Alternate Data Streams are like the secret compartments of your hard drive, hidden in plain sight. Ehsaan Mavani reveals how tools like cut-bytes.py and FileScanner can access them, offering a sneaky peek into what might be lurking in your files. Who knew your PC had a secret life?

Unit 42 researchers have identified a resurgence of the Prometei botnet, dancing back onto the scene like an unwanted sequel. This Linux variant is mining Monero and credentials with fervor, employing a domain generation algorithm for stealthy C2 communication. The Prometei botnet is evolving, and it seems it’s here to stay—unfortunately.

In the realm of cybersecurity, Ingress-NGINX 4.11.0 on Kubernetes has more holes than a Swiss cheese. A crafty crafted AdmissionRequest can lead to Remote Code Execution, making it a hacker’s delight. CVE-2025-1974 is the keyphrase that spells trouble, so patch up before your servers decide to throw a party without you!

Beware the wrath of the malicious DOCX! Microsoft Excel LTSC 2024 users, a critical remote code execution vulnerability could spell doom for your Windows machine. Remember: amputate those macros like your digital life depends on it!

FortiOS SSL-VPN suffers from a vulnerability allowing attackers to reuse session cookies, even after logout. Imagine leaving a party, but someone still uses your name to get in—awkward and unauthorized! The CVE-2024-50562 exploit could lead to unauthorized access, so don’t let stale cookies crash your network security bash.

Join Guy Bruneau at the Internet Storm Center as he navigates a calm cyber sea with a green threat level. Whether you’re a developer eager to dive into our API or just here for the laughs, there’s something for everyone. Secure your spot in the upcoming Application Security class before it gets hacked!

Cisco Meraki has issued free software updates to patch vulnerabilities. Customers are urged to upgrade to a fixed release but don’t expect a new license, features, or major upgrades just because it’s free. Remember, software updates are like pizza toppings—only add what you’ve paid for!

When it comes to software upgrades, always check Cisco Security Advisories to avoid tech snafus. Ensure your devices have enough memory and the new software won’t turn them into confused robots. If in doubt, call the Cisco Technical Assistance Center. After all, no one wants their computer acting like it’s in a tech-themed sitcom.

Discovered in December 2024, the “Glass Cage” zero-click iMessage exploit chain targets iOS 18.2. This sneaky trick lets hackers take over a device with just one malicious PNG image, leading to full control, iCloud Keychain theft, and optional bricking. Apple’s defenses were no match, but at least they patched it—eventually.

SEC Consult has discovered a security flaw in ONLYOFFICE Docs (DocumentServer). This vulnerability allows for reflected cross-site scripting, giving hackers an open invitation to your server’s party. The exploit affects version 8.3.1, so updating to version 8.3.2 is highly recommended before things get too “script”ive.

The SIMCom SIM7600G modem is more open than a 24-hour diner. It supports an undocumented AT command, allowing attackers to execute system commands with root permission. SIMCom’s response? A year-long game of hide and seek. Customers, demand a patch faster than you can say “backdoor command!”

The SIMCom SIM7600G modem is more open than a 24-hour diner. It supports an undocumented AT command, allowing attackers to execute system commands with root permission. SIMCom’s response? A year-long game of hide and seek. Customers, demand a patch faster than you can say “backdoor command!”

Calling all Ph.D. graduates! The ERCIM STM WG 2025 Award is on the hunt for the best thesis in Security and Trust Management. If your thesis defended in 2024 is the real MVP, you might just snag this prestigious European accolade. Applications close July 31, 2025, so prepare your PDFs and get ready to shine!

Matthew Paul, an ISC intern, shares his enlightening experience with Malcolm in the SANS Degree Program ISC Internship. Forget pulling logs like a caveman; Malcolm makes network analysis a breeze! If only it could hold your hand and whisper sweet nothings while catching network anomalies. Malcolm is a great tool and free to implement.

CISA has added CVE-2023-0386, a Linux Kernel vulnerability, to its Known Exploited Vulnerabilities Catalog. This is like adding another spice to an already fiery dish, ensuring federal networks stay on their toes against cyber threats!

View CSAF: Attention all procrastinators, update your ProGauge MagLink LX consoles before a hacker turns your gas station into their personal arcade! With a missing authentication for critical functions, it’s like leaving your front door wide open with a sign that says “Free Snacks Inside.” Update now to Version 4.20.3 or later!

Attention Smart Editor users: Your software has vulnerabilities that could let hackers run wild. With a CVSS v4 score of 8.4, it’s more threatening than your in-laws’ visit. If you want to stay safe, update to version 1.0.2.0 or later. Stay secure and keep your digital doors locked!

CISA dropped five ICS advisories like hot potatoes on June 17, 2025, spilling the beans on security issues, vulnerabilities, and exploits. Administrators, grab your magnifying glasses and review these advisories for juicy technical details and mitigation strategies!

Out-of-Bounds Write, Read, and Heap-based Buffer Overflow vulnerabilities in LS Electric’s GMWin 4 have been spotted. With a CVSS v4 score of 8.4, this is not the time to ignore your antivirus updates. Consider switching to the XGT series and leave the outdated GMWin 4 in the dust!

CISA is leaving Siemens ICS security advisories hanging, like an unresolved cliffhanger, as of January 2023. For the latest on Siemens product vulnerabilities, check Siemens’ ProductCERT Security Advisories. Remember, just because it’s not updated, doesn’t mean it’s not vulnerable!