react
EvilBit Threat Digest - A Critical Reaction to the Week in Bugs
Critical React RCE sparks urgent patches as malware campaigns, APT spyware, supply-chain hits, and breaches highlight fragile digital trust.
KryptoKat
Hobbyist dev & experienced Vulnerability Analyst. Masters graduate and CISSP holder, Linux/Python enthusiast, cybersecurity evangelist, and network security nerd.
browser-extensions
EvilBit Threat Digest - Malicious Extensions, APT Overlap, Mobile Banking Malware
4.3M malicious extensions, evolving npm worm and BEC, overlapping APTs, advanced Android banking trojans, and a Rust-based Linux APT toolkit.
supply-chain
EvilBit Threat Digest - When the Supply Chain Eats Itself
Two weeks of supply chain chaos: npm worm hijacks repos, OAuth integrations abused, APTs use cloud C2, and IoT botnets test massive DDoS.
ai
EvilBit Threat Digest - When AI Turns on Itself and Attackers Go Kinetic
Iranian APTs enabling kinetic strikes, AI botnet via Ray RCE, creative malware via Blender, WhatsApp, homoglyphs, and critical patches.
oauth
EvilBit Threat Digest - OAuth Tokens and Other People's Problems
We faced a sprawling mess of supply chain compromises, state-sponsored espionage campaigns, insider threats, mobile malware that bypasses end-to-end encryption, and router hijacking this week.
steganography
EvilBit Threat Digest: Steganography Shenanigans and Espionage Escalations
Weekly digest: stego loaders, stealers, APT espionage on aerospace and policy orgs, VDI pivots, and critical RHEL and OT patch updates.
patches
EvilBit Threat Digest - Patches, Leaks, and AI Sneaks: The Week That Kept on Giving
Weekly cybersecurity digest: vendor patches and exploits, major data leaks, evolving malware and autonomous AI-orchestrated espionage, and ransomware fragmentation.
cybersecurity
EvilBit Threat Digest - The Long November: Patch Tuesday, Zero-Days, and Attackers’ Creativity
A roundup of November’s critical patches, active exploits, APT campaigns, supply chain attacks, and evolving phishing threats.
cloud
EvilBit Threat Digest - Cloudy with a Chance of Backups: State Actors, Zero-Days, and the RMM Ruckus
Security roundup on cloud backup breaches, critical CVEs, and malware trends, urging patching, credential rotation, MFA, and immutable backups.
wsus
EvilBit Threat Digest - The Phantom Menace: WSUS Exploits, Android Zero-Clicks, and AI Lies
Wednesday security digest on urgent patches for WSUS and Android, new APT campaigns, and warnings about dubious AI-driven ransomware claims.
kev
EvilBit Threat Digest - A KEV-Heavy Halloween Hangover
KEV-heavy week recap: on-prem exploits (SharePoint, VMware Aria, LANSCOPE), Warlock ransomware, and the need for asset visibility.
EvilBit Threat Digest - Ghosts in the Machine, Failures in the Silicon
A tour of evolving cyber threats -from state-sponsored social engineering to zero-days -emphasizing patching, defense in depth, and vigilance.