EvilBit Labs
@evilbitlabs.io
EvilBit Labs LLC is a software tool foundry focused on creating high-quality, local-first security tools for red and blue teams in real-world environments, including air-gapped labs, restricted networks, and areas overlooked by the cloud.
Attackers innovate around trust.
Verify before trusting links, QR codes, or downloads.
🛡️ Stay safe!
https://news.evilbitlabs.io/2026-01-14-evilbit-threat-digest/
Verify before trusting links, QR codes, or downloads.
🛡️ Stay safe!
https://news.evilbitlabs.io/2026-01-14-evilbit-threat-digest/
January 14, 2026 at 11:59 PM
Attackers innovate around trust.
Verify before trusting links, QR codes, or downloads.
🛡️ Stay safe!
https://news.evilbitlabs.io/2026-01-14-evilbit-threat-digest/
Verify before trusting links, QR codes, or downloads.
🛡️ Stay safe!
https://news.evilbitlabs.io/2026-01-14-evilbit-threat-digest/
Trust is fragile 🔒
From browser extensions to group chats, threats are everywhere.
Stay alert! 👀
https://news.evilbitlabs.io/2026-01-11-evilbit-threat-digest/
From browser extensions to group chats, threats are everywhere.
Stay alert! 👀
https://news.evilbitlabs.io/2026-01-11-evilbit-threat-digest/
January 12, 2026 at 3:27 AM
Trust is fragile 🔒
From browser extensions to group chats, threats are everywhere.
Stay alert! 👀
https://news.evilbitlabs.io/2026-01-11-evilbit-threat-digest/
From browser extensions to group chats, threats are everywhere.
Stay alert! 👀
https://news.evilbitlabs.io/2026-01-11-evilbit-threat-digest/
Parity beats promises. CI/CD or it didn’t happen.
January 9, 2026 at 7:00 PM
Parity beats promises. CI/CD or it didn’t happen.
🚨 Supply chain attacks hit npm again.
Blockchain C2, Discord RATs, AI prompt hacks.
Stay sharp!
https://news.evilbitlabs.io/2026-01-09-zeroday-field-notes/
Blockchain C2, Discord RATs, AI prompt hacks.
Stay sharp!
https://news.evilbitlabs.io/2026-01-09-zeroday-field-notes/
January 9, 2026 at 2:27 PM
🚨 Supply chain attacks hit npm again.
Blockchain C2, Discord RATs, AI prompt hacks.
Stay sharp!
https://news.evilbitlabs.io/2026-01-09-zeroday-field-notes/
Blockchain C2, Discord RATs, AI prompt hacks.
Stay sharp!
https://news.evilbitlabs.io/2026-01-09-zeroday-field-notes/
🛡️Defenders set traps with synthetic data.
Attackers exploit FortiWeb & supply chains.
Stay sharp! 🔒
https://news.evilbitlabs.io/2026-01-07-evilbit-threat-digest/
Attackers exploit FortiWeb & supply chains.
Stay sharp! 🔒
https://news.evilbitlabs.io/2026-01-07-evilbit-threat-digest/
January 9, 2026 at 2:18 PM
🛡️Defenders set traps with synthetic data.
Attackers exploit FortiWeb & supply chains.
Stay sharp! 🔒
https://news.evilbitlabs.io/2026-01-07-evilbit-threat-digest/
Attackers exploit FortiWeb & supply chains.
Stay sharp! 🔒
https://news.evilbitlabs.io/2026-01-07-evilbit-threat-digest/
𝗗𝗲𝘀𝗶𝗴𝗻 𝗡𝗼𝘁𝗲𝘀 𝗳𝗿𝗼𝗺 𝘁𝗵𝗲 𝗤𝘂𝗶𝗲𝘁 𝗙𝗼𝗿𝗴𝗲
Dark-mode CLIs, readable errors, stable JSON schemas, just tasks that mirror CI. The goal: parity between your laptop and the build system so “works here” and “works there” finally match.
Dark-mode CLIs, readable errors, stable JSON schemas, just tasks that mirror CI. The goal: parity between your laptop and the build system so “works here” and “works there” finally match.
