International Cyber Digest
@intcyberdigest.bsky.social
Your weekly go-to cybersecurity newsletter, curated and commented on by our senior analysts, in your mailbox soon...
https://x.com/IntCyberDigest
https://infosec.exchange/@InternationalCyberDigest
https://x.com/IntCyberDigest
https://infosec.exchange/@InternationalCyberDigest
🚨 Beckett, a leader in the trading cards and collectibles space, was breached. Hackers are leaking personal information of famous YouTubers who use the platform.
November 12, 2025 at 1:19 PM
🚨 Beckett, a leader in the trading cards and collectibles space, was breached. Hackers are leaking personal information of famous YouTubers who use the platform.
‼️ Chinese hackers were caught and sentenced in Singapore.
A police raid on their Mount Sinai bungalow uncovered malware, including RATs linked to PlugX and Shadow Brokers, and foreign government data.
They were hired to hack and paid US$3 million in cryptocurrency.
A police raid on their Mount Sinai bungalow uncovered malware, including RATs linked to PlugX and Shadow Brokers, and foreign government data.
They were hired to hack and paid US$3 million in cryptocurrency.
November 12, 2025 at 3:30 AM
‼️ Chinese hackers were caught and sentenced in Singapore.
A police raid on their Mount Sinai bungalow uncovered malware, including RATs linked to PlugX and Shadow Brokers, and foreign government data.
They were hired to hack and paid US$3 million in cryptocurrency.
A police raid on their Mount Sinai bungalow uncovered malware, including RATs linked to PlugX and Shadow Brokers, and foreign government data.
They were hired to hack and paid US$3 million in cryptocurrency.
❗ A researcher reverse-engineered X Chat's cryptographic design and found serious flaws.
Elon claimed that even with a gun to his head, he couldn’t read X Chat messages due to their “full encryption.”
Turns out this is untrue.
📚 david.nepozitek.cz/blog/can-elo...
Elon claimed that even with a gun to his head, he couldn’t read X Chat messages due to their “full encryption.”
Turns out this is untrue.
📚 david.nepozitek.cz/blog/can-elo...
November 12, 2025 at 2:17 AM
❗ A researcher reverse-engineered X Chat's cryptographic design and found serious flaws.
Elon claimed that even with a gun to his head, he couldn’t read X Chat messages due to their “full encryption.”
Turns out this is untrue.
📚 david.nepozitek.cz/blog/can-elo...
Elon claimed that even with a gun to his head, he couldn’t read X Chat messages due to their “full encryption.”
Turns out this is untrue.
📚 david.nepozitek.cz/blog/can-elo...
Russia presented its human-like AI robot. It fell down as it walked onto the stage.
November 11, 2025 at 9:30 PM
Russia presented its human-like AI robot. It fell down as it walked onto the stage.
‼️ China's largest cybersecurity firm, Knownsec, was breached, exposing details of China's state cyber operations.
The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India.
The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India.
November 11, 2025 at 9:22 PM
‼️ China's largest cybersecurity firm, Knownsec, was breached, exposing details of China's state cyber operations.
The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India.
The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India.
❗ Ukrainian cybercriminal Yuriy Rybtsov, alias MrICQ, was extradited from Italy to the US to face charges as a suspected Zeus banking trojan developer.
He shared a Donetsk building with Jabber Zeus leader Vyacheslav “Tank” Penchukov, arrested in 2022 and sentenced to 18 years plus $73M restitution.
He shared a Donetsk building with Jabber Zeus leader Vyacheslav “Tank” Penchukov, arrested in 2022 and sentenced to 18 years plus $73M restitution.
November 11, 2025 at 4:19 AM
❗ Ukrainian cybercriminal Yuriy Rybtsov, alias MrICQ, was extradited from Italy to the US to face charges as a suspected Zeus banking trojan developer.
He shared a Donetsk building with Jabber Zeus leader Vyacheslav “Tank” Penchukov, arrested in 2022 and sentenced to 18 years plus $73M restitution.
He shared a Donetsk building with Jabber Zeus leader Vyacheslav “Tank” Penchukov, arrested in 2022 and sentenced to 18 years plus $73M restitution.
‼️ Yutong could remotely detonate its buses.
Norwegian public transport company Ruter found that buses can be disabled and a thermal runaway could potentially be initiated remotely. Yutong buses drive all around Europe.
All SIM cards were removed to block over-the-air updates.
Norwegian public transport company Ruter found that buses can be disabled and a thermal runaway could potentially be initiated remotely. Yutong buses drive all around Europe.
All SIM cards were removed to block over-the-air updates.
November 11, 2025 at 2:37 AM
‼️ Yutong could remotely detonate its buses.
Norwegian public transport company Ruter found that buses can be disabled and a thermal runaway could potentially be initiated remotely. Yutong buses drive all around Europe.
All SIM cards were removed to block over-the-air updates.
