[ News | Newsletters | Blogs | Reddits | Lists | Media | Jobs ] HoneyDB
  [ privacy | malware | research | vendor ]
Wiz - Incidents
NCC Group Research
Threat Research - Sophos
DragonForce targets rivals in a play for dominance
A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist
Beyond the kill chain: What cybercriminals do with their money (Part 5)
Beyond the kill chain: What cybercriminals do with their money (Part 4)
Beyond the kill chain: What cybercriminals do with their money (Part 3)
Beyond the kill chain: What cybercriminals do with their money (Part 2)
Beyond the kill chain: What cybercriminals do with their money (Part 1)
Microsoft primes 71 fixes for May Patch Tuesday
Lumma Stealer, coming and going
NICKEL TAPESTRY expands fraudulent worker operations
PortSwigger Research
Drag and Pwnd: Leverage ASCII characters to exploit VS Code
Document My Pentest: you hack, the AI writes it up!
SAML roulette: the hacker always wins
Shadow Repeater:AI-enhanced manual testing
Top 10 web hacking techniques of 2024
Bypassing character blocklists with unicode overflows
Stealing HttpOnly cookies with the cookie sandwich technique
Top 10 web hacking techniques of 2024: nominations open
Bypassing WAFs with the phantom $Version cookie
New crazy payloads in the URL Validation Bypass Cheat Sheet
Google Project Zero
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
The Windows Registry Adventure #6: Kernel-mode objects
Blasting Past Webp
Windows Exploitation Tricks: Trapping Virtual Memory Access (2025 Update)
Windows Bug Class: Accessing Trapped COM Objects with IDispatch
The Windows Registry Adventure #5: The regf file format
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
Windows Tooling Updates: OleView.NET
Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
AI Research - Sophos
The sixth sense for cyber defense: Multimodal AI
DeepSpeed: a tuning tool for large language models
Sophos AI to present on how to defang malicious AI models at Black Hat Europe
SophosAI team presents three papers on AI applied to cybersecurity at CAMLIS
Political Manipulation with Massive AI Model-driven Misinformation and Microtargeting
SophosAI at Virus Bulletin ’24: Using multimodal AI as a “sixth sense” for cyber defense
Benchmarking the Security Capabilities of Large Language Models
The Dark Side of AI: Large-Scale Scam Campaigns Made Possible by Generative AI
Sophos AI team to present at CAMLIS
SophosAI at DEF CON: Orchestrating large-scale scams using text, audio and image generative AI
Unit 42
Threat Group Assessment: Muddled Libra (Updated May 16, 2025)
DarkCloud Stealer: Comprehensive Analysis of a New Attack Chain That Employs AutoIt
Threat Brief: CVE-2025-31324
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
Iranian Cyber Actors Impersonate Model Agency in Suspected Espionage Operation
Lampion Is Back With ClickFix Lures
AI Agents Are Here. So Are the Threats.
Gremlin Stealer: New Stealer on Sale in Underground Forum
Extortion and Ransomware Trends January-March 2025
False Face: Unit 42 Demonstrates the Alarming Ease of Synthetic Identity Creation
Talos Intelligence
© 2024 RiskDiscovery | Sponsored by: Deception Logic