Phrack #72 release reveals TTPs, backdoors and targets of a Chinese/North Korean state actor mimicking Kimsuky

A copy of his workstation data was done and is now available for all researchers to analyse!

Article: https://t.co/iCI70eUbuQ
Data dump: https://t.co/vDRLKk8DKD

— Saber (@saber__rt) August 9, 2025

as well as @theori_io, @TeamAtlanta24 and Shellphish's check them out at https://t.co/OFGwphFW5l

— Jay Little (@computerality) August 8, 2025

If you like Chrome IPC shenanigans like this, you might also enjoy my talk from black hat 25: https://t.co/ZeLF3bg3Ss https://t.co/LN6pX52S27

— stephen (@_tsuro) August 10, 2025

Solid overview of OPSEC considerations when operating with Sliver C2 by @zimnyaatishina 💪 #redteam #c2 #malware #opsec https://t.co/lXHuoQFYTJ

— Print3M (@Print3M_) August 9, 2025

Launching now — a new blog for research from @AnthropicAI’s Frontier Red Team and others.

> https://t.co/lRNZmquFBi

We’ll be covering our internal research on cyber, bio, autonomy, national security and more. pic.twitter.com/iYmMg6wSvm

— Logan Graham (@logangraham) August 9, 2025

My personal #defcon33 highlights:
Better tools for GPO exploitation: https://t.co/ZR1DT7LWOo
Critical vulns in Zscaler and Netskope: https://t.co/FaHFNdyPLL
Phishing on official Microsoft login: https://t.co/P0kwW8GFkD
SSH vulnerabilities: https://t.co/g3YOZfNKuo

— Daniel (@0x64616e) August 10, 2025

Find the full breakdown of how RoboDuck works, from architecture to agent design in our blog:https://t.co/36JHoLWrJl

— Theori (@theori_io) August 9, 2025

Osmedeus: A Workflow Engine for Offensive Security. Designed to build a foundation with the capability and flexibility that allows you to build your own reconnaissance system and run it on a large number of targets.

GitHub: https://t.co/xgroLLbiIx pic.twitter.com/arPtH2Rft8

— Dark Web Informer - Cyber Threat Intelligence (@DarkWebInformer) August 10, 2025

Black Hat USA 2025 slideshttps://t.co/j2T3u52Ajs:

1. We read every piece of feedback, and take your input very seriously.
2. To see all available qualifiers, see our documentation.
3. There was an error while loading. pic.twitter.com/QjFA4iCl9n

— ӉѦСҠіИԌ ҬЄѦӍ (@HackingTeam777) August 10, 2025

🚨 Ransomware Diaries: Volume 7 is here!!! The story of Yaroslav Vasinskyi, the REvil hacker behind the Kaseya attack.
From encrypted cities to a Polish prison cell, this is the human side of state-enabled cybercrime.

Read now ➡️ https://t.co/VzzcQ5lReG#Ransomware #Cybercrime…

— Jon DiMaggio (@Jon__DiMaggio) August 10, 2025

🕷️ A binary static analysis framework for payload analysis and malware research.
🚨 Citadel helps identify why implants are being detected statically by providing comprehensive PE parsing, capability detection, and similarity analysishttps://t.co/XjIo10XheM

— Panos Gkatziroulis 🦄 (@netbiosX) August 10, 2025

Just published my new article in the TrainSec Knowledge Library:
"Two Sides of the Same Coin – From Dissected Malware to EDR Evasion"
Understanding how malware works is key to learning how to bypass and defend against EDR.
A must-read for TrainSec students.
Read here:…

— Uriel Kosayev (@MalFuzzer) August 10, 2025

Chromium browser implant toolchain : ChromeAlone - A Browser C2 Frameworkhttps://t.co/q8HXDjkjay pic.twitter.com/STuqubVvAk

— blackorbird (@blackorbird) August 11, 2025

"do you think reverse engineering is a game?"

me: pic.twitter.com/z8NWiH7STR

— b1ack0wl (@b1ack0wl) April 19, 2025