Chinese APT deploys new malware to keep access to hacked networks

A Chinese espionage group tracked as UNC5221 has been accessing Microsoft 365 environments using the Brickstorm backdoor and ...

XBOW tests Anthropic's Mythos Preview for offensive security

Anthropic's Mythos Preview was highly effective at finding vulnerability candidates, especially when analyzing source code.
The Hacker News

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

VerdantBamboo used BRICKSTORM, PLENET, and AGENTPSD after an 18-month breach, enabling stealthy Linux appliance access.
GitHub

AV bypass using the shellcode loader 'Shellcodeloader'

It is a shellcode loader that uses encryption to get around AV solutions such as Windows Defender. > The tool is composed of a generator (Shellcodeloader.exe) and numerous loader templates. There are ...
TechBooky

New Malware Deployed By Chinese APT To Retain Access To Hacked Systems

The Brickstorm backdoor and unidentified malware called Plenet and AgentPSD have been used by a Chinese espionage cell known ...
International Business Times

Chinese Threat Group Hid Inside Microsoft 365 Networks for 18 Months Using Secret Malware ...

Chinese hacking group UNC5221 secretly accessed Microsoft 365 environments for 18 months using Brickstorm, Plenet and AgentPSD malware, researchers found. Freepik A sophisticated Chinese ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...
GitHub

AV bypass using the obfuscation script 'Invoke-Obfuscation'

The objective of this simple test is to run a reverse shell obfuscated with 'Invoke-Obfuscation' on a Windows 10 laptop without being detected and blocked by the Windows Defender AV (that is enabled ...

YouTuber PewDiePie Launches Free AI That Runs Privately On Your PC, Taking on Claude and ...

PewDiePie has released Odysseus, a free and open-source AI workspace that runs on a user’s own computer. The project is not a ...
Microsoft

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign

Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the ...