January 6, 2026 at 1:00 AM
𝗗𝗲𝘀𝗶𝗴𝗻 𝗡𝗼𝘁𝗲𝘀 𝗳𝗿𝗼𝗺 𝘁𝗵𝗲 𝗤𝘂𝗶𝗲𝘁 𝗙𝗼𝗿𝗴𝗲
Dark-mode CLIs, readable errors, stable JSON schemas, just tasks that mirror CI. The goal: parity between your laptop and the build system so “works here” and “works there” finally match.
Dark-mode CLIs, readable errors, stable JSON schemas, just tasks that mirror CI. The goal: parity between your laptop and the build system so “works here” and “works there” finally match.
Threat actors never rest.
Patch your servers.
Audit extensions.
Stay sharp in 2026! 🕷️
https://news.evilbitlabs.io/2026-01-02-zeroday-field-notes/
Patch your servers.
Audit extensions.
Stay sharp in 2026! 🕷️
https://news.evilbitlabs.io/2026-01-02-zeroday-field-notes/
January 4, 2026 at 4:50 AM
Threat actors never rest.
Patch your servers.
Audit extensions.
Stay sharp in 2026! 🕷️
https://news.evilbitlabs.io/2026-01-02-zeroday-field-notes/
Patch your servers.
Audit extensions.
Stay sharp in 2026! 🕷️
https://news.evilbitlabs.io/2026-01-02-zeroday-field-notes/
🚨 Final week of 2025: MongoDB leaks, Qilin ransomware, supply-chain threats.
Patch fast.
Stay sharp.
https://news.evilbitlabs.io/2025-12-31-evilbit-threat-digest/
Patch fast.
Stay sharp.
https://news.evilbitlabs.io/2025-12-31-evilbit-threat-digest/
January 4, 2026 at 4:50 AM
🚨 Final week of 2025: MongoDB leaks, Qilin ransomware, supply-chain threats.
Patch fast.
Stay sharp.
https://news.evilbitlabs.io/2025-12-31-evilbit-threat-digest/
Patch fast.
Stay sharp.
https://news.evilbitlabs.io/2025-12-31-evilbit-threat-digest/
Small binary. Big mood.
Happy 111 1110 1010!
Happy 111 1110 1010!
January 1, 2026 at 6:02 AM
Small binary. Big mood.
Happy 111 1110 1010!
Happy 111 1110 1010!
Happy 07EA to our z/Architecture and m68k friends!
January 1, 2026 at 5:02 AM
Happy 07EA to our z/Architecture and m68k friends!
𝗪𝗵𝗲𝗻 𝗟𝗲𝘀𝘀 𝗖𝗼𝗱𝗲 𝗜𝘀 𝗣𝗿𝗼𝗴𝗿𝗲𝘀𝘀
We delete code when simpler wins: fewer deps, smaller binaries, predictable behaviors. Fewer moving parts mean fewer surprises when the WAN link dies and the mission doesn’t.
We delete code when simpler wins: fewer deps, smaller binaries, predictable behaviors. Fewer moving parts mean fewer surprises when the WAN link dies and the mission doesn’t.
December 29, 2025 at 7:00 AM
𝗪𝗵𝗲𝗻 𝗟𝗲𝘀𝘀 𝗖𝗼𝗱𝗲 𝗜𝘀 𝗣𝗿𝗼𝗴𝗿𝗲𝘀𝘀
We delete code when simpler wins: fewer deps, smaller binaries, predictable behaviors. Fewer moving parts mean fewer surprises when the WAN link dies and the mission doesn’t.
We delete code when simpler wins: fewer deps, smaller binaries, predictable behaviors. Fewer moving parts mean fewer surprises when the WAN link dies and the mission doesn’t.
Threats didn't take a holiday.
Java, Firefox, Chrome, DNS updates all hit.
Audit now! 🔒
https://news.evilbitlabs.io/2025-12-28-evilbit-threat-digest/
Java, Firefox, Chrome, DNS updates all hit.
Audit now! 🔒
https://news.evilbitlabs.io/2025-12-28-evilbit-threat-digest/
December 29, 2025 at 1:36 AM
Threats didn't take a holiday.
Java, Firefox, Chrome, DNS updates all hit.
Audit now! 🔒
https://news.evilbitlabs.io/2025-12-28-evilbit-threat-digest/
Java, Firefox, Chrome, DNS updates all hit.
Audit now! 🔒
https://news.evilbitlabs.io/2025-12-28-evilbit-threat-digest/
🚨 Attacks on WatchGuard, Next.js, macOS, and more.
Patch now or risk compromise!
