cR0w
cR0wI hear ImageMagick is fun to hack on. Go nuts.
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp
cR0wHere, have more.
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x
cR0wI hear ImageMagick is fun to hack on. Go nuts.
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cjc8-g9w8-chfw
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp
cR0wThere are so many of these little apps that people are running within user permissions that are creepy as hell and hard to track down if you play whack-a-mole instead of explicit allow lists.
https://www.gdatasoftware.com/blog/2025/08/38247-justaskjacky-ai-trojan-horse-comeback
#threatIntel
cR0wI know I keep saying it but I really need to kick #GAYINT into gear. Unit42 is using weird names for individual groups or operations that they're calling strike teams within Muddled Libra / UNC3944 / Scattered Spider / Lapsus$ / whatever new name the multi-billion dollar security companies are calling the kids these days.
https://unit42.paloaltonetworks.com/muddled-libras-strike-teams/
#threatIntel
cR0wPicus Security has a nice timeline on the escalation of Raspberry Robin.
https://www.picussecurity.com/resource/blog/raspberry-robin-malware-in-2025-from-usb-worm-to-elite-initial-access-broker
#threatIntel
cR0wYet another write-up on Fire Ant, but this one from Sygnia is more thorough than most I've seen.
https://www.sygnia.co/articles/fire-ant-hypervisor-espionage-analysis/
#threatIntel
cR0wApparently there is also a new version of Oyster. IOCs and analysis in the post from Cato Networks.
https://www.catonetworks.com/blog/cato-ctrl-oyster-malware-campaign/
#threatIntel
cR0wIntezer has a write-up on a new version of Firewood backdoor. Nothing too exciting but it has some IOC hashes in the post.
https://intezer.com/blog/threat-bulletin-firewood/
#threatIntel
cR0wMore camera vulns. These ones are in INSTAR 2K+ and 4K models.
https://modzero.com/static/MZ-25-03_modzero_INSTAR.pdf
cR0wGo hack more AI shit.
https://research.jfrog.com/vulnerabilities/codex-cli-symlink-arbitrary-file-overwrite-jfsa-2025-001378631/