Metasploit Wrap Up 05/22/2026
Another week, another authentication bypassOur humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic duo of @sfewer-r7 and...
FBI warns of Kali Oauth stealers
The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365....
Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can Bypass BitLocker
Microsoft has released a temporary mitigation for YellowKey, a Windows zero-day that can reportedly bypass BitLocker protections.
The post Microsoft Warns: Windows Zero-Day ‘YellowKey’ Can...
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
Key Findings
The Iranian, IRGC affiliated, threat actor Nimbus Manticore resurfaced during Operation Epic Fury, the US military campaign against Iran launched on February 28, 2026,...
CVE-2026-33117 Azure SDK for Java Security Feature Bypass Vulnerability
The executive summary has been updated to include additional details about this vulnerability. This change does not affect the available security updates. Customers should...
Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets - Read more
Apple Blocked $2.2bn in App Store Fraud in the Last Year
Total figure for fraudulent transactions Apple has blocked since 2020 now stands at over $11bn - Read more
Cloud Atlas activity in the second half of 2025 and early 2026: new tools...
In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and...
Real-Time Webhook Notifications: No More Lost Security Alerts
Every security team knows the pain: a critical alert lands in someone’s inbox, buried under dozens of other emails, or filtered out by a...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
