Dadicke

@EduardHabsburg 😊👍

My son, eternal nerd, as usually overdoes it with the Easter Eggs🥚

The severity is increased for this new vulnerability affecting Tenda AC10 (CVE-2026-5550) vuldb.com/vuln/355314

🕵️

Thx4posting

🛑 26 investigators. 8 ASEAN countries. One mission. @palenath delivered specialist OSINT training to fight online child exploitation, enabling teams to trace predators and uncover networks. Read more: osint.industries/training-log-p…

#Bundesheer ‼️👇 Lesen denken handeln 👇‼️

🎉 Hundreds of new malicious browser extensions added to extsentry.github.io !

🚨In the past 5 days, ICE @EROHouston arrested nearly 150 dangerous criminal aliens including: - 5 Child Predators - 2 Drug Traffickers - 14 Thieves - 62 Violent Offenders - 1 Arsonist - 7 Hit-&-Run DWIs - 9 aliens convicted of a combined 31 DWIs Among those arrested were:👇

A new macOS security feature alerts users when they paste malicious commands into Terminal. malwarebytes.com/blog/news/2026…

‼️ CVE-2026-4698: JIT miscompilation in Firefox's JavaScript Engine CVSS: 8.8 Affected versions: → Firefox < 149 → Firefox ESR < 115.34 / < 140.9 → Thunderbird < 149 / < 140.9 Credit: @maxpl0it via Trend Micro ZDI Patch now: mozilla.org/security/advis…

🚨 NEW THREAT ACTOR: KRYBIT is now under active monitoring by DarkFeed. The cyber world doesn't stop, and we don't either. 🔹 3 victims already listed on their site. 🔹 Multi-national targeting. 🔹 Real-time alerts now live for subscribers. Don't wait for the breach to happen. Stay ahead of the curve with DarkFeed. 🛡️ Full details & victim profiles here: 👇 Darkfeed.io #CyberSecurity #ThreatIntel #KRYBIT #Ransomware #BreakingNews #DarkWeb

Burp Extensions for bug bounty hunters: 1. Autorize - portswigger.net/bappstore/f9bb… 2. Auth Analyzer - portswigger.net/bappstore/7db4… 3. AuthMatrix - portswigger.net/bappstore/30d8… 4. Active Scan++ - portswigger.net/bappstore/3123… 5. Param Miner - portswigger.net/bappstore/17d2… 6. Backslash Powered Scanner - portswigger.net/bappstore/9cff… 7. Collaborator Everywhere - portswigger.net/bappstore/2495… 8. Turbo Intruder - portswigger.net/bappstore/9aba… 9. Logger++ - portswigger.net/bappstore/470b… 10. Hackvertor - portswigger.net/bappstore/6503… 11. JWT Editor - portswigger.net/bappstore/26aa… 12. Sign Saboteur - portswigger.net/bappstore/e62a… 13. InQL - portswigger.net/bappstore/296e… 14. HTTP Request Smuggler - portswigger.net/bappstore/aaaa… 15. IP Rotate - portswigger.net/bappstore/2eb2… 16. GAP - portswigger.net/bappstore/815b… 17. JS Miner - portswigger.net/bappstore/0ab7… 18. 403 Bypasser - portswigger.net/bappstore/4444… 19. Upload Scanner - portswigger.net/bappstore/b224… #BugBounty #BugBountyTips #Burp #WebSec #AppSec

Process Hollowing Imagine a criminal walking into a bank dressed as a security guard. Everyone sees the uniform and lets them in, but no one checks who is really inside. This is what process hollowing does on your computer. It is one of the most clever disguise tricks malware creators have come up with, used in everything from banking trojans to nation-state spyware. The operating system shows an innocent program name, but the computer is actually running the attacker's code. Here is how the trick works, step by step: Step 1 → picking a disguise The malware does not run on its own because that would be easy to detect. Instead, it chooses a trusted Windows program to impersonate, like explorer.exe or system processes. Step 2 → open but freeze The malware starts the real explorer.exe, but secretly tells Windows to freeze it before it does anything. The program now exists on your system, has a valid process ID, and looks completely real. It is just frozen and waiting. Step 3 →replace Now comes the main trick. The malware goes into the frozen process's memory and removes all the real Windows code. Then it fills that empty space with its own malicious code. The process still has the same trusted name and process ID, but now it contains the attacker's instructions. Step 4 → resume, undetected Before resuming execution, the malware adjusts the process’s execution flow so that it starts from the injected payload instead of the original program entry point. Then the process is resumed. To the operating system and monitoring tools, it still looks like a normal, trusted application. Why this is so dangerous Your antivirus, firewall, and Task Manager usually judge programs by their name. For example, explorer.exe is a real program that runs many times on any Windows PC, so seeing another one does not seem unusual. By using that trusted name, malware can connect to the internet without setting off firewall alerts, read files and steal passwords without warning antivirus, and stay hidden on a system for weeks or months. How defenders catch it today Modern security tools no longer rely on process names alone. Instead, they analyze what is happening inside the process. Detection techniques include: Comparing the memory of a running process with the original file on disk Monitoring for suspicious memory operations like image unmapping and rewriting Detecting unusual execution flow (e.g., threads starting in unexpected memory regions) Behavioral analysis, such as unexpected network activity or access to sensitive data If a process like explorer.exe, notepad.exe or svchost.exe behaves in ways that do not match its normal profile, it raises a strong signal for compromise. Malware works best when it blends in, and process hollowing is one of the most effective ways to achieve this.

#militärundsprache; G: Gefahr im Verzug. Titus Livius spricht von „periculum in mora“, also „Gefahr bei Verzögerung“ und meint damit eine gefährliche Situation die durch Abwarten oder Inaktivität entsteht.

Wetten auf Angriff, Sieg, Niederlage und Tod, beleben die Märkte. 2025 wurden damit an die 50 Milliarden Dollar umgesetzt. Eine Analyse von Generalmajor iR Herbert Bauer stetsbereit.simplecast.com/episodes/104-w…

📢 Ransomware Alert: 🇺🇸 Community College of Beaver County (ccbc.edu), a U.S.-based public community college that operates in the education industry, offering associate degrees, certificates, workforce training, and continuing education programs has reportedly fallen victim to INTERLOCK Ransomware. 🔍Key Details: 🛡️Threat actor: INTERLOCK 📅 Reported on: 03/03/26 ⚠ Data Compromised: 780 GB