watchguard
ZeroDay Field Notes - When Your Firewall Becomes the Backdoor
Critical WatchGuard RCE exploited in the wild, 59K Next.js servers compromised, cross-platform APT36 campaigns, and code-signed macOS malware bypassing Gatekeeper.
UncleSp1d3r
I'm a computer security pro who loves creating custom tools. I'm all about building secure systems and diving into Rust and GoLang. Let's connect and team up!
fortinet
EvilBit Threat Digest - This Week in Security: Burning Platforms and Broken Trust
Fortinet and Cisco zero-days, React RCE, Kimwolf botnet, Node.js malware, parked domain abuse, NuGet typosquat, and new Nessus plugins.
srop
ZeroDay Field Notes - Sleep Tight: SROP Obfuscation and the Rise of Local AI Exploitation
Two offensive tools to watch: SROP-based sleep obfuscation for Linux implants and a local AI auto-exploitation push, with defenses and caveats.
react
EvilBit Threat Digest - This Week in Security: React Like You Mean It
React2Shell RCE slams Next.js as threat actors pivot to BYOVD ransomware, eBPF rootkits, Teams scams, VS Code trojans, and OT bruteforce attacks.
react
ZeroDay Field Notes - React2Shell: From Theory to Practice in 72 Hours
React2Shell exploited within hours; patch now. Active Gladinet attacks persist. Malware tradecraft and AI-assisted reverse engineering insights.
react
EvilBit Threat Digest - A Critical Reaction to the Week in Bugs
Critical React RCE sparks urgent patches as malware campaigns, APT spyware, supply-chain hits, and breaches highlight fragile digital trust.
zero-day
ZeroDay Field Notes - October-December 2025 Vulnerability and Exploit Highlights
An in-depth analysis of October-December 2025's major cybersecurity events, including pre-auth RCEs, rootkits on network switches, Windows 10's last free patches, and advanced tradecraft with blockchain C2 and AI phishing.
steganography
ZeroDay Field Notes - When Pixels Hide Payloads and Trust Gets Weaponized
From PNG-steganography payloads to dev-tool supply chain compromises, attackers scale obfuscation and weaponize trust across platforms.
edr-evasion
ZeroDay Field Notes - Payloads in the Browser, Rootkits in the ATM
EDR evasion with RONINGLOADER, Windows admin bypass, browser push C2, router AitM updates, Lazarus tweaks, and an ATM heist with a Pi.
zero-days
ZeroDay Field Notes: Shells, Shadows, and Sandbox Escapes
APT chains hitting Citrix and Cisco with stealthy webshells, new RATs and a Go packer boosting EDR evasion; also destructive ops and proxy C2.
hyper-v
ZeroDay Field Notes: Hiding in Plain Sight with Hyper-V
Explores using Hyper-V as a covert hideout for stealthy C2 and persistence, with real-world campaigns and toolchains.
ZeroDay Field Notes - Tricks, Treats, and Fresh Shells
A weekly security roundup of VM escapes, DLL hijacks, browser exfiltration tricks, phishing evasion, and hybrid Linux-on-Windows ransomware campaigns.