Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia

A suspected Chinese state-sponsored espionage campaign targeting Southeast Asian military organizations has been identified, traced back to at least 2020. Designated as CL-STA-1087, the operation demonstrates strategic patience and focused intelligence collection on military capabilities and structures. The attackers deployed custom tools including the AppleChris and MemFun backdoors, and a modified Mimikatz variant called Getpass. The campaign is characterized by the use of dead drop resolvers, custom HTTP verbs, and anti-forensic techniques. Infrastructure analysis reveals long-term persistence and operational compartmentalization. The activity aligns with Chinese working hours and utilizes China-based cloud infrastructure, suggesting a Chinese nexus.

Pulse ID: 69b7da7a6e515e00f9cb4184
Pulse Link: https://otx.alienvault.com/pulse/69b7da7a6e515e00f9cb4184
Pulse Author: AlienVault
Created: 2026-03-16 10:24:58

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Asia #BackDoor #China #Chinese #Cloud #CyberSecurity #Espionage #HTTP #InfoSec #Military #OTX #OpenThreatExchange #RAT #bot #AlienVault

🦖 422 Unprocessable Content 🦖

https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/422

The HTTP 422 Unprocessable Content client error response status code indicates that the server understood the content type of the request content, and the syntax of the request content was correct, but it was unable to process the contained instructions.

#webdev #HTTP

cURL (https://curl.se/) is one of my favorite tools when working with REST APIs. The use of this tool is found in almost all scripts.
With it, you can test your HTTP handlers and even write example requests and responses in the service documentation. Of course, there are other tools, such as HTTPie (https://httpie.org/), xh (https://github.com/ducaale/xh) and others.

#curl #Web #HTTP #REST #API #HTTPie #xh #POST #GET

China-nexus Threat Actor Targets Persian Gulf Region With PlugX

A China-nexus threat actor targeted countries in the Persian Gulf region using a multi-stage attack chain to deploy a PlugX backdoor variant. The campaign exploited the renewed Middle East conflict, using an Arabic-language document lure depicting missile attacks. The attack utilized a ZIP archive containing a malicious Windows shortcut file, which downloaded a CHM file leading to the deployment of PlugX. The malware employed various obfuscation techniques, including control flow flattening and mixed boolean arithmetic. The PlugX variant supported HTTPS for command-and-control communication and DNS-over-HTTPS for domain resolution. Based on the tools and tactics used, the activity is attributed to a China-nexus actor, possibly linked to Mustang Panda.

Pulse ID: 69b7dacde783e4b5dec19bde
Pulse Link: https://otx.alienvault.com/pulse/69b7dacde783e4b5dec19bde
Pulse Author: AlienVault
Created: 2026-03-16 10:26:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Arabic #BackDoor #China #CyberSecurity #DNS #HTTP #HTTPS #ICS #InfoSec #Malware #MiddleEast #OTX #OpenThreatExchange #PlugX #Windows #ZIP #bot #AlienVault

Now that there's quite a few HTTP auth methods, has anyone put together a one page comparing and contrasting them?

IANA list of them:
https://www.iana.org/assignments/http-authschemes/http-authschemes.xhtml

#HTTP #InfoSec #Security

HTTP-кеширование изнутри: ETag, Last-Modified и эвристика браузера

Как браузер принимает решение о кешировании? Что такое условный HTTP-запрос? Как возникает 304 Not Modified? Как устроен принудительный запрос ресурса, минуя кеш? Если эти вопросы для вас актуальны, прошу на огонёк. Изложение намеренно подробное: статья адресована и тем, кто только начинает путь в веб-разработке, и тем, кто просто хочет закрыть отдельные пробелы в понимании механизма кеширования. Скажем "нет" слепому копированию заголовков кеширования. Погружаемся

https://habr.com/ru/articles/1010594/

#сети #http #кеширование #кэширование #rfc9111 #starlette #uvicorn #httpсервер #браузеры #rfc9110

#Development #Fun
Front-end Crossword · The crossword puzzle for front-end developers https://ilo.im/16baxk

_____
#HTML #CSS #JavaScript #Forms #Accessibility #ARIA #Images #HTTP #WebDev #Frontend

HTTP-методы для начинающих: разбираем по букве спецификаций, а не пересказам

Этап "давайте сначала изучим стандарты" при обучении веб-разработке иногда сразу пропускают (или рассматривают буквально в двух словах), переходя к фреймворкам, абстракциям и решениям, которые за тебя уже приняли авторы этих фреймворков. В этой статье мы разберем все 9 методов HTTP-запросов, опираясь на тексты документов, которыми эти методы определены (RFC 9110 и RFC 5789). Статья подойдёт тем, кто делает первые шаги в веб-разработке и хочет понять HTTP глубже, чем это позволяют туториалы фреймворков. Погружаемся

https://habr.com/ru/articles/1010240/

#http #httpсервер #httpметоды #httpзаголовки #http_статус #сети

Proposal for HTTP 6XX status codes

#HTTP #PHP

If you need to share a heavy file between your computer to your smartphone you can open a http server with

ruby -run -e httpd . -p 8000

then go to your ip from your smartphone in the 8000 port and that's it!!

