Login
Greetings everyone,
I was looking for Top Universities for Masters in Cybersecurity. For my Background, I have done Bachelor’s in Computer Science and i have 2.5 years of Industry experience in Application Security, Cloud Security and Product Security.
I was not a Top student at my Bachelor's and neither my university is highly ranked. CGPA: 8.5 Hence getting Admission into the ETHz MS Cyber program seems tough Thou i would still apply.
I know a couple of other universities In Europe which are well know but not sure how respected is the curriculum. I have done my research but i wouldn't want to miss out on any hidden gem.
Looking for: 1. Well-recognized and reputable universities (Preferably public but can consider private)
Strong Practical cybersecurity curriculum practical
Would be great if the University has Hacking group which is doing well in CTF Competitions
USA and UK could have been great options but they are crazy expensive, the post study laws, migrations and Job search is pretty bad out there. Please correct me if i am wrong.
I would really appreciate your recommendations from your Experience and Knowledge.
Thanks in advance.
I’ve built NocturneNotes, a secure note‑taking app written in Rust with GTK4.
🔐 Features:
FreshRSS AES‑256‑GCM encryption for all notes Argon2 password‑based key derivation Clean GTK4 interface Reproducible Debian packaging for easy install It’s designed for people who want a privacy‑first notebook without the bloat.
Got tired of your log analysis workflow being: export logs → wait for jq → try different filter → wait again → eventually load into ELK → wait for indexing.
Built JSONL Viewer Pro to solve this. Native desktop app (Mac) that handles the log analysis I do daily without needing infrastructure.
Technical details:
alert.severity <= 2, flow.bytes > 100000
Supported formats:
Workflow improvements:
Privacy/Security:
Launch pricing: $49 (normally $79)
https://iotdata.systems/jsonlviewerpro/
Built this for my own workflow but would love feedback from other analysts. What log formats or features would make this more useful?
Depending on configuration and timing, a Sliver C2 user's machine (operator) could be exposed to defenders through the beacon connection. In this blog post, I elaborate on some of the reverse-attack scenarios. Including attacking the operators and piggybacking to attack other victims.
You could potentially gain persistence inside the C2 network as well, but I haven't found the time to write about it in depth.
HelixGuard has released analysis on a new campaign found in the Python Package Index (PyPI).
The actors published packages spellcheckers which contain a heavily obfuscated, multi-layer encrypted backdoor to steal crypto wallets.
We are building a foundational technology that is a bloom dollar IP. We need three key pillars of engineering talent to formalize this system:
Mathematical Proof Architect: Expertise in formal assurance and engineering deterministic systems to mathematically verify code correctness.
Trust Architect (Advanced Distributed Systems): Deep experience in cryptography, immutability, and creating trust architectures that are legally non-repudiable.
Critical Systems Engineer: Mastery of low-level, high-assurance security engineering in performance-critical or regulated environments.
If you possess these specific skills and want to get in on the ground floor of a billion-dollar IP and secure significant stake shares and profits, DM me ASAP. Preferred location is the U.S., but we will enthusiastically consider exceptional talent globally.
hi folks, I tried to detect bgp hijack, my way is pretty straitforward as below:
I downloaded IP/ASN data set from IRR(ripe/arin/apnic) and store them in search engine(support partial/prefix query), then I crawled bgp stream data from routeviews, if I found the original asn was different than IRR, then the
hijack event would be caught.
My result can be found here ipiphistory.com
I published a breakdown of several Python packages that can be repurposed for building surveillance/spyware-style tooling.
The write-up focuses on:
No drama, no “hacking tutorial” garbage — just an audit-style analysis showing how legitimate packages become building blocks for malicious tooling.
Full post:
https://audits.blockhacks.io/audit/python-packages-to-create-spy-program
Would appreciate feedback from people who deal with Python malware, IR, or supply-chain issues.