Stay sharp!
https://news.evilbitlabs.io/2025-12-26-zeroday-field-notes/
Patch now or risk compromise!
Stay sharp!
https://news.evilbitlabs.io/2025-12-26-zeroday-field-notes/
December 26, 2025 at 7:36 PM
🚨 Attacks on WatchGuard, Next.js, macOS, and more.
Patch now or risk compromise!
Stay sharp!
https://news.evilbitlabs.io/2025-12-26-zeroday-field-notes/
Patch now or risk compromise!
Stay sharp!
https://news.evilbitlabs.io/2025-12-26-zeroday-field-notes/
🚨 Massive DDoS botnets, APT attacks, mobile & browser malware.
Patch, audit, defend!
Stay safe.
https://news.evilbitlabs.io/2025-12-24-evilbit-threat-digest/
Patch, audit, defend!
Stay safe.
https://news.evilbitlabs.io/2025-12-24-evilbit-threat-digest/
December 26, 2025 at 5:14 PM
🚨 Massive DDoS botnets, APT attacks, mobile & browser malware.
Patch, audit, defend!
Stay safe.
https://news.evilbitlabs.io/2025-12-24-evilbit-threat-digest/
Patch, audit, defend!
Stay safe.
https://news.evilbitlabs.io/2025-12-24-evilbit-threat-digest/
Trust is a build artifact.
December 26, 2025 at 6:00 AM
Trust is a build artifact.
Critical flaws in Fortinet, Cisco, and React.
Patch now!
Watch your supply chain.
Stay safe! 🦊
https://news.evilbitlabs.io/2025-12-21-evilbit-threat-digest/
Patch now!
Watch your supply chain.
Stay safe! 🦊
https://news.evilbitlabs.io/2025-12-21-evilbit-threat-digest/
December 25, 2025 at 3:06 AM
Critical flaws in Fortinet, Cisco, and React.
Patch now!
Watch your supply chain.
Stay safe! 🦊
https://news.evilbitlabs.io/2025-12-21-evilbit-threat-digest/
Patch now!
Watch your supply chain.
Stay safe! 🦊
https://news.evilbitlabs.io/2025-12-21-evilbit-threat-digest/
𝗦𝗕𝗢𝗠𝘀 𝗧𝗵𝗮𝘁 𝗔𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗛𝗲𝗹𝗽
Every release ships SPDX SBOM + provenance so you can answer: “What is this?” “Where did it come from?” “Can I trust it offline?” That’s not a compliance checkbox—it’s a field requirement.
Every release ships SPDX SBOM + provenance so you can answer: “What is this?” “Where did it come from?” “Can I trust it offline?” That’s not a compliance checkbox—it’s a field requirement.
December 22, 2025 at 5:00 PM
𝗦𝗕𝗢𝗠𝘀 𝗧𝗵𝗮𝘁 𝗔𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗛𝗲𝗹𝗽
Every release ships SPDX SBOM + provenance so you can answer: “What is this?” “Where did it come from?” “Can I trust it offline?” That’s not a compliance checkbox—it’s a field requirement.
Every release ships SPDX SBOM + provenance so you can answer: “What is this?” “Where did it come from?” “Can I trust it offline?” That’s not a compliance checkbox—it’s a field requirement.
Quiet vuln week!
Let's talk new offensive tools:
SROP sleep tricks 💤
Local AI auto-exploit 🤖
Check them out!
https://news.evilbitlabs.io/2025-12-19-zeroday-field-notes/
Let's talk new offensive tools:
SROP sleep tricks 💤
Local AI auto-exploit 🤖
Check them out!
https://news.evilbitlabs.io/2025-12-19-zeroday-field-notes/
December 19, 2025 at 10:12 PM
Quiet vuln week!
Let's talk new offensive tools:
SROP sleep tricks 💤
Local AI auto-exploit 🤖
Check them out!
https://news.evilbitlabs.io/2025-12-19-zeroday-field-notes/
Let's talk new offensive tools:
SROP sleep tricks 💤
Local AI auto-exploit 🤖
Check them out!
https://news.evilbitlabs.io/2025-12-19-zeroday-field-notes/
Cancel culture: recurring licenses.
December 19, 2025 at 6:00 AM
Cancel culture: recurring licenses.
