deserialization
EvilBit Threat Digest - The Deserialization Blues
Critical RCE flaws in Sitecore, HPE OneView, and Magento face active exploitation. Plus: OAuth phishing tricks, RMM tool abuse, and new cloud-native Linux malware.
KryptoKat
Hobbyist dev & experienced Vulnerability Analyst. Masters graduate and CISSP holder, Linux/Python enthusiast, cybersecurity evangelist, and network security nerd.
phishing
EvilBit Threat Digest - When Tables Become Traps and Trust Turns Toxic
Attackers weaponize trust with HTML QR phishing, multi-stage AsyncRAT, fake Fortinet VPNs, OAST campaigns, LLM SSRF, SSH and RMM abuse.
cybersecurity
EvilBit Threat Digest - EvilBit Threat Digest: The Walls Have AI Ears
Knownsec leak exposes Chinese cyber-espionage tools, npm supply-chain attacks use blockchain C2, malicious Chrome extensions steal AI chats, and WhatsApp becomes a worm vector.
cybersecurity
EvilBit Threat Digest - Turning the Tables: When Deception Becomes Defense
Newsletter on Resecurity's honeypot win, FortiWeb 0-day exploitation, and Chinese Office Assistant supply chain browser plugin attack.
insider-threat
EvilBit Threat Digest - New Year Breaches and Phishing at Scale
KryptoKat analyzes Coupang's 33.7M-record insider breach, GlassWorm's macOS pivot with Solana C2, Silver Fox tax-themed phishing in India, and Intellexa sanctions reversal.
MongoDB
EvilBit Threat Digest - When Databases Leak and Developers Click: The Final Week of 2025
The threat landscape is ending the year with a bang rather than a whimper. We're seeing critical memory disclosure in one of the world's most popular databases, a ransomware group that's essentially become an industry unto itself, and supply-chain attacks have us jumping at every bump in the night.
supply-chain
EvilBit Threat Digest - When Your Browser and Build Pipeline Become the Backdoor
Supply-chain attacks target Maven Central with Cobalt Strike, Firefox extensions hide malware in PNG pixels, and APT groups weaponize DNS to hijack software updates.
ddos
EvilBit Threat Digest - When the Bots Come Knocking: Record DDoS, State Actors, and the Week in Malware
Record 29.7 Tbps DDoS botnet, fresh APT campaigns, mobile and browser malware, and OAuth device code phishing—what defenders must do now.
fortinet
EvilBit Threat Digest - This Week in Security: Burning Platforms and Broken Trust
Fortinet and Cisco zero-days, React RCE, Kimwolf botnet, Node.js malware, parked domain abuse, NuGet typosquat, and new Nessus plugins.
react2shell
EvilBit Threat Digest - Multiple Actors, Multiple Platforms, Multiple Headaches
React2Shell exploitation surges, Android trojans and WhatsApp GhostPairing spread, 700Credit breach hits millions, new stealers and APT ops.
react
EvilBit Threat Digest - This Week in Security: React Like You Mean It
React2Shell RCE slams Next.js as threat actors pivot to BYOVD ransomware, eBPF rootkits, Teams scams, VS Code trojans, and OT bruteforce attacks.
nessus
EvilBit Threat Digest - Your Scanner Just Got Smarter
Nessus plugin refresh expands detections across Linux, QNAP, FreeBSD and PRTG, adding new CVE coverage and TLS configuration checks.