A threat actor known as "888" has allegedly dumped sensitive LG Electronics data on ThreatMon (November 16, 2025). LG has not yet confirmed or denied these claims.
Alleged Leaked Data: • Source code repositories • Configuration files and SQL databases
• Hardcoded authentication credentials • SMTP server credentials
Attack Vector: The leak reportedly originated from a contractor access point, suggesting a supply chain compromise rather than direct breach of LG systems.
Threat Actor Profile: "888" has previously targeted Microsoft, BMW Hong Kong, Decathlon, and Shell. Typically monetizes through ransomware or selling data on breach forums. No public ransom demand in this case yet.
Technical Concerns: - Hardcoded credentials enable persistence and lateral movement - SMTP access could facilitate convincing phishing campaigns - Source code exposure may reveal vulnerabilities in LG IoT devices affecting millions of users globally
Related Context: LG Uplus (LG's telecom division) confirmed a separate breach in October 2025 during a wave of South Korean telecom attacks.
Verification Status: UNCONFIRMED - Awaiting official statement from LG Electronics.
Source: https://cyberupdates365.com/lg-data-leak-claim-threat-a/
Thoughts on supply chain attack vectors and contractor access management?
PacketSmith v4.0 is shipped with an X.509 certificate extractor designed for use with TLS/SSL over TCP and DTLS over UDP streams. You can now either export these certificates to disk or dissect their attributes and output them as JSON objects and arrays.
Hi everyone,
My best friend and I have been working on a project after going through CCNA → CCNP ENCOR → CCNP ENARSI together. We realised that for most people (including us), the hardest part of the CCNA journey isn’t the technical content. It’s staying motivated through the long PDFs, the repetitive labs, and the feeling of studying alone.
We wanted to take some of that pain away and make learning networking feel more structured, more guided, and more rewarding. So we started building something based on short lessons, clear diagrams, and a gamification system that helps you actually feel your improvement.
The idea is to help learners stay consistent, avoid feeling lost, and have a more enjoyable path through the CCNA topics.
We’re currently sharing this with CCNA learners and mentors to see if it actually helps, and we’d definitely welcome any feedback or questions :)
Anthropic just published a case study where threat actors jailbroke Claude and used it to run entire attack campaigns autonomously.
I built npmscan.com because npm has become a minefield. Too many packages look safe on the surface but hide obfuscated code, weird postinstall scripts, abandoned maintainers, or straight-up malware. Most devs don’t have time to manually read source every time they install something — so I made a tool that does the dirty work instantly.
What npmscan.com does:
The goal is simple:
👉 Make it obvious when a package is trustworthy — and when it’s not.
If you want to quickly “x-ray” your dependencies before you add them to your codebase, you can try it here:
Let me know what features you’d want next.
I recently completed a project on “Scanning and Enumeration with Nmap” using Kali Linux and Metasploitable2. The project includes network discovery, port scanning, service enumeration, NSE scripting, and vulnerability detection. I’ve documented all findings, screenshots, and results in a structured report. I’m sharing it here to get feedback and suggestions to improve my methodology and reporting style.
#DevTown #nmap #cybersecurity
FaceSeek is like Google Images but mostly for faces. It uses facial photos and reverse photo finding method to recognition and detect a face even if it’s cropped or filtered. Plus it also ad modify those faaces to some body and make videos out of them. This could be useful for OSINT or threat hunting, but it also means attackers could find out our digital footprints by photo. Is it a threat? Or not? Considering that there are already a lot Ai tools like these, But Ai is alvo improving daily.
So my honeypot just caught something interesting: RedTail malware hitting exposed Docker APIs on port 2375/tcp.
For context, RedTail is typically known for exploiting PHP vulnerabilities, PAN-OS, and Ivanti, but not a single vendor mentions Docker in their threat reports.
I did a pretty extensive research dive across:
What I confirmed:
Two theories:
Has anyone else seen similar activity?
