cisco
EvilBit Threat Digest - Network Edge Pummeled, Supply-Chain Worms Get Better, AI Starts Finding the Bugs
Cisco SD-WAN CVSS 10.0 under active exploit, May Patch Tuesday brings a wormable Windows DNS Client RCE, and the npm worm reaches OpenAI.
UncleSp1d3r
I'm a computer security pro who loves creating custom tools. I'm all about building secure systems and diving into Rust and GoLang. Let's connect and team up!
apple
EvilBit Threat Digest - Apple Drops a May Patch Bomb, Supply Chains Take Another Hit
Apple's May patch bomb hits every OS, Mini Shai-Hulud poisons 170 npm packages, and DPRK laptop-farm enablers each catch 18 months.
phishing
EvilBit Threat Digest - Supply Chains, Session Tokens, and a Page Cache That Doesn't Care About Containers
Copy Fail kernel LPE traverses containers, Microsoft AiTM hits 35,000 users, cPanel auth bypass on KEV, and three federal sentencings.
EvilBit Threat Digest - Supply Chains That Keep on Giving
Dual-RMM phishing hits 80+ orgs, cPanel and MOVEit auth bypasses under active exploit, APT28 keeps hijacking routers for M365 token theft.
supply-chain
EvilBit Threat Digest: Supply-Chain Mayhem and Insider Roulette
BlackCat insiders draw 4-year sentences, ShinyHunters AI-vishes ADT and Medtronic, and Mini Shai-Hulud worms its way into more npm packages.
patch-tuesday
EvilBit Threat Digest - Patch Tuesday leftovers and supply-chain hangovers
Patch volume was up this week. The louder stories came from attackers abusing trust at the edges of developer workflows, AI tooling, and government portals.
lunaspy
ZeroDay Field Notes - Preloaded Hardware, Fileless RMM Drops, and Supply-Chain Backdoors
Preloaded LunaSpy phones, in-memory ScreenConnect drops, npm typosquats stealing SSH keys, two Cisco ISE 9.9s. Disk is for chumps this week.
nightmare-eclipse
EvilBit Threat Digest - Patch Now or Pray Later: Nightmare-Eclipse, VPN Pivots, and Four Fresh Android Bankers
Nightmare-Eclipse Defender LPEs land in real intrusions, four Android bankers share 800+ targets, and Claude helps hijack BuddyBoss WordPress.
kimsuky
ZeroDay Field Notes - When the same names keep showing up
Kimsuky's credential playbook, Docker API miners, SystemBC's ransomware empire, RomCom zero-day chains, and why your extensions are someone else's red team.
supply-chain
ZeroDay Field Notes - supply-chain backdoors surge
TeamPCP supply-chain attacks hit PyPI and npm, GlassWorm returns with unkillable Solana C2, and new fileless primitives ForsHops and FlipSwitch raise the stealth bar.
supply-chain
ZeroDay Field Notes - Chains That Bind
Supply chain cascades, blockchain C2, browser encryption bypasses, and 20-hour exploit weaponization. UncleSp1d3r breaks down the chains.
supply-chain
ZeroDay Field Notes - Shadows in the Supply Chain
Process hollowing, Deno signing abuse, build-time supply chain poisoning, and AOT evasion: this week's techniques dissected for operators.