Mert SARICA
@hack4career.com
SEC bails on SolarWinds lawsuit www.theregister.com/2025/11/20/s...
SEC bails on SolarWinds lawsuit
: Company 'clearly delighted' with the outcome
www.theregister.com
November 21, 2025 at 1:05 PM
SEC bails on SolarWinds lawsuit www.theregister.com/2025/11/20/s...
Chinese APT Infects Routers to Hijack Software Updates www.darkreading.com/endpoint-sec...
Chinese APT Infects Routers to Hijack Software Updates
A unique take on the software update gambit has allowed "PlushDaemon" to evade attention as it mostly targets Chinese organizations.
www.darkreading.com
November 21, 2025 at 1:00 PM
Chinese APT Infects Routers to Hijack Software Updates www.darkreading.com/endpoint-sec...
My cybersecurity blog turns 16 years old today.
It’s been a long journey of research, writing, and sharing what I’ve learned with the community. Thanks for all the support over the years.
Knowledge is power and grows as it is shared!
www.mertsarica.com/my-blog-is-1...
It’s been a long journey of research, writing, and sharing what I’ve learned with the community. Thanks for all the support over the years.
Knowledge is power and grows as it is shared!
www.mertsarica.com/my-blog-is-1...
My Blog Turns 16 Today! | Hack 4 Career
For the past 16 years, this blog has been more than a place where I share what I learn about cybersecurity—it has been a quiet witness to my professional journey. Throughout this time, I’ve tried to…
www.mertsarica.com
November 20, 2025 at 1:51 PM
My cybersecurity blog turns 16 years old today.
It’s been a long journey of research, writing, and sharing what I’ve learned with the community. Thanks for all the support over the years.
Knowledge is power and grows as it is shared!
www.mertsarica.com/my-blog-is-1...
It’s been a long journey of research, writing, and sharing what I’ve learned with the community. Thanks for all the support over the years.
Knowledge is power and grows as it is shared!
www.mertsarica.com/my-blog-is-1...
3.5 Billion WhatsApp Accounts Identified Through Enumeration socradar.io/3-5-billion-...
3.5 Billion WhatsApp Accounts Identified Through Enumeration
The researchers tested more than 63 billion potential phone numbers across 245 countries and discovered 3.5 billion active WhatsApp accounts...
socradar.io
November 20, 2025 at 1:05 PM
3.5 Billion WhatsApp Accounts Identified Through Enumeration socradar.io/3-5-billion-...
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters www.bleepingcomputer.com/news/securit...
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters
An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation.
www.bleepingcomputer.com
November 19, 2025 at 2:07 PM
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters www.bleepingcomputer.com/news/securit...
A Cloudflare outage is taking down parts of the internet - here's what we know so far www.techradar.com/pro/live/a-c...
A Cloudflare outage is taking down parts of the internet - here's what we know so far
Cloudflare issue is affecting lots of websites
www.techradar.com
November 18, 2025 at 1:42 PM
A Cloudflare outage is taking down parts of the internet - here's what we know so far www.techradar.com/pro/live/a-c...
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More thehackernews.com/2025/11/week...
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
Fortinet CVE exploited, China-linked AI attacks exposed, PhaaS platform dismantled, and fake crypto apps deploy RATs. Catch this week’s top threats.
thehackernews.com
November 18, 2025 at 1:00 PM
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More thehackernews.com/2025/11/week...
North Korean threat actors use JSON sites to deliver malware via trojanized code securityaffairs.com/184726/cyber...
North Korean threat actors use JSON sites to deliver malware via trojanized code
North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports.
securityaffairs.com
November 17, 2025 at 1:31 PM
North Korean threat actors use JSON sites to deliver malware via trojanized code securityaffairs.com/184726/cyber...
Five admit helping North Korea evade sanctions through IT worker schemes securityaffairs.com/184712/cyber...
Five admit helping North Korea evade sanctions through IT worker schemes
Five pleaded guilty to aiding North Korea’s illicit revenue via IT worker fraud, violating international sanctions.
securityaffairs.com
November 17, 2025 at 1:24 PM
Five admit helping North Korea evade sanctions through IT worker schemes securityaffairs.com/184712/cyber...
Eurofiber Breach Exposes Critical Infrastructure Data Across Europe – What You Need to Know socradar.io/eurofiber-br...
Eurofiber Breach Exposes Critical Infrastructure Data Across Europe – What You Need to Know
A major supply chain breach has surfaced at Eurofiber, a core digital infrastructure provider serving thousands of public and private-sector organizations
socradar.io
November 17, 2025 at 1:02 PM
Eurofiber Breach Exposes Critical Infrastructure Data Across Europe – What You Need to Know socradar.io/eurofiber-br...
Disrupting the first reported AI-orchestrated cyber espionage campaign
assets.anthropic.com
November 15, 2025 at 1:01 AM
Disrupting the first reported AI-orchestrated cyber espionage campaign
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors cybersecuritynews.com/washington-p...
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors
The Washington Post disclosed a significant data breach involving external hacking of its Oracle E-Suite system.
cybersecuritynews.com
November 14, 2025 at 1:10 PM
Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors cybersecuritynews.com/washington-p...
