A new tool called Defendnot can disable Microsoft Defender protection on Windows devices even if no real antiviruses are installed in the system.
Read full article →Defendnot utility disables Microsoft Defender in Windows
📟 News
Date: 20/05/2025
Malware contained in NPM hides itself using Unicode-based steganography
📟 News
Date: 19/05/2025
A malicious package discovered in npm (node package manager) hides its code using invisible Unicode characters and uses Google Calendar links for communication with its C&C servers.
Read full article →Customer support agents of Coinbase cryptocurrency exchange sold stolen user data to hackers
📟 News
Date: 16/05/2025
Coinbase, Inc., a cryptocurrency exchange with over 100 million users, announced that some rogue customer support agents sold customer data to cybercriminals. The extortionists demanded a 20 million USD ransom for nondisclosure of the stolen information.
Read full article →Agent Tesla: Reversing combat malware in Ghidra
Date: 15/05/2025
Recently I encountered an interesting piece of malware called Agent Tesla. It’s still widespread and actively used by cybercriminals (the analyzed sample was dated 2023). Let’s dissect this remote access trojan and find out what’s hidden inside it.
Read full article →Chrome employs AI to stop scammers
📟 News
Date: 14/05/2025
Google introduces a new security feature to Chrome. The new protection system uses the on-device Gemini Nano large language model (LLM) to detect and block scams while users are browsing the web.
Read full article →OttoKit WordPress plugin targeted by massive attacks
📟 News
Date: 13/05/2025
Hackers exploit a critical privilege escalation vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin to create new admin accounts on vulnerable sites.
Read full article →In the footsteps of Phrack. Searching for LKM rootkits in RAM and examining x64 memory
Date: 12/05/2025
A long time ago, in the early days of my journey to Linux kernel rootkits, I came across a Phrack article describing a rootkit detection technique implemented for i386. The article wasn’t new and referred to a vintage Linux kernel dated 2003. Something in that paper caught my attention, although much remained unclear… Ultimately, I decided to implement the anti-rootkit concept described in it for modern systems.
Read full article →