■■□□□ Privilege Escalation in Google Cloud! A serious bug in Cloud Composer (GCP) let attackers with edit access take control of key services like Cloud Storage and Artifact Registry by uploading malicious code. https://thehackernews.com/2025/04/gcp-cloud-composer-bug-let-attackers.html
All posts by John Doe
April 23, 2025 at 02:11AM
■■■■□ Russian state-sponsored hackers have attempted to sabotage Dutch critical infrastructure in attacks this year and last, according to the Dutch Military Intelligence and Security Service’s annual public report, published Tuesday. https://www.defensie.nl/actueel/nieuws/2025/04/22/russische-brutaliteit-om-samenleving-te-ontwr https://therecord.media/dutch-mivd-report-russian-cyber-sabotage
April 23, 2025 at 02:10AM
■■□□□ United Kingdom 🇬🇧 high street mainstay Marks & Spencer told the London Stock Exchange this afternoon it has been managing a “cyber incident” for “the past few days.” https://www.londonstockexchange.com/news-article/MKS/cyber-incident-update/16999905 https://www.theregister.com/2025/04/22/marks_spencer_cyber_incident/
April 22, 2025 at 08:11PM
■■□□□ State-Sponsored Actors Try ClickFix. https://www.proofpoint.com/us/blog/threat-insight/around-world-90-days-state-sponsored-actors-try-clickfix https://www.forbes.com/sites/zakdoffman/2025/04/21/do-not-click-if-you-see-this-on-your-pc-its-an-attack/
April 22, 2025 at 04:17PM
■□□□□ Fallout: Spying on Israeli citizens and protestors and using operations to deter court appearances by Benjamin Netanyahu. Israeli spy agency head: Ronen Bar accuses Netanyahu of demanding illegal operations. https://www.aljazeera.com/news/2025/4/22/israeli-spy-chief-accuses-netanyahu-of-demanding-illegal-operations
April 22, 2025 at 04:07PM
■■■■■ ⚡️ Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps 10 other certificates ‘were mis-issued and have now been revoked’. https://www.theregister.com/2025/04/22/ssl_com_validation_flaw/
April 22, 2025 at 02:40AM
■■■■□ Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime. 🔤🔤🔤🔤🔤🔤🔤 Currently, the application supports only Android libapp.so (arm64 only). Also, the application is currently working only against recent Dart versions. https://github.com/worawit/blutter
April 20, 2025 at 12:45PM
■■■■■ Interesting thread. Malicious #NPM Campaign #Lazarus C2 Web Panel http://{IP}:1224/keys or /pdown + http://{IP}:1245/login + XAMPP + HTML Title = L-Administrator https://x.com/blackorbird/status/1912904527092785487
April 20, 2025 at 12:42PM
■■■■□ Compiled to WebAssembly so as to enable emulation of 64-bit Windows binaries within a browser environment. https://momo5502.github.io/emulator/
April 19, 2025 at 09:21PM
⚡️ Full Disclosure | A Hardware Zero-Day Drop: Bypassing Lock – Microchip/Atmel SAM4C32 📱https://wiki.recessim.com/view/ATSAM4C32 ▶️https://youtu.be/IOD5voFTAz8