Social Engineering

Flowchart of the WasmForge C# build pipeline. C# source from Rubeus, Seatbelt, and SharpDPAPI enters a build-time transformation stage, where csharp_patcher applies source transforms and routes BCL calls to WasmForge helpers, and pinvoke_scanner routes P/Invokes to C bridge sources, with residual stubs left for architectural holes. Output flows through dotnet publish, wasm-component-ld, a .wasm module, and the WasmForge host to a final signed PE.

GhostPack Necromancy: Reforging C# Tools with WasmForge

| | C++, EDR evasion, GhostPack, NativeAOT, Offensive Security, Red Teaming, Rubeus, Seatbelt, Tools & Techniques, Vulnerability Research, WasmForge, WebAssembly
In the previous post we walked through WasmForge, our Go-to-WebAssembly loader that takes existing signatured Go tools and ships them as opsec-safe binaries. This approach doesn’t just apply to Go, however, as ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Conan O’Brien Deadpans Deepfakes

Conan O’Brien Deadpans Deepfakes

| | AI, AI Tools, Cybersecurity, deepfake, Deepfake scams, training videos
Organizations struggle to keep employees engaged in cybersecurity awareness training. Maybe they’ll tune in—and stay in—for Conan O’Brien ...
Security Boulevard
cambodia, laundering, scams, vishing, romance scams generative AI pig butchering

Malwarebytes Finds Ad Scams Hidden in 40+ World Cup Streaming Sites

| | ads, AI, attacks, data, FIFA, football, Scams, World Cup
Malwarebytes researchers uncovered more than 40 sites promising livestreams of World Cup games that instead trapped victims in endless loops or barraged them with popups, hidden ads, redirects, and malware. It was ...
Security Boulevard

Cardiac patients’ medical data stolen and held to ransom

| | Data breaches, iRhythm, medical data, SBN News, social engineering
Cardiac monitoring provider iRhythm has been hit by a data theft followed by an extortion attempt ...
Malwarebytes
When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security

When the Frontier Blinks: What the Mythos and Fable Controversy Reveals About AI Security

| | AI Governance, AI guardrails, AI safety, AI Security, Anthropic, Cybersecurity, Fable 5, Frontier Models, Mythos 5, prompt injection, Red Teaming, security testing
When Anthropic abruptly pulled Mythos 5 and Fable 5 from circulation, the move sent a jolt through the AI and cybersecurity communities. These were not minor point releases. They were widely regarded ...
Cybersecurity Expert | Cyber Resilience
Centurion: Bring Your Own Execution Environment

Centurion: Bring Your Own Execution Environment

| | Centurion, LLM Development, Offensive Security, Red Team, security insights, Tools & Techniques, Virtualized Loader, Vulnerability Research, WasmForge
Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one layer of ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
charlotte, AI, security, crowdstrike, agentic ai, GenAI, NHIs, human, cybersecurity, GenAI, artificial intelligence, cyber risks, threats, cybersecurity

Threat Actors Abuse ChatGPT Chats to Host Fake Outage Page, Deliver Malware

| | 360 Privacy, AI chatbot security, AI Security, AI trust and safety, Anthropic Claude, Apple, ChatGPT risks, Conscia, exploiting trust, FireCompass, macOS threats, OpenAI, Push Security, Shai-Hulud, Windows threats
Threat actors are using legitimate-looking ChatGPT service outage notices planted in the chatbot's content-sharing feature to convince users to click on a button to download the ChatGPT desktop app. Hitting the button ...
Security Boulevard
Adversarial Oracles: LLM-Guided EDR Signature Reduction

Adversarial Oracles: LLM-Guided EDR Signature Reduction

| | adversarial, AI Security, Offensive Security, open source, Red Team, Static Analysis, Tools & Techniques
In previous blog posts we’ve talked about getting nerd sniped. Today we’re going to talk about a kind of nerd sniping that any offensive security tool creator is familiar with; when your ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
hacker, scam, Email, fraud, scam fraud

Jailbroken Gemini AI Model Supercharged Russian-Speaker’s Fraud Campaign

| | ai llm jailbreak, API Keys, credential stealing, crypto fraud, Google Gemini, MAGA, pump-and-dump, QAnon, RAT malware, Trend Micro
A solo Russian-speaking threat actor was able to scale his small five-year fraud operation aimed at MAGA and QAnon followers last year when he began using a jailbroken Google Gemini AI model ...
Security Boulevard
Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

Your Login Page Is Lying: What AI Agents Find When They Read Your Frontend

| | AI Security, Application Security, Attack Surface Management, Offensive Security, Red Team, security insights, Tools & Techniques, Vulnerability Research
TL;DR: Single-page applications ship their entire frontend codebase to every visitor, including unauthenticated ones. Even a login page with no visible functionality delivers JavaScript bundles containing route definitions, API endpoint URLs, authentication ...
Offensive Security Blog: Latest Trends in Hacking | Praetorian
Load more