phishing
EvilBit Threat Digest - Phishing, AI-agent Risks & Malware
Roundup: LastPass phishing, ErrTraffic ClickFix, BlueNoroff macOS/supply-chain attacks, MCP AI-agent risks, and WordPress/mJobtime exploits.
malware
fortinet
ZeroDay Field Notes - Your Firewall is a Liar, and Your IDE is a Snitch
Fortinet firewalls compromised despite patches, malicious VS Code AI extensions steal code from 1.5M developers, and phishing kits exploit trusted cloud platforms.
voidlink
EvilBit Threat Digest - Kernel Rootkits Get a Cloud-Native Upgrade
VoidLink malware compiles custom kernel rootkits on-demand, plus critical n8n and WordPress vulnerabilities, DLL side-loading campaigns, and more threats analyzed.
deserialization
EvilBit Threat Digest - The Deserialization Blues
Critical RCE flaws in Sitecore, HPE OneView, and Magento face active exploitation. Plus: OAuth phishing tricks, RMM tool abuse, and new cloud-native Linux malware.
malware
ZeroDay Field Notes - When Your Build Path Becomes Your Fingerprint
Weekly analysis of evasion and OPSEC failures: hardware-breakpoint AMSI bypass, unstripped Rust build paths ('Jacob'), cloud-native VoidLink, and markdown exfil.
cybersecurity
EvilBit Threat Digest - EvilBit Threat Digest: The Walls Have AI Ears
Knownsec leak exposes Chinese cyber-espionage tools, npm supply-chain attacks use blockchain C2, malicious Chrome extensions steal AI chats, and WhatsApp becomes a worm vector.
infosec
ZeroDay Field Notes - When Package Managers Become Trojan Horses and AI Safety Gets Weaponized
Offensive-focused notes on npm supply chain backdoors, Pyarmor stealth stealers, socially engineered RATs, GRU phishing, and weaponized AI safety.
cybersecurity
EvilBit Threat Digest - Turning the Tables: When Deception Becomes Defense
Newsletter on Resecurity's honeypot win, FortiWeb 0-day exploitation, and Chinese Office Assistant supply chain browser plugin attack.
supply-chain
EvilBit Threat Digest - When Your Browser and Build Pipeline Become the Backdoor
Supply-chain attacks target Maven Central with Cobalt Strike, Firefox extensions hide malware in PNG pixels, and APT groups weaponize DNS to hijack software updates.
watchguard
ZeroDay Field Notes - When Your Firewall Becomes the Backdoor
Critical WatchGuard RCE exploited in the wild, 59K Next.js servers compromised, cross-platform APT36 campaigns, and code-signed macOS malware bypassing Gatekeeper.
ddos
EvilBit Threat Digest - When the Bots Come Knocking: Record DDoS, State Actors, and the Week in Malware
Record 29.7 Tbps DDoS botnet, fresh APT campaigns, mobile and browser malware, and OAuth device code phishing—what defenders must do now.
react
EvilBit Threat Digest - A Critical Reaction to the Week in Bugs
Critical React RCE sparks urgent patches as malware campaigns, APT spyware, supply-chain hits, and breaches highlight fragile digital trust.