ai
EvilBit Threat Digest - AI Honeypots, Fileless Rats, and a Very Busy January Recap
Weekly security recap on AI-driven deception, BYOVD, steganography, and crypto-enabled infostealers shaping last month's threats.
ZeroDay Field Notes - Implants, Exploits, and the AI Edge
Weekly briefing on AI-driven evasion, deepfake malware, cloud C2s, and smishing that bypasses 2FA, with defender-focused mitigations.
EvilBit Threat Digest - Proxies, Poisoned Installers, and the Taxman's PDF
Your midweek security digest covers deceptive traffic origins, malicious installers, and trusted delivery channels that threaten credentials and endpoints.
EvilBit Threat Digest: DNS Side-Channels, Admin UIs, and the Long Tail of Defaults
Threat digest on DNS as control plane via compromised routers and shadow resolvers, weak admin interfaces, evolving scams, and AI-enabled risk.
ZeroDay Field Notes - Tradecraft, Takeovers, and the Tools That Keep Giving
Explores firmware and extension-era attack chains - from UEFI boot-service hooks to Android/Windows RATs, NFC data exfil, and supply-chain risks.
EvilBit Threat Digest - RTFs, Rogue Plugins, and a Side of Credential Theft
A digest of threats from weaponized RTFs and rogue editor extensions, plus credential-stealing campaigns, supply-chain abuses, and defender tips.
EvilBit Threat Digest - When the Update Server is Lying to You
Threat digest on attackers abusing trusted services - from update servers to cloud mail - turning trust into a weapon and evading detection.
ZeroDay Field Notes - Your Tools Are Turning On You
Your compliance dashboard is green. Your patching metrics satisfy the auditors. The attackers are still inside.
EvilBit Threat Digest - EvilBit Threat Digest: When Infrastructure Becomes a Weapon and Trust Turns Toxic
Threat actors weaponize infrastructure at scale, from wipers targeting power grids to supply-chain malware and browser extensions that act as C2.
EvilBit Threat Digest - Phishing, AI-agent Risks & Malware
Roundup: LastPass phishing, ErrTraffic ClickFix, BlueNoroff macOS/supply-chain attacks, MCP AI-agent risks, and WordPress/mJobtime exploits.
ZeroDay Field Notes - Your Firewall is a Liar, and Your IDE is a Snitch
Fortinet firewalls compromised despite patches, malicious VS Code AI extensions steal code from 1.5M developers, and phishing kits exploit trusted cloud platforms.
EvilBit Threat Digest - Kernel Rootkits Get a Cloud-Native Upgrade
VoidLink malware compiles custom kernel rootkits on-demand, plus critical n8n and WordPress vulnerabilities, DLL side-loading campaigns, and more threats analyzed.
EvilBit Threat Digest - The Deserialization Blues
Critical RCE flaws in Sitecore, HPE OneView, and Magento face active exploitation. Plus: OAuth phishing tricks, RMM tool abuse, and new cloud-native Linux malware.