zero-days
ZeroDay Field Notes - Chains, RATs, and the Art of Staying Invisible
A red-team roundup of chaining zero-days, browser rats, air-gap hops, and evasive phishing techniques for stealthy ops.
Latest
geopolitics
EvilBit Threat Digest - Blackouts, Backdoors, and Browser Brainworms
A cross-cutting security digest on geopolitics shaping outages, new APT chains, AI prompt risks, cryptomining, and pragmatic patching guidance.
gridtide
EvilBit Threat Digest - Sheets, Shellcode, and SeaFlowers
Cloud-first malware roundup: GRIDTIDE uses Google Sheets as C2, PlugX evolutions, React RCE, SeaFlower wallet clones, fixes.
supply-chain
ZeroDay Field Notes - Supply Chains on Fire, RATs in the Shadows
Poisoned npm packages hijack AI dev tools, MIMICRAT laughs at ETW, and a Cisco zero-day's been burning since 2023. Sharpen up.
ai-agent
EvilBit Threat Digest - Your AI Assistant Just Ran `base64 -d | bash`
Midweek threat digest on AI-agent skill abuse, deepfake social engineering, ransomware links, Office bugs, mobile banking threats, and attack surface.
ai
EvilBit Threat Digest - AI Honeypots, Fileless Rats, and a Very Busy January Recap
Weekly security recap on AI-driven deception, BYOVD, steganography, and crypto-enabled infostealers shaping last month's threats.
proxy
ZeroDay Field Notes - Shells in the Shadows: When Proxies Meet Zero-Days
Proxy malware is getting trickier, supply chains are still a dumpster fire, zero-days keep landing, loaders are mutating, and now we've got AI poisoning to worry about. Here's what's actually worth your time this week.
EvilBit Threat Digest: Trust Falls, But Make It Internet-Scale
Attackers leaned on other people's infrastructure this week: OAST callback services, SaaS notifications, AI/extension marketplaces, fake installers, and a very convincing lookalike 7-Zip site all did their part to make defenders question reality and make incident responders question coffee.
supply-chain
EvilBit Threat Digest - QR Codes, Poisoned Packages, and AI With a Side Hustle
Weekly briefing on how attackers abuse trust layers such as package registries, QR codes, AI platforms, and search ads to breach supply chains.
ai
ZeroDay Field Notes - Implants, Exploits, and the AI Edge
Weekly briefing on AI-driven evasion, deepfake malware, cloud C2s, and smishing that bypasses 2FA, with defender-focused mitigations.
traffic-origin
EvilBit Threat Digest - Proxies, Poisoned Installers, and the Taxman's PDF
Your midweek security digest covers deceptive traffic origins, malicious installers, and trusted delivery channels that threaten credentials and endpoints.
dns
EvilBit Threat Digest: DNS Side-Channels, Admin UIs, and the Long Tail of Defaults
Threat digest on DNS as control plane via compromised routers and shadow resolvers, weak admin interfaces, evolving scams, and AI-enabled risk.