EvilBit Threat Digest - OAuth Tokens and Other People's Problems

We faced a sprawling mess of supply chain compromises, state-sponsored espionage campaigns, insider threats, mobile malware that bypasses end-to-end encryption, and router hijacking this week.

ZeroDay Field Notes - Payloads in the Browser, Rootkits in the ATM

EDR evasion with RONINGLOADER, Windows admin bypass, browser push C2, router AitM updates, Lazarus tweaks, and an ATM heist with a Pi.

EvilBit Threat Digest: Steganography Shenanigans and Espionage Escalations

Weekly digest: stego loaders, stealers, APT espionage on aerospace and policy orgs, VDI pivots, and critical RHEL and OT patch updates.

EvilBit Threat Digest - Patches, Leaks, and AI Sneaks: The Week That Kept on Giving

Weekly cybersecurity digest: vendor patches and exploits, major data leaks, evolving malware and autonomous AI-orchestrated espionage, and ransomware fragmentation.

ZeroDay Field Notes: Shells, Shadows, and Sandbox Escapes

APT chains hitting Citrix and Cisco with stealthy webshells, new RATs and a Go packer boosting EDR evasion; also destructive ops and proxy C2.

EvilBit Threat Digest - The Long November: Patch Tuesday, Zero-Days, and Attackers’ Creativity

A roundup of November’s critical patches, active exploits, APT campaigns, supply chain attacks, and evolving phishing threats.

EvilBit Threat Digest - Cloudy with a Chance of Backups: State Actors, Zero-Days, and the RMM Ruckus

Security roundup on cloud backup breaches, critical CVEs, and malware trends, urging patching, credential rotation, MFA, and immutable backups.

ZeroDay Field Notes: Hiding in Plain Sight with Hyper-V

Explores using Hyper-V as a covert hideout for stealthy C2 and persistence, with real-world campaigns and toolchains.

EvilBit Threat Digest - The Phantom Menace: WSUS Exploits, Android Zero-Clicks, and AI Lies

Wednesday security digest on urgent patches for WSUS and Android, new APT campaigns, and warnings about dubious AI-driven ransomware claims.

EvilBit Threat Digest - A KEV-Heavy Halloween Hangover

KEV-heavy week recap: on-prem exploits (SharePoint, VMware Aria, LANSCOPE), Warlock ransomware, and the need for asset visibility.

ZeroDay Field Notes - Tricks, Treats, and Fresh Shells

A weekly security roundup of VM escapes, DLL hijacks, browser exfiltration tricks, phishing evasion, and hybrid Linux-on-Windows ransomware campaigns.

EvilBit Threat Digest - Ghosts in the Machine, Failures in the Silicon

A tour of evolving cyber threats -from state-sponsored social engineering to zero-days -emphasizing patching, defense in depth, and vigilance.