August 2025

, ,

Update: pdf-parser.py Version 0.7.13

This is a bugfix version. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon ...

Sp123 31 Aug, 2025
, ,

아동복지 기부금 사칭 악성코드 주의보 김수키(Kimsuky) 소행 분석

오늘은 북한 해킹 단체 김수키(Kimsuky)에서 기부금 영수증.pdf.lnk(2025.8.18)이라는 제목으로 행복아동복지라는 기부금 이라는 영수증을 보여 주면서 깃헙브를 통해서 악성코드 유포하는 것을 분석을 해보겠습니다.해시파일명: 기부금 영수증....

Sp123 31 Aug, 2025
, ,

The Infostealer-to-APT Pipeline: How Stolen Diplomatic Credentials Fuel Cyber-Political Power Plays

With cyber espionage on the rise, opportunistic Infostealer malware, designed to harvest credentials indiscriminately, is being repurposed b...

Sp123 31 Aug, 2025
, ,

The Cost of AI Velocity: 5 Actions Dev Leaders Must Take to Secure Their Codebase from AI Vulnerabilities

Here’s a hypothetical for you: You discover a developer on your team produces code where 40-50% contains exploitable vulnerabilities. How lo...

Sp123 31 Aug, 2025
, ,

Massachusetts AG Secures $795,000 Settlement for Alleged Data Security and Breach Notification Failures by Peabody Properties Inc

A.J. S. Dhaliwal, Mehul N. Madia, Maxwell Earp-Thomas of Sheppard, Mullin, Richter & Hampton write: On August 19, Massachusetts Attorney...

Sp123 30 Aug, 2025
, ,

Warning About NightSpire Ransomware Following Cases of Damage in South Korea

NightSpire operates a DLS (Dedicated Leak Site) and posts a countdown timer for the public release of information and data about victims. Th...

Sp123 29 Aug, 2025
, ,

Operation HanKook Phantom: North Korean APT37 targeting South Korea

Table of Contents: Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: M...

Sp123 29 Aug, 2025
, ,

Claude AI chatbot abused to launch “cybercrime spree”

Anthropic—the company behind the widely renowned coding chatbot, Claude— says it uncovered a large-scale extortion operation in which cyber...

Sp123 28 Aug, 2025
, ,

New Research Explores Emulating Scattered Spider Tactics in Real-World Scenarios

Experts have described methods for mimicking the strategies of the advanced persistent threat (APT) group Scattered Spider in a recent in-de...

Sp123 28 Aug, 2025
, ,

Vulnerabilities in OpenSolution QuickCMS software

CERT Polska has received a report about 6 vulnerabilities (from CVE-2025-54540 to CVE-2025-55175) found in OpenSolution QuickCMS software. ...

Sp123 28 Aug, 2025
, ,

간 질환 떄문에 복용하는 고덱스정

먼저 해당 글은 비전문가의 글이므로 오류가 있을 수가 있습니다. 즉 전문가와 상담을 먼저 하는 것을 추천합니다. 오늘은 개인적으로 간 질환 때문에 복용하는 고덱스정에 대해 알아보겠습니다. 일단 간은 체내의 화학공장이란 말이 어울릴 정도로 각종 대사과정...

Sp123 27 Aug, 2025
, ,

What are the differences between OpenAI’s GPT 5 and GPT 4o?

Earlier this month, OpenAI released GPT 5 , which they market as the company’s best AI system. OpenAI has hailed the new GPT update as its ...

Sp123 27 Aug, 2025
, ,

Auchan retailer data breach impacts hundreds of thousands of customers

Bill Toulas reports: French retailer Auchan is informing that some sensitive data associated with loyalty accounts of several hundred thousa...

Sp123 26 Aug, 2025
, ,

Chinese UNC6384 Hackers Use Valid Code-Signing Certificates to Evade Detection

Google Threat Intelligence Group (GTIG) has uncovered a multifaceted cyber espionage operation attributed to the PRC-nexus threat actor UNC6...

Sp123 26 Aug, 2025
, ,

Android Droppers: The Silent Gatekeepers of Malware

Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any fl...

Sp123 25 Aug, 2025
, ,

A week in security (August 18 – August 24)

Last week on Malwarebytes Labs: Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using c...

Sp123 25 Aug, 2025
, ,

북한 Lazarus(라자루스) 에서 만든 RAT PyLangGhost RAT 분석-command.py(2025.8.7)

오늘은 북한 해킹 단체인 Lazarus(라자루스) 에서 만든 악성코드인 RAT PyLangGhost RAT 분석-command.py(2025.8.7)에 대해 분석을 하는 시간을 가져 보겠습니다. 일단 해당 악성코드는 기본적으로 파이썬(Python) 으...

Sp123 24 Aug, 2025
, ,

Google Deletes Millions of Android Apps After Malware Discovery

NoMusica reports: Google has confirmed that it has removed more apps from the Play Store after researchers discovered a dangerous malware ta...

Sp123 24 Aug, 2025
, ,

The EU NIS2 Directive and intra-group IT services

Dr. Stefan Schuppert and Valentin Reiter of Hogan Lovells write: While the NIS2 Directive remains to be implemented in several EU Member Sta...

Sp123 24 Aug, 2025
, ,

A history of device-bound cookies

The recent announcement from Google about Device Bound Session Credentials ( DBSC ) sent me down memory lane. Back when several TLS attack...

Sp123 24 Aug, 2025
, ,

MacOS hacking part 10: shellcode injection via task_for_pid - create remote thread. Simple C (Intel) example

﷽ Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any ...

Sp123 24 Aug, 2025