RPRudra Ponksheinblog.realrudrap.dev·2d ago · 15 min readThe Spam SMS that turned into a rabbit hole⚠ WARNING: If you received a SMS claiming your vehicle has an outstanding RTO challan with a link which downloads an .apk file, do not open it. This is an active malware campaign as of June 2026 imper20
KRKishore Rinkishorecybersec.hashnode.dev·Jun 19 · 4 min readCan AI Replace Cybersecurity ?Introduction: Cybersecurity is not immune from the ever-evolving power of Artificial Intelligence (AI). Today, AI-driven solutions can identify threats with speed, analyze vast amounts at once and aut10
JTJeff Tonginwind010.hashnode.dev·Jun 15 · 8 min readMalware DetectionWhat is YARA? How do we detect if a system is infected? Typically, cybersecurity defenders use YARA rules for malware detection. YARA is the engine that runs these rules. The modern engine is YARA-X w00
JTJeff Tonginwind010.hashnode.dev·Jun 12 · 15 min readMalicious Binary Reverse EngineeringI'm no Low Level (Ed) or John Hammond. I'm at the point where it's a skills issue. I need some guidance. Initially, I tried to get have Claude Codede to analyze the malicious repository with instructi00
JTJeff Tonginwind010.hashnode.dev·Jun 12 · 13 min readDeeper Malware Binary AnalysisWe've setup the docker container with disassemblers like radare2 in the previous post. Separation of Concerns I'm going to use radare2 to slice out by offset/size from the header. We used file and obj00
JTJeff Tonginwind010.hashnode.dev·Jun 11 · 10 min readMalicious Binary Analysis In Malicious IPs and Domain Reconnaissance we trace the endpoints where the suspicious code is coming from. We're going to dive deeper, but I need some protections. The DNS, registry, and endpoint rec00
JTJeff Tonginwind010.hashnode.dev·Jun 10 · 6 min readMalicious Github Repository AnalysisDiscovery I was doing some research on CVE-2026-41940 after catching up on the Security Now podcast and looked for a PoC to better understand the the vulnerability. That's when a simple Google search 10
JJebitokinsharonjebitok.com·Jun 2 · 11 min readMasquerade (TryHackMe)Link to the challenge on TryHackMe: Masquerade Scenario Jim from the Finance department received an email that appeared to come from the company’s system administrator, asking him to run a script to “00
NNigmazinbluecyber.hashnode.dev·May 26 · 35 min readMUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chainTL;DR. The malware sample uses the three-file set Avk.exe, Avk.dll, and AVKTray.dat, deployed from an MSI file downloaded by Browser_Updater.exe. The execution chain starts with DLL sideloading throug00
Rrathsarainrr-cyber.hashnode.dev·May 17 · 23 min readROOTING THE WORLD’S FIRST CYBER SUPER-WEAPON: STUXNETIn June 2010, a Belarusian security firm received a routine support request. A client's Windows PC kept crashing with the infamous Blue Screen of Death. Malware analyst Sergey Ulasen dug in, expecting10
