phishing
EvilBit Threat Digest - When Tables Become Traps and Trust Turns Toxic
Attackers weaponize trust with HTML QR phishing, multi-stage AsyncRAT, fake Fortinet VPNs, OAST campaigns, LLM SSRF, SSH and RMM abuse.
phishing
cybersecurity
EvilBit Threat Digest - EvilBit Threat Digest: The Walls Have AI Ears
Knownsec leak exposes Chinese cyber-espionage tools, npm supply-chain attacks use blockchain C2, malicious Chrome extensions steal AI chats, and WhatsApp becomes a worm vector.
infosec
ZeroDay Field Notes - When Package Managers Become Trojan Horses and AI Safety Gets Weaponized
Offensive-focused notes on npm supply chain backdoors, Pyarmor stealth stealers, socially engineered RATs, GRU phishing, and weaponized AI safety.
insider-threat
EvilBit Threat Digest - New Year Breaches and Phishing at Scale
KryptoKat analyzes Coupang's 33.7M-record insider breach, GlassWorm's macOS pivot with Solana C2, Silver Fox tax-themed phishing in India, and Intellexa sanctions reversal.
ddos
EvilBit Threat Digest - When the Bots Come Knocking: Record DDoS, State Actors, and the Week in Malware
Record 29.7 Tbps DDoS botnet, fresh APT campaigns, mobile and browser malware, and OAuth device code phishing—what defenders must do now.
react2shell
EvilBit Threat Digest - Multiple Actors, Multiple Platforms, Multiple Headaches
React2Shell exploitation surges, Android trojans and WhatsApp GhostPairing spread, 700Credit breach hits millions, new stealers and APT ops.
browser-extensions
EvilBit Threat Digest - Malicious Extensions, APT Overlap, Mobile Banking Malware
4.3M malicious extensions, evolving npm worm and BEC, overlapping APTs, advanced Android banking trojans, and a Rust-based Linux APT toolkit.
ai
EvilBit Threat Digest - When AI Turns on Itself and Attackers Go Kinetic
Iranian APTs enabling kinetic strikes, AI botnet via Ray RCE, creative malware via Blender, WhatsApp, homoglyphs, and critical patches.
cybersecurity
EvilBit Threat Digest - The Long November: Patch Tuesday, Zero-Days, and Attackers’ Creativity
A roundup of November’s critical patches, active exploits, APT campaigns, supply chain attacks, and evolving phishing threats.
oracle
Sunday Edition - Perimeter Problems, Patching Frenzy
A weekly security briefing on active exploits (Oracle EBS CVE-2025-61882), botnets, phishing, and urgent patching and defense guidance.