July 14, 2025
July 14, 2025
Intelligence Group 13, embedded within the Shahid Kaveh Cyber Group, represents one of the most operationally aggressive and ideologically fortified units within the Islamic Revolutionary Guard Corps (IRGC) cyber arsenal. https://t.co/CImC9X04pM @DomainTools
— 780th Military Intelligence Brigade (Cyber) (@780thC) July 13, 2025
Pay2Key’s Resurgence: Iranian Cyber Warfare Targets the West | https://t.co/dnuNugnCig @morphisec
— 780th Military Intelligence Brigade (Cyber) (@780thC) July 13, 2025
The @USTreasury Office of Foreign Assets Control sanctioned Song Kum Hyok, (Song), a malicious cyber actor associated with the sanctioned Democratic People’s Republic of Korea Reconnaissance General Bureau hacking group Andariel. https://t.co/wNHzF80f36
— 780th Military Intelligence Brigade (Cyber) (@780thC) July 13, 2025
A relatively unknown but particularly stealthy technique to hide files on Linux hosts. On unhardened boxes, unprivileged users can conceal files from even the root user. Disk content remains in memory, hindering disk acquisition during forensic investigation. (1/7) 👇
— HaxRob (@haxrob) July 13, 2025

Hiding in plain sight - Mount namespaces
An exceptionally stealthy technique to hide files and masquerade processes on Linux systems
Our research on open tunneling servers got nominated for the Most Innovative Research award :)
— Mathy Vanhoef (@vanhoefm) July 12, 2025
The work will be presented by Angelos Beitis at Black Hat and also at USENIX Security
Brief summary and code: https://t.co/nM3obXt6E9
Paper: https://t.co/tPNgtacDDQ
GitHub - vanhoefm/tunneltester
Contribute to vanhoefm/tunneltester development by creating an account on GitHub.
https://papers.mathyvanhoef.com/usenix2025-tunnels.pdf
GitHub - APKLab/APKLab: Android Reverse-Engineering Workbench for VS Code
Android Reverse-Engineering Workbench for VS Code. Contribute to APKLab/APKLab development by creating an account on GitHub.
I'm happy to finally release NovaHypervisor! NovaHypervisor is a defensive hypervisor with the goal of protecting AV/EDR vendors and crucial kernel structures that are currently uncovered by VBS and PatchGuard.
— Ido Veltzman (@Idov31) July 13, 2025
Full explanation below 1/6.https://t.co/BGszXQ0Oi6
GitHub - Idov31/NovaHypervisor: NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other means) by safeguarding defense products (AntiVirus / Endpoint Protection) and kernel memory structures and preventing unauthorized access to kernel memory.
NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other mean...
— Silas Cutler // p1nk (@silascutler) July 14, 2025