Norwegian public transport company Ruter found that buses can be disabled and a thermal runaway could potentially be initiated remotely. Yutong buses drive all around Europe.
All SIM cards were removed to block over-the-air updates.
🛠️ WiFi Client Isolation Bypass
Enables direct communication with clients on open (unencrypted) and WPA2-CCMP-PSK encrypted WiFi networks, bypassing client isolation.
Try:
github.com/Pulse-Securi...
Read:
pulsesecurity.co.nz/articles/byp...
Enables direct communication with clients on open (unencrypted) and WPA2-CCMP-PSK encrypted WiFi networks, bypassing client isolation.
Try:
github.com/Pulse-Securi...
Read:
pulsesecurity.co.nz/articles/byp...
November 9, 2025 at 6:45 PM
🛠️ WiFi Client Isolation Bypass
Enables direct communication with clients on open (unencrypted) and WPA2-CCMP-PSK encrypted WiFi networks, bypassing client isolation.
Try:
github.com/Pulse-Securi...
Read:
pulsesecurity.co.nz/articles/byp...
Enables direct communication with clients on open (unencrypted) and WPA2-CCMP-PSK encrypted WiFi networks, bypassing client isolation.
Try:
github.com/Pulse-Securi...
Read:
pulsesecurity.co.nz/articles/byp...
🛠️ PEAS Exploitation Toolkit - Access Microsoft Exchange via ActiveSync and dump emails
Offensive library and CLI for running commands on ActiveSync servers.
Try: github.com/glynx/peas
Offensive library and CLI for running commands on ActiveSync servers.
Try: github.com/glynx/peas
November 9, 2025 at 5:13 PM
🛠️ PEAS Exploitation Toolkit - Access Microsoft Exchange via ActiveSync and dump emails
Offensive library and CLI for running commands on ActiveSync servers.
Try: github.com/glynx/peas
Offensive library and CLI for running commands on ActiveSync servers.
Try: github.com/glynx/peas
📚 Bypass AMSI in 2025
Modern techniques for neutralizing Microsoft's AMSI while staying invisible to EDR systems.
www.r-tec.net/r-tec-blog-b...
Modern techniques for neutralizing Microsoft's AMSI while staying invisible to EDR systems.
www.r-tec.net/r-tec-blog-b...
November 9, 2025 at 12:14 AM
📚 Bypass AMSI in 2025
Modern techniques for neutralizing Microsoft's AMSI while staying invisible to EDR systems.
www.r-tec.net/r-tec-blog-b...
Modern techniques for neutralizing Microsoft's AMSI while staying invisible to EDR systems.
www.r-tec.net/r-tec-blog-b...
📚 Bypass EDR by Leveraging Raw Disk Reads
This blog details how to connect with a default Windows driver or vulnerable driver to bypass Endpoint Detection and Response Tools (EDR), file locks, and access controls, to directly read sensitive files.
medium.com/workday-engi...
This blog details how to connect with a default Windows driver or vulnerable driver to bypass Endpoint Detection and Response Tools (EDR), file locks, and access controls, to directly read sensitive files.
medium.com/workday-engi...
November 8, 2025 at 9:26 PM
📚 Bypass EDR by Leveraging Raw Disk Reads
This blog details how to connect with a default Windows driver or vulnerable driver to bypass Endpoint Detection and Response Tools (EDR), file locks, and access controls, to directly read sensitive files.
medium.com/workday-engi...
This blog details how to connect with a default Windows driver or vulnerable driver to bypass Endpoint Detection and Response Tools (EDR), file locks, and access controls, to directly read sensitive files.
medium.com/workday-engi...
🖥️ HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities. Comprehensive vulnerability database.
Go to github.com/wietze/Hijac... or hijacklibs.net
Project for tracking publicly disclosed DLL Hijacking opportunities. Comprehensive vulnerability database.
Go to github.com/wietze/Hijac... or hijacklibs.net
November 8, 2025 at 3:31 AM
🖥️ HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities. Comprehensive vulnerability database.
Go to github.com/wietze/Hijac... or hijacklibs.net
Project for tracking publicly disclosed DLL Hijacking opportunities. Comprehensive vulnerability database.
Go to github.com/wietze/Hijac... or hijacklibs.net
‼️ The world's first trillionaire initiated a move that killed over half a million people, mostly children.
November 8, 2025 at 2:37 AM
‼️ The world's first trillionaire initiated a move that killed over half a million people, mostly children.
❗️XPENG's IRON robot crossed the uncanny valley, leading some to believe it was a human in a suit. They cut it open before an audience and allowed journalists to inspect it.
November 7, 2025 at 11:39 PM
❗️XPENG's IRON robot crossed the uncanny valley, leading some to believe it was a human in a suit. They cut it open before an audience and allowed journalists to inspect it.
‼️🇰🇵 Another North Korean hacker using AI to alter his face caught while trying to infiltrate Bitso.
