New “InstallFix” attacks are pushing malware through fake install guides.
Attackers clone CLI tool docs (like Claude Code), run malvertising campaigns, and replace legit install commands with malicious ones that deploy the Amatera infostealer.
Via www.bleepingcomputer.com/news/securit...
Join The Wednesday Offensive: redsiege.com/wedoff
Here's what we've got coming up!
#hacking #infosec #cybersecurity
Who’s a good authentication protocol? Now hand over the tickets.
#hacking #infosec #cybersecurity
New edition of the SiegeStack coming soon!
Stay up to date on the latest happenings in cybersecurity, insights from industry professionals, and what we here at RedSiege have in store for you!
Subscribe 🔗 redsiege.com/signup
#hacking #infosec #cybersecurity
Today is as good day to learn about shellcode obfuscation!
"Adventures in Shellcode Obfuscation" by Principal Security Consultant Mike Saunders is a 14-part series packed with practical techniques to safeguard code and strengthen loaders.
🔗 redsiege.com/adventures-i...
#hacking #infosec
Thank you Brett Fernicola for your time and leading the discussion for another great Wednesday Offensive! Next week we have TJ Toterhi talking about cURL for pentesters.
See you there 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
WAKE UP! It's Wednesday! On Today's Wednesday Offensive we have Brett Fernicola talking about detecting and disrupting the DPRK remote worker scheme.
See you at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
If you're headed to INTERFACE Portland on March 19, don't miss our CEO @timmedin.bsky.social presenting "What the Hack is Going On?"
Learn more 🔗 f2fevents.com/event/pdx26/
#hacking #infosec #cybersecurity
🔔 Friendly Neighborhood Reminder 🔔 Tune in tomorrow to The Wednesday Offensive as Brett Fernicola breaks down how to detect and disrupt the DPRK remote worker scheme.
Join the conversation at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Hackers used 4,000+ IPs to scan SonicWall firewalls, mapping SSL VPN targets for likely exploitation. With 430K exposed devices, a large-scale ransomware campaign may be imminent.
via Cyber Security News ®
cybersecuritynews.com/hackers-atta...
#hacking #infosec #cybersecurity
ClawJacked flaw let malicious sites brute-force and hijack local OpenClaw instances via WebSocket, enabling data theft and full takeover. Fixed in v2026.2.26; users should update immediately.
via @bleepingcomputer.com
www.bleepingcomputer.com/news/securit...
#hacking #infosec #cybersecurity
Here's what we've got coming up!
#hacking #infosec #cybersecurity
It started out with a vish, how did it end up like this?
#hacking #infosec #cybersecurity
Security Consultant Ian Briley gives a step-by-step breakdown of how to quickly set up a threat detection lab using Splunk Attack Range 🔗 redsiege.com/threatdetection
#hacking #infosec #cybersecurity
Security Consultant Stuart Rorer dives into how seemingly harmless error messages can leak valuable intel, arming attackers with exactly what they need 🔗 redsiege.com/errors
#hacking #infosec #cybersecurity
Thank you to William Wallace for coming on The Wednesday Offensive today to talk about your remote process injection technique! Fun discussion as always.
We'll see y'all next week!
Same time, same channel 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
Wake up, it's Wednesday! Time for the 2nd Best Show on the Internet: The Wednesday Offensive!
See you at 130pm ET 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
How do attackers stay stealthy without burning the endpoint? In this SiegeCast, Red Siege consultants Justin Palk and Ian Briley break down proxy-based evasion techniques.
🔗 redsiege.com/notrace
#hacking #infosec #cybersecurity
@timmedin.bsky.social pro tip of the day: DO NOT do 10 million packets per second.
Learn that (and way more) in Penetration Testing: Beyond the Basics
Now On Demand 🔗 redsiege.com/btb
#hacking #infosec #cybersecurity #training #pentesting
Intellexa’s Predator spyware hooks iOS SpringBoard to suppress camera and mic indicators, hiding surveillance. With kernel access, it blocks sensor updates so recording dots never appear, keeping users unaware.
via @bleepingcomputer.com
www.bleepingcomputer.com/news/securit...
Starkiller phishing framework proxies real login pages to steal credentials and bypass MFA, enabling session hijacking. Sold as SaaS, it evades traditional defenses with dynamic, real-time attacks.
via @cybersecuritynews.bsky.social
cybersecuritynews.com/new-phishing...
Here's what we've got coming up this week!
#hacking #infosec #cybersecurity
As you go into this weekend, choose the vibe!
🔗🔊 Lofi Volume 1 to focus: redsiege.com/lofi-vol1
🔗🔊 Lofi Volume 2 to enhance your sessions: redsiege.com/lofi-vol2
🔗🔊 Your own Hacking and Defending Montage with Digital Dreams: redsiege.com/digitaldreams
#hacking #infosec #cybersecurity
We met a ton of awesome folks last week at Wild West Hackin' Fest Mile High who are just kicking off their offensive security journey, and it inspired us to share this oldie but goodie talk from our Security Consultant Jason Downey:
🔗 youtu.be/ERSecYxFHTY?...
#hacking #infosec #cybersecurity
Get the SiegeStack delivered directly to your inbox!
Stay up to date on the latest happenings in cybersecurity, insights from industry professionals, and what we here at RedSiege have in store for you!
Subscribe 🔗 redsiege.com/signup
#hacking #infosec #cybersecurity
Thank you Victoria Goodwin for leading a fun and informative discussion today! We'll see y'all next week.
Same time. Same channel. 🔗 redsiege.com/wedoff
#hacking #infosec #cybersecurity
