updates

This release consists of the following 57 Microsoft CVEs:

https://msrc.microsoft.com/update-guide/releaseNote/2025-Dec

Sys-Admin InfoSec

03 March 2026 07:16

Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel

https://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking/

Sys-Admin InfoSec

20 February 2026 13:04

PromptSpy ushers in the era of Android threats using GenAI

https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/

Sys-Admin InfoSec

11 February 2026 11:26

Old-School IRC, New Victims: Inside The Newly Discovered SSHStalker Linux Botnet

https://flare.io/learn/resources/blog/old-school-irc-new-victims-inside-the-newly-discovered-sshstalker-linux-botnet

Sys-Admin InfoSec

05 February 2026 17:51

Web Traffic Hijacking: When Your Nginx Configuration Turns Malicious

https://securitylabs.datadoghq.com/articles/web-traffic-hijacking-nginx-configuration-malicious/

Sys-Admin InfoSec

02 February 2026 08:54

Notepad++ Hijacked by State-Sponsored Hackers

https://notepad-plus-plus.org/news/hijacked-incident-info-update/

Sys-Admin InfoSec

29 January 2026 08:12

Love? Actually: Fake dating app used as lure in targeted spyware campaign

https://www.welivesecurity.com/en/eset-research/love-actually-fake-dating-app-used-lure-targeted-spyware-campaign-pakistan/

Sys-Admin InfoSec

22 January 2026 20:45

Open-Source Python Script Drives Social Media Phishing Campaign

..In this particular campaign, attackers abused LinkedIn’s professional context to establish trust and familiarity, increasing their chances of success by targeting high-value individuals in corporate environments. This tactic, however, could be applied to any social media platform commonly accessed on business devices..:

https://reliaquest.com/blog/threat-spotlight-open-source-python-script-drives-social-media-phishing-campaign

Sys-Admin InfoSec

20 January 2026 16:44

UNO reverse card: stealing cookies from cookie stealers

https://www.cyberark.com/resources/threat-research-blog/uno-reverse-card-stealing-cookies-from-cookie-stealers

P.S. реклама даже в панели управления малвари присутствует 😁

Sys-Admin InfoSec

20 January 2026 08:18

Cloudflare Zero-day: Accessing Any Host Globally

https://fearsoff.org/research/cloudflare-acme

Sys-Admin InfoSec

16 January 2026 02:56

StackWarp is a security vulnerability that exploits a synchronization bug present in all AMD Zen 1–5 processors. In the context of SEV-SNP, this flaw allows malicious VM hosts to manipulate the guest VM’s stack pointer

https://stackwarpattack.com/

Sys-Admin InfoSec

13 January 2026 17:16

deVixor: An Evolving Android Banking RAT with Ransomware

https://cyble.com/blog/devixor-an-evolving-android-banking-rat-with-ransomware-capabilities-targeting-iran/

Sys-Admin InfoSec

29 December 2025 09:47

Bluetooth Headphone Jacking: Full Disclosure of Airoha RACE Vulnerabilities

https://insinuator.net/2025/12/bluetooth-headphone-jacking-full-disclosure-of-airoha-race-vulnerabilities/

Sys-Admin InfoSec

24 December 2025 02:58

Nezha: The Monitoring Tool That’s Also a Perfect RAT

https://www.ontinue.com/resource/nezha-the-monitoring-tool-thats-also-a-perfect-rat/

Sys-Admin InfoSec

12 December 2025 08:15

CyberVolk Returns | Flawed VolkLocker Brings New Features With Growing Pains

https://www.sentinelone.com/blog/cybervolk-returns-flawed-volklocker-brings-new-features-with-growing-pains/

Sys-Admin InfoSec

09 December 2025 13:20

Windows Stealers: How Modern Infostealers Harvest Credentials

https://deceptiq.com/blog/windows-stealers-technical-analysis