Analysis of the Milvus Proxy Authentication Bypass Vulnerability(CVE-2025-64513)
After we launched SysReptor a few years ago, we now published the data leak service "SysLeaks for Attackers". We're still refining the service and kindly ask for your feedback. You can use SysLeaks quite extensively during the BETA phase, which will remain open in November.
How it works:
You search for domain names and receive usernames/email addresses, plaintext passwords and (in some cases) the platform the account was used for.
Limitations:
Hello! Earlier this year I found an interesting logic quirk in an open source library, and now I wrote a medium article about it.
This is my first article ever, so any feedback is appreciated.
TLDR: mPDF is an open source PHP library for generating PDFs from HTML. Because of some logic quirks, it is possible to trigger web requests by providing it with a crafted input, even in cases where it is sanitized.
This post is not about a vulnerability! Just an unexpected behavior I found when researching an open source lib. (It was rejected by MITRE for a CVE)
The vulnerability was a critical stored HTML Injection that allowed any free account to send zero-barrier phishing emails from the trusted [no-reply@doordash.com](mailto:no-reply@doordash.com) domain. The flaw existed for 5 years and was kept out of DoorDash's hands for 15 months by a misclassification in the HackerOne VDP process.
This blogpost covering one of the most popular agentic workflow development platforms — Dify.
It covers how simple misconfigurations can lead to the theft of critical enterprise assets, and just how common these misconfigurations actually are.
“Updated version with detailed vulnerability breakdown is now live here
Hey folks — I’ve got a Throwing Star LAN Tap (replica) and I’m using it for passively capturing traffic for lab troubleshooting and packet analysis. I’m curious about real-world experience: how much latency did you actually measure when inserting a tap like this into a gigabit link? Any numbers (µs/ms) from hardware vs. inline solutions, or tips on test methodology you recommend?
For context: I’m planning to use it for troubleshooting, capturing brief bursts for analysis, and teaching/demoing packet flows — so low added latency is important but I’m not running production workloads through it. Appreciate any real measurements, test setups, or pitfall warnings.
I wrote a short blog post about a bug I discovered in late 2023 affecting Android Enterprise BYOD devices managed through Microsoft Intune, which lets the user install arbitrary apps in the dedicated Work Profile. The issue still exists today and Android considered this not a security risk: https://jgnr.ch/sites/android_enterprise.html
If you’re using this setup, you might find it interesting.
Yes, I know I know... But believe me, when I started it I thought I was a genius.
"Oh I can do that", I thought to myself in that moment of 'inspiration', "I bet nobody thought of it yet, have they?".
And like any self-proclaimed good developer, I started hacking at it. I never thought to ask the Internet if it's a good idea. I was convinced!
Boy, was I wrong!
All of this to say, I am proud of my tech newsletter 🙈 I worked hard on the concept, I manually edit and pick the articles that go our every (work) day, and the close beta testers have expressed it brings great value to them.
I publish five newsletters everyday, covering Platform, Tech, AI, Web Development, and Crypto. I also publish the Top Headlines narrated on the landing page of the website.
Would you give me some feedback about my baby? It is unique to me, even if it's actually not 🙈
LANDFALL — a commercial-grade Android spyware exploiting a now-patched Samsung zero-day (CVE-2025-21042) through weaponized DNG images sent via WhatsApp, enabling zero-click compromise of Samsung Galaxy devices.
This isn't an isolated incident. LANDFALL is part of a larger DNG exploitation wave. Within months, attackers weaponized image parsing vulnerabilities across Samsung (CVE-2025-21042, CVE-2025-21043) and Apple (CVE-2025-43300 chained with WhatsApp CVE-2025-55177 for delivery)
It seems like DNG image processing libraries became a new attack vector of choice – suspiciously consistent across campaigns. Samsung had two zero-days in the same library, while a parallel campaign hit iOS - all exploiting the same file format. Should we expect more?
Developed a tool that parses IOCs and creates relationships with known threat reporting
