The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...

X.Org Server vulnerability patch released June 2 fixes nine flaws — eight found by TrendAI’s FENRIR static analysis tool, the fourth AI-assisted batch this year. Versions xorg-server 21.1.23 and ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. Tracked as TA4922, the threat actor is ...

uint64_t mmio_va = *(uint64_t *)(softc + IOMMU_SC_MMIO_VA); uint64_t cb2_va = *(uint64_t *)(softc + IOMMU_SC_CB2_PTR); uint64_t cb3_va = *(uint64_t *)(softc + IOMMU ...

This is some no-bs public exploit code that generates valid shellcode for the eternal blue exploit and scripts out the event listener with the metasploit multi-handler. This version of the exploit is ...

Terms often used in cybersecurity discussions and education, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at editor@n2k.com.