Meet "Sebastian," a software engineer from Colombia who can't speak Spanish. Strange, right?
Meet "Sebastian," a software engineer from Colombia who can't speak Spanish. Strange, right?
November 7, 2025 at 11:39 PM
‼️🇰🇵 Another North Korean hacker using AI to alter his face caught while trying to infiltrate Bitso.
Meet "Sebastian," a software engineer from Colombia who can't speak Spanish. Strange, right?
Meet "Sebastian," a software engineer from Colombia who can't speak Spanish. Strange, right?
🛠️ HikvisionExploiter
HikvisionExploiter is a powerful and automated exploitation toolkit targeting unauthenticated endpoints on Hikvision IP cameras, particularly those running firmware version 3.1.3.150324.
github.com/HexBuddy/Hik...
HikvisionExploiter is a powerful and automated exploitation toolkit targeting unauthenticated endpoints on Hikvision IP cameras, particularly those running firmware version 3.1.3.150324.
github.com/HexBuddy/Hik...
November 7, 2025 at 4:18 AM
🛠️ HikvisionExploiter
HikvisionExploiter is a powerful and automated exploitation toolkit targeting unauthenticated endpoints on Hikvision IP cameras, particularly those running firmware version 3.1.3.150324.
github.com/HexBuddy/Hik...
HikvisionExploiter is a powerful and automated exploitation toolkit targeting unauthenticated endpoints on Hikvision IP cameras, particularly those running firmware version 3.1.3.150324.
github.com/HexBuddy/Hik...
Amazing footage of someone actually doing his job.
November 7, 2025 at 3:15 AM
Amazing footage of someone actually doing his job.
❗ The developer of the @NeoFreeBird app, which reverses X's Twitter branding and unlocks premium features for free, was invited by an X engineer to join X.
November 6, 2025 at 10:22 PM
❗ The developer of the @NeoFreeBird app, which reverses X's Twitter branding and unlocks premium features for free, was invited by an X engineer to join X.
🚨 Another notable alleged victim of cl0p ransomware group is Logitech.
November 6, 2025 at 6:55 PM
🚨 Another notable alleged victim of cl0p ransomware group is Logitech.
🚨 Cl0p ransomware group has listed The Washington Post as a victim.
November 6, 2025 at 6:49 PM
🚨 Cl0p ransomware group has listed The Washington Post as a victim.
🛠️ Al-Khaser
A PoC "malware" application with good intentions that aims to stress your anti-malware system. It performs a bunch of common malware tricks with the goal of seeing if you stay under the radar.
Try: github.com/ayoubfaouzi/...
A PoC "malware" application with good intentions that aims to stress your anti-malware system. It performs a bunch of common malware tricks with the goal of seeing if you stay under the radar.
Try: github.com/ayoubfaouzi/...
November 6, 2025 at 5:00 AM
🛠️ Al-Khaser
A PoC "malware" application with good intentions that aims to stress your anti-malware system. It performs a bunch of common malware tricks with the goal of seeing if you stay under the radar.
Try: github.com/ayoubfaouzi/...
A PoC "malware" application with good intentions that aims to stress your anti-malware system. It performs a bunch of common malware tricks with the goal of seeing if you stay under the radar.
Try: github.com/ayoubfaouzi/...
❗ Australia is banning social media for those under 16, enforcing age verification on platforms like Facebook, Instagram, Snapchat, Threads, TikTok, X, YouTube, Kick, and Reddit starting next month. Non-compliant platforms face fines up to $49.5 million.
November 6, 2025 at 3:45 AM
❗ Australia is banning social media for those under 16, enforcing age verification on platforms like Facebook, Instagram, Snapchat, Threads, TikTok, X, YouTube, Kick, and Reddit starting next month. Non-compliant platforms face fines up to $49.5 million.
📚 Hacking the World Poker Tour
A vulnerability in the online poker site ClubWPT Gold could have allowed attackers complete access to its core administrative application.
A vulnerability in the online poker site ClubWPT Gold could have allowed attackers complete access to its core administrative application.
November 5, 2025 at 3:30 AM
📚 Hacking the World Poker Tour
A vulnerability in the online poker site ClubWPT Gold could have allowed attackers complete access to its core administrative application.
A vulnerability in the online poker site ClubWPT Gold could have allowed attackers complete access to its core administrative application.
🚨 Threat actor Cyber Toufan released more details on the breach of Israeli defense contractor MAYA.
November 5, 2025 at 2:17 AM
🚨 Threat actor Cyber Toufan released more details on the breach of Israeli defense contractor MAYA.
🚨Peter Williams, 39, an Australian, pleaded guilty today in U.S. District Court to selling his employer’s trade secrets to a Russian cyber-tools broker.
November 5, 2025 at 12:21 AM
🚨Peter Williams, 39, an Australian, pleaded guilty today in U.S. District Court to selling his employer’s trade secrets to a Russian cyber-tools broker.