GGGhulam Ghousindenebrixai.hashnode.dev·2d ago · 9 min read10 Cybersecurity Threats Every Internet User Must KnowSomewhere right now, someone you've never met is trying to guess your password. Maybe it's a bot running through a leaked password list, maybe it's a scammer sending a fake “your account is locked” em00
RPRudra Ponksheinblog.realrudrap.dev·5d ago · 7 min readThe Attacker's DisciplineThere is a specific kind of cognitive dissonance that comes from reverse engineering a malware sample in one terminal while your own app's backend runs in another. I spent the better part of the last 30
VNVũ Nhật Lâminblog.fiscybersec.com·5d ago · 7 min readMistic Backdoor: KongTuke's New Weapon in the ClickFix – ModeloRAT – Ransomware EcosystemExecutive Summary A new backdoor named Backdoor.Mistic (also tracked by Zscaler as MLTBackdoor) has surfaced in intrusions since April 2026, hitting organizations across insurance, education, IT, and 00
ĐVĐinh Văn Mạnhinblog.fiscybersec.com·5d ago · 13 min readGigaWiper: When One Backdoor Stitches Three Malware Families Into a Destruction-on-Demand MachineOverview On July 9, 2026, Microsoft Threat Intelligence published a code-level analysis of GigaWiper — a Go (Golang)-based backdoor capable of sabotaging systems at the physical disk level. What makes00
RPRudra Ponksheinblog.realrudrap.dev·Jul 8 · 11 min readI Found the Live C2 Server Controlling Thousands of Infected DevicesIf you've been following along, here's where we are: a spam SMS dropped an APK, the APK was a dropper that XOR-decrypted a multi-DEX container, HMAC-validated it, AES-decrypted it, and loaded the resu20
4F404 Foundersin404-founders.com·Jul 8 · 5 min readFake Paysafe, Skrill SDKs Hit npm and PyPISeventeen packages, two registries, one goal: steal developer secrets. Fake Paysafe, Skrill, and Neteller payment SDKs hit npm and PyPI on July 7 and were caught harvesting API keys, AWS credentials, 00
4F404 Foundersin404-founders.com·Jul 4 · 6 min readAsyncRAT Hides Behind Fake OBS Studio InstallersSearch for "OBS Studio download" right now and there is a genuine likelihood that one of the top results installs a remote access trojan instead of streaming software. Kaspersky's MDR team has been tr00
TGTej Gokaniintejgokani.hashnode.dev·Jul 2 · 6 min readRing 0: The Line Most Software Never CrossesThe privilege you don't think about Most of the software on your computer operates under a quiet agreement: it gets to touch its own corner of memory, read its own files, and nothing else. The operati00
JDJustine Devs (Official)injstn.hashnode.dev·Jul 1 · 8 min readThe malware was not in the app. It was in .git/hooks.My first job hunt taught me to inspect the repo before trusting the task I am currently looking for my first job So when a recruiter messaged me on LinkedIn and sent over a take-home repository, I tre00
4F404 Foundersin404-founders.com·Jun 28 · 4 min readGaslight: macOS Malware Uses Prompt InjectionA North Korea-linked macOS backdoor called Gaslight embeds 38 fake system error messages designed to trick AI malware analysis tools into aborting their investigation. CVE: N/A (malware campaign) Seve00