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown thehackernews.com/2025/11/oper...
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown
Europol’s Operation Endgame dismantles major malware networks, seizes 1,025 servers, and arrests key suspect.
thehackernews.com
November 14, 2025 at 1:05 PM
Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown thehackernews.com/2025/11/oper...
Spy boss says authoritarian nations poised for sabotage
Spy boss says authoritarian nations poised for sabotage
: ‘Elite teams’ are pondering cyber-attacks to turn off energy supply or telecoms networks
www.theregister.com
November 12, 2025 at 1:05 PM
Spy boss says authoritarian nations poised for sabotage
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics
Attackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication.
www.securityweek.com
November 12, 2025 at 1:01 PM
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics
EFF Teams Up With AV Comparatives to Test Android Stalkerware Detection by Major Antivirus Apps
EFF Teams Up With AV Comparatives to Test Android Stalkerware Detection by Major Antivirus Apps
EFF has, for many years, raised the alarm about the proliferation of stalkerware—commercially-available apps designed to be installed covertly on another person’s device to exfiltrate data from that…
www.eff.org
November 10, 2025 at 1:10 PM
EFF Teams Up With AV Comparatives to Test Android Stalkerware Detection by Major Antivirus Apps
Landfall spyware used in 0-day attacks on Samsung phones
Landfall spyware used in 0-day attacks on Samsung phones
: 'Precision espionage campaign' began months before the flaw was fixed
www.theregister.com
November 10, 2025 at 1:05 PM
Landfall spyware used in 0-day attacks on Samsung phones
Bulwark: Unpacking the Packer That Redefines Malware Evasion
Bulwark: Unpacking the Packer That Redefines Malware Evasion - SOCRadar® Cyber Intelligence Inc.
In 2025, a tool named Bulwark began circulating on underground markets, promising complete invisibility for Windows executables. Marketed as a legitimate
socradar.io
November 10, 2025 at 1:05 PM
Bulwark: Unpacking the Packer That Redefines Malware Evasion
Everest Ransomware Group Interview on Collins Aerospace Breach
Exclusive: Everest Ransomware Group Interview on Collins Aerospace Breach - Daily Dark Web
Exclusive: Everest Ransomware Group Interview on Collins Aerospace Breach Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber…
dailydarkweb.net
November 10, 2025 at 1:01 PM
Everest Ransomware Group Interview on Collins Aerospace Breach
Was the İstanbul Senin app, linked to Istanbul Municipality, really hacked — or was it something else?
In my latest blog post, I investigate the alleged leak of 4.7M users’ data from a citizen’s perspective. 👇
🔗 www.hack4career.com/istanbul-sen...
In my latest blog post, I investigate the alleged leak of 4.7M users’ data from a citizen’s perspective. 👇
🔗 www.hack4career.com/istanbul-sen...
Istanbul Senin Data Breach | Hack 4 Career
Introduction When the calendar showed May 26, 2025, a post appeared on DarkForums — a platform frequented by cybercriminals — from a threat actor using the alias kovalidis. In the message, the actor, ...
www.hack4career.com
November 7, 2025 at 1:02 PM
Was the İstanbul Senin app, linked to Istanbul Municipality, really hacked — or was it something else?
In my latest blog post, I investigate the alleged leak of 4.7M users’ data from a citizen’s perspective. 👇
🔗 www.hack4career.com/istanbul-sen...
In my latest blog post, I investigate the alleged leak of 4.7M users’ data from a citizen’s perspective. 👇
🔗 www.hack4career.com/istanbul-sen...
ClickFix & FileFix: How a Copy-Paste Trick Became 2025’s Top Social Engineering Threat
ClickFix & FileFix: How a Copy-Paste Trick Became 2025’s Top Social Engineering Threat - SOCRadar® Cyber Intelligence Inc.
ClickFix attacks are redefining what social engineering looks like in 2025. What began as a niche trick buried in shady corners of the web has...
socradar.io
November 6, 2025 at 1:10 PM
ClickFix & FileFix: How a Copy-Paste Trick Became 2025’s Top Social Engineering Threat
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against…
thehackernews.com
November 6, 2025 at 1:01 PM
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Hacktivist-Driven DDoS Dominates Attacks on Public Sector
Hacktivist-Driven DDoS Dominates Attacks on Public Sector
ENISA report reveals DDoS accounted for 60% of public sector security incidents last year
www.infosecurity-magazine.com
November 6, 2025 at 1:00 PM
Hacktivist-Driven DDoS Dominates Attacks on Public Sector
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia | TechCrunch
Peter Williams sold eight exploits to a Russian zero-day broker by smuggling them from his employer’s highly secured air-gapped network. A court document, plus exclusive reporting by TechCrunch and…
techcrunch.com
November 5, 2025 at 1:01 PM
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
Choosing the VPN That's Right for You
Choosing the VPN That's Right for You
VPN stands for “Virtual Private Network.” When you connect to a VPN, all data that you send (such as the requests to servers when browsing the web) appears to originate from the VPN itself, rather…
ssd.eff.org
November 4, 2025 at 1:05 PM
Choosing the VPN That's Right for You