if you prefer to use python you can type

python -m http.server

Same logic
#ruby #http #sharefile #python

https://docs.ntfy.sh/install/

debian

sudo mkdir -p /etc/apt/keyrings
sudo curl -L -o /etc/apt/keyrings/ntfy.gpg https://archive.ntfy.sh/apt/keyring.gpg
sudo apt install apt-transport-https
echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/ntfy.gpg] https://archive.ntfy.sh/apt stable main" \
    | sudo tee /etc/apt/sources.list.d/ntfy.list
sudo apt update
sudo apt install ntfy
sudo systemctl enable ntfy
sudo systemctl start ntfy

#ntfy #notifications #programming #Android #Linux #sh #bash #csh #ksh #zsh #fish #curl #http #javascript #golang #powershell #python #php #technology #OpenSource #POSIX

TIL today I RTFM!

command

ntfy

Today I read the brief synopsis of ntfy Android. I saw there that via linux the control and operation is fairly simple & straightforward

I went to the site and started reading.

ntfy via linux is easy to use

• simple HTTP PUT/POST commands are used

sh

curl -d "Backup successful 😀" ntfy.sh/mytopic

a.out

ntfy publish mytopic

"Backup successful 😀"

HTML

POST /mytopic HTTP/1.1
Host: ntfy.sh

Backup successful 😀

javascript

fetch('https://ntfy.sh/mytopic', {
    method: 'POST', // PUT works too
    body: 'Backup successful 😀'
})

golang

http.Post("https://ntfy.sh/mytopic", "text/plain",
   strings.NewReader("Backup successful 😀"))

python

requests.post("https://ntfy.sh/mytopic",
    data="Backup successful 😀".encode(encoding='utf-8'))

php

file_get_contents('https://ntfy.sh/mytopic', false, stream_context_create([
    'http' => [
        'method' => 'POST', // PUT also works
        'header' => 'Content-Type: text/plain',
        'content' => 'Backup successful 😀'
    ]
]));

Markdown formatting¶

Supported on Android & webApp

You can format messages using Markdown 🤩. That means you can use bold text, italicized text, links, images, and more. Supported Markdown features (web app only for now):

Emphasis such as bold (bold), italics (italics)
Links (some tool)
Images ()
Code blocks (code blocks) and inline code (inline code)
Headings (# headings, ## headings, etc.)
Lists (- lists, 1. lists, etc.)
Blockquotes (> blockquotes)
Horizontal rules (---)

Read more on

https://docs.ntfy.sh/publish/#markdown-formatting

Sources:

https://docs.ntfy.sh/

https://docs.ntfy.sh/install/

https://docs.ntfy.sh/publish/#markdown-formatting

#ntfy #notifications #programming #Android #Linux #sh #bash #csh #ksh #zsh #fish #curl #http #javascript #golang #powershell #python #php #technology #OpenSource #POSIX

RE: https://w3c.social/@timbl/116218139512953309

Happy 37th birthday, World Wide Web! 🎂

#timbernerslee #www #http #html

Meine kleine #nachtmusik
#music #musik #rockmusic #coloursofrock
#billyjoel

#http://www.colours-of-rock.com

https://youtu.be/gxEPV4kolz0?is=CO8WkfjoSEncR8wP

Vary: Origin, Origin, Origin, accept-encoding
... yes, okay, I get it, you want to vary by the origin
#http

@ant0inet: Merci für den Hinweis auf das unter #CreativeCommons stehende High Performance
Browser Networking Buch aus dem #OReillyVerlag unter https://hpbn.co/!

#HTTP #HTTP2 #HTTP3 #QUIC #OReillyBook #OReilly

Wednesday Links - Edition 2026-03-11
https://dev.to/0xkkocel/wednesday-links-edition-2026-03-11-37bb
#java #jvm #http #springboot #dpop #quarkus #postgres #claude

System Administration: Week 7: DNS & HTTP

We're moving from the DNS on to HTTP. Sorry, no videos for this subtopic, but here are the slides from our last class. We discuss how to get your domain registered and then move on to summarize briefly HTTP the protocol and look at what CDNs do.

https://stevens.netmeister.org/615/07-2026.pdf

#sysadmin #devops #sre #http

Microsoft OAuth Device Code Phishing

A new phishing technique abusing Microsoft's OAuth Device Code flow is on the rise, with over 180 phishing URLs detected in a week. This method shifts from credential theft to token-based account takeover, making detection more challenging. Attackers initiate a device authorization process, tricking victims into approving it on legitimate Microsoft pages. The attack uses encrypted HTTPS traffic and legitimate authentication flows, bypassing traditional phishing indicators. Victims unknowingly grant attackers access to their Microsoft 365 accounts through OAuth tokens. This poses a critical risk as it allows immediate access to corporate data and resources, potentially leading to business email compromise and persistent access through refresh tokens.

Pulse ID: 69b108df5b954bb09603a0db
Pulse Link: https://otx.alienvault.com/pulse/69b108df5b954bb09603a0db
Pulse Author: AlienVault
Created: 2026-03-11 06:17:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Email #HTTP #HTTPS #InfoSec #Microsoft #OTX #OpenThreatExchange #Phishing #RAT #RCE #bot #AlienVault

IroncladDev (@IroncladDev)

HTTP 트래픽의 상당 부분이 연령 확인으로 차단되는 날이 올 수 있다고 경고하면서, 암호화 통신과 규제 회피 측면에서 SSH 기반 개발을 권장함. 규제가 강화될 경우 안전하고 규제하기 어려운 통신 수단으로의 이전을 촉구하는 기술적 제언.

https://x.com/IroncladDev/status/2031380758489669673

#http #ssh #privacy #internetsecurity