Resurgence of a multi‑stage AiTM phishing and BEC campaign abusing SharePoint https://infosec.pub/post/41068438 [https://infosec.pub/u/digicat] #blueteamsec

NSA Releases First in Series of Zero Trust Implementation Guidelines https://infosec.pub/post/41039995 [https://infosec.pub/u/digicat] #blueteamsec

MacSync Stealer Returns: SEO Poisoning and Fake GitHub Repositories Target macOS Users https://infosec.pub/post/41035279 [https://infosec.pub/u/digicat] #blueteamsec

To the past and beyond: Andariel’s latest arsenal and cyberattacks https://infosec.pub/post/41034999 [https://infosec.pub/u/digicat] #blueteamsec

HuntCyberArk: CyberArk Security Audit https://infosec.pub/post/41034946 [https://infosec.pub/u/digicat] #blueteamsec

TopazTerminator: Just another EDR killer https://infosec.pub/post/41034941 [https://infosec.pub/u/digicat] #blueteamsec

PDFSIDER Malware - Exploitation of DLL Side-Loading for AV and EDR Evasion https://infosec.pub/post/41034835 [https://infosec.pub/u/digicat] #blueteamsec

Don't Judge a PNG by Its Header: PURELOGS Infostealer Analysis https://infosec.pub/post/41034938 [https://infosec.pub/u/digicat] #blueteamsec

Malicious-PixelCode: Malicious PixelCode is a security research project that demonstrates a covert technique for encoding executable files into pixel data and storing them inside images etc with ldr https://infosec.pub/post/41034632 [https://infosec.pub/u/digicat] #blueteamsec

windbg-copilot: WinDbg Copilot - Agentic Debugging extension https://infosec.pub/post/41034285 [https://infosec.pub/u/digicat] #blueteamsec

chisel-ng: Chisel new generation, written in rust. SSH under WSS with some customization. https://infosec.pub/post/41034398 [https://infosec.pub/u/digicat] #blueteamsec

GitLab Patch Release: 18.8.2, 18.7.2, 18.6.4 - "allowed an individual with existing knowledge of a victim's credential ID to bypass two-factor authentication by submitting forged device responses." https://infosec.pub/post/41034412 [https://infosec.pub/u/digicat] #blueteamsec

LiveContainer: Run iOS apps without actually installing them! https://infosec.pub/post/41034264 [https://infosec.pub/u/digicat] #blueteamsec

When Ransomware Makes a Mistake Inside INC Ransomware’s Backup Infrastructure https://infosec.pub/post/41034107 [https://infosec.pub/u/digicat] #blueteamsec

sec-context: AI Code Security Anti-Patterns distilled from 150+ sources to help LLMs generate safer code. https://infosec.pub/post/41034151 [https://infosec.pub/u/digicat] #blueteamsec

The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time https://infosec.pub/post/41034105 [https://infosec.pub/u/digicat] #blueteamsec

Watering Hole Attack Targets EmEditor Users With Information-Stealing Malware https://infosec.pub/post/41034101 [https://infosec.pub/u/digicat] #blueteamsec

Defender Timeline Downloader: Extending Data Retention for Incident Response https://infosec.pub/post/41033958 [https://infosec.pub/u/digicat] #blueteamsec

Living Off the Web: How Trust Infrastructure Became a Malware Delivery Interface https://infosec.pub/post/41033741 [https://infosec.pub/u/digicat] #blueteamsec

Sandworm behind cyberattack on Poland’s power grid in late 2025 https://infosec.pub/post/41033644 [https://infosec.pub/u/digicat] #blueteamsec