Posts

TraceBack Box Writeup From HTB DOT EU

TraceBack Box Writeup From HTB DOT EU

Darpan Neupane Mar 22, 2026  0  27

Looking at the box on HTB rating and graph levels , it looks more of a CTF — Lik...

Infrastructure Pivoting: How CTI Analysts Expand From a Single IOC to a Full Attacker Network

Infrastructure Pivoting: How CTI Analysts Expand From a...

Darpan Neupane Mar 22, 2026  0  35

The field manual for tracing attacker infrastructure — from one domain to dozens...

Found a Denial of Service Vulnerability in a Major Company’s Production Infrastructure Using Shodan

Found a Denial of Service Vulnerability in a Major Comp...

Darpan Neupane Mar 22, 2026  0  42

A step-by-step story of reconnaissance, discovery, and responsible disclosureBug...

How I Found a Hardcoded RSA Private Key in a Major Crypto Exchange’s Frontend

How I Found a Hardcoded RSA Private Key in a Major Cryp...

Darpan Neupane Mar 22, 2026  0  25

How I Found a Hardcoded RSA Private Key in a Major Crypto Exchange’s Frontend -A...

Ploutus Malware: Uptick in ATM jackpotting incidents prompts FBI warning

Ploutus Malware: Uptick in ATM jackpotting incidents pr...

Darpan Neupane Mar 22, 2026  0  25

Three weeks ago, renewed activity involving Ploutus ATM malware surfaced, prompt...

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Order...

Darpan Neupane Mar 22, 2026  0  36

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added...

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

Oracle Patches Critical CVE-2026-21992 Enabling Unauthe...

Darpan Neupane Mar 22, 2026  0  35

Oracle has released security updates to address a critical security flaw impacti...

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy Security Scanner GitHub Actions Breached, 75 Tags...

Darpan Neupane Mar 22, 2026  0  23

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, ...

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

FBI Warns Russian Hackers Target Signal, WhatsApp in Ma...

Darpan Neupane Mar 22, 2026  0  23

Threat actors affiliated with Russian Intelligence Services are conducting phish...

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

Trivy Supply Chain Attack Triggers Self-Spreading Canis...

Darpan Neupane Mar 22, 2026  0  29

The threat actors behind the supply chain attack targeting the popular Trivy sca...

Who is the Kimwolf Botmaster “Dort”?

Who is the Kimwolf Botmaster “Dort”?

Darpan Neupane Mar 22, 2026  0  28

In early January 2026, KrebsOnSecurity revealed how a security researcher disclo...

How AI Assistants are Moving the Security Goalposts

How AI Assistants are Moving the Security Goalposts

Darpan Neupane Mar 22, 2026  0  25

AI-based assistants or "agents" -- autonomous programs that have access to the u...

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Patch Tuesday, March 2026 Edition

Darpan Neupane Mar 22, 2026  0  32

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities...

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm ...

Darpan Neupane Mar 22, 2026  0  31

A hacktivist group with links to Iran's intelligence agencies is claiming respon...

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

Darpan Neupane Mar 22, 2026  0  24

The U.S. Justice Department joined authorities in Canada and Germany in dismantl...

AI Conundrum: Why MCP Security Can't Be Patched Away

AI Conundrum: Why MCP Security Can't Be Patched Away

Darpan Neupane Mar 22, 2026  0  30

RSAC Conference Preview: MCP introduces security risks into LLM environments tha...

Popular Posts

Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved

Organizations Fix Less Than Half of All Exploitabl...

Darpan Neupane Apr 19, 2025  0  244

Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Chinese Smishing Kit Powers Widespread Toll Fraud ...

Darpan Neupane Apr 19, 2025  0  232

[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach

[Webinar] AI Is Already Inside Your SaaS Stack — L...

Darpan Neupane Apr 19, 2025  0  224

Cy4Data Labs Raises $10 Million to Secure Data in Use

Darpan Neupane Apr 19, 2025  0  189

ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware

ASUS Confirms Critical Flaw in AiCloud Routers; Us...

Darpan Neupane Apr 19, 2025  0  183

Follow Us

Facebook
Twitter
Instagram

Recommended Posts

Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugs

Burp Suite Beyond Basics: Hidden Features That Sav...

Darpan Neupane Apr 19, 2025  0  177

The Ultimate Guide to WAF Bypass Using SQLMap, Proxychains & Tamper Scripts

The Ultimate Guide to WAF Bypass Using SQLMap, Pro...

Darpan Neupane Apr 19, 2025  0  149

[Webinar] AI Is Already Inside Your SaaS Stack — Learn How to Prevent the Next Silent Breach

[Webinar] AI Is Already Inside Your SaaS Stack — L...

Darpan Neupane Apr 19, 2025  0  224

Popular Tags