𝗡𝗼 𝗦𝘂𝗯𝘀𝗰𝗿𝗶𝗽𝘁𝗶𝗼𝗻𝘀. 𝗦𝗮𝗻𝗶𝘁𝘆 𝗜𝗻𝘁𝗮𝗰𝘁.
We prefer flat pricing and paid add-ons (rule packs, datasets, optional GUIs). No growth treadmill. Sustainability > churn. Tools should help your mission, not become one.
We prefer flat pricing and paid add-ons (rule packs, datasets, optional GUIs). No growth treadmill. Sustainability > churn. Tools should help your mission, not become one.
December 15, 2025 at 8:00 AM
𝗡𝗼 𝗦𝘂𝗯𝘀𝗰𝗿𝗶𝗽𝘁𝗶𝗼𝗻𝘀. 𝗦𝗮𝗻𝗶𝘁𝘆 𝗜𝗻𝘁𝗮𝗰𝘁.
We prefer flat pricing and paid add-ons (rule packs, datasets, optional GUIs). No growth treadmill. Sustainability > churn. Tools should help your mission, not become one.
We prefer flat pricing and paid add-ons (rule packs, datasets, optional GUIs). No growth treadmill. Sustainability > churn. Tools should help your mission, not become one.
Shipped for homelab pain. Ready for enclave pain.
December 12, 2025 at 1:00 PM
Shipped for homelab pain. Ready for enclave pain.
𝗛𝗼𝗺𝗲𝗹𝗮𝗯 𝗙𝗶𝗿𝘀𝘁, 𝗘𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲 𝗡𝗲𝘅𝘁
Our earliest users are homelab operators. You break it, we harden it. When those tools walk into an enclave, they already survived bad Wi-Fi, weird NAS mounts, and three flavors of “Works on my machine.”
Our earliest users are homelab operators. You break it, we harden it. When those tools walk into an enclave, they already survived bad Wi-Fi, weird NAS mounts, and three flavors of “Works on my machine.”
December 8, 2025 at 6:00 AM
𝗛𝗼𝗺𝗲𝗹𝗮𝗯 𝗙𝗶𝗿𝘀𝘁, 𝗘𝗻𝘁𝗲𝗿𝗽𝗿𝗶𝘀𝗲 𝗡𝗲𝘅𝘁
Our earliest users are homelab operators. You break it, we harden it. When those tools walk into an enclave, they already survived bad Wi-Fi, weird NAS mounts, and three flavors of “Works on my machine.”
Our earliest users are homelab operators. You break it, we harden it. When those tools walk into an enclave, they already survived bad Wi-Fi, weird NAS mounts, and three flavors of “Works on my machine.”
🔥 Wild week in cyber!
React RCE forces urgent patches.
Malware evolves.
Trust nothing—update fast! 🚨
https://news.evilbitlabs.io/2025-12-07-evilbit-threat-digest/
React RCE forces urgent patches.
Malware evolves.
Trust nothing—update fast! 🚨
https://news.evilbitlabs.io/2025-12-07-evilbit-threat-digest/
December 7, 2025 at 9:03 PM
🔥 Wild week in cyber!
React RCE forces urgent patches.
Malware evolves.
Trust nothing—update fast! 🚨
https://news.evilbitlabs.io/2025-12-07-evilbit-threat-digest/
React RCE forces urgent patches.
Malware evolves.
Trust nothing—update fast! 🚨
https://news.evilbitlabs.io/2025-12-07-evilbit-threat-digest/
🔥 October was wild!
Major RCEs, rootkits, SQLi, and React exploits.
Patch fast. Stay sharp.
🛡️
https://news.evilbitlabs.io/2025-12-05-zeroday-field-notes/
Major RCEs, rootkits, SQLi, and React exploits.
Patch fast. Stay sharp.
🛡️
https://news.evilbitlabs.io/2025-12-05-zeroday-field-notes/
December 6, 2025 at 4:37 AM
🔥 October was wild!
Major RCEs, rootkits, SQLi, and React exploits.
Patch fast. Stay sharp.
🛡️
https://news.evilbitlabs.io/2025-12-05-zeroday-field-notes/
Major RCEs, rootkits, SQLi, and React exploits.
Patch fast. Stay sharp.
🛡️
https://news.evilbitlabs.io/2025-12-05-zeroday-field-notes/
Release notes you can grep. Artifacts you can verify.
December 5, 2025 at 9:00 PM
Release notes you can grep. Artifacts you can verify.