supply-chain
ZeroDay Field Notes - supply-chain backdoors surge
TeamPCP supply-chain attacks hit PyPI and npm, GlassWorm returns with unkillable Solana C2, and new fileless primitives ForsHops and FlipSwitch raise the stealth bar.
EvilBit Threat Digest - Wipers in the Cluster, Thieves in the Toolchain
Wipers riding Kubernetes, supply chains turned inside out, and "trusted" platforms doing the con's heavy lifting. This week's threats hide where you already look.
EvilBit Threat Digest - Ghosts in the Pipeline
Trust failures defined the week: poisoned CI tags, stealthy C2, real-time phishing theft, and patch priorities defenders cannot ignore.
ZeroDay Field Notes - Shadows in the Supply Chain
Process hollowing, Deno signing abuse, build-time supply chain poisoning, and AOT evasion: this week's techniques dissected for operators.
EvilBit Threat Digest - The Week the Toolchain Bit Back
Weekly digest of self-propagating supply-chain worms, credential pivots into cloud data, and social engineering driving trust abuse in vendors …and it’s only halfway over.
EvilBit Threat Digest - Wipes, Wormholes, and Weaponized Admin Panels
A summary of threats abusing identity and cloud admin tools to weaponize admin consoles, with supply-chain and phishing trends.
ZeroDay Field Notes - Blockchain Backdoors and Runtime Ruses
A snapshot of rising cyber threats: blockchain-backed C2, fileless runtimes, IoT botnets, and state-sponsored intrusions shaping modern operations.
EvilBit Threat Digest: Free-Trial C2, Copy/Paste Compromise, and iPhones on the Menu
Weekly threat digest on how free trials, copy/paste install guides, and trusted tech boundaries are weaponized, with actionable defenses.
EvilBit Threat Digest - Rusty Backdoors, Phishing Kit Takedowns, and the Infrastructure Arms Race
Threat digest on Rust-based backdoors, phishing-kit takedowns, SSL graph-based threat hunting, AI prompt-injection exploits, and Cisco advisories.
ZeroDay Field Notes - Chains, RATs, and the Art of Staying Invisible
A red-team roundup of chaining zero-days, browser rats, air-gap hops, and evasive phishing techniques for stealthy ops.
EvilBit Threat Digest - Blackouts, Backdoors, and Browser Brainworms
A cross-cutting security digest on geopolitics shaping outages, new APT chains, AI prompt risks, cryptomining, and pragmatic patching guidance.
EvilBit Threat Digest - Sheets, Shellcode, and SeaFlowers
Cloud-first malware roundup: GRIDTIDE uses Google Sheets as C2, PlugX evolutions, React RCE, SeaFlower wallet clones, fixes.
ZeroDay Field Notes - Supply Chains on Fire, RATs in the Shadows
Poisoned npm packages hijack AI dev tools, MIMICRAT laughs at ETW, and a Cisco zero-day's been burning since 2023. Sharpen up.