Videos worth watching
More videos
so malware is invisible now lol
https://jh.live/flare || Manage threat intelligence and your exposed attack surface with Flare! Try a free trial and see what info
Next.js & React vulnerability will break the internet
https://react2shell.com/ https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components https://www.cve.org/CVERecord?id=CVE-2025-55182 https://www.wiz.io/blog/critical-vulnerability-in-react-cve-2025-55182 https://nextjs.org/docs/app/api-reference/cli/create-next-app https://nextjs.org/blog/CVE-2025-66478 https://x.com/stdoutput https://x.com/stdoutput/status/1996691357709246774 https://github.com/msanft/CVE-2025-55182 https://x.com/maple3142 https://x.com/maple3142/status/1996687157789155647 https://gist.github.com/maple3142/48bc9393f45e068cf8c90ab865c0f5f3 https://github.com/facebook/react/security/advisories/GHSA-fv66-9v8q-g76r https://x.com/swithak/status/1996584166964478162 https://gist.github.com/SwitHak/53766595ff3f2aaba237b1f3d92c4146 https://github.com/assetnote/react2shell-scanner https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/ https://gist.github.com/joe-desimone/ff0cae0aa0d20965d502e7a97cbde3e3 https://x.com/rauchg/status/1996701434029789366 Learn
Ransomware Scam
The Europol notice for a bounty on Qilin ransomware was fake. Credit to Edward Kovacs from SecurityWeek for breaking the
Phishing for Passwords! (Advent of Cyber Day 02)
https://jh.live/aoc2025 || Jump into the TryHackMe Advent of Cyber 2025, free to play and anyone can join to level up
Hacking Endpoint to Identity (Microsoft 365): “ConsentFix”
https://jh.live/hex-rays || Disassemble, decompile and debug with IDA Pro! Use promo code HAMMOND50 for 50% off any IDA Pro product
Infostealer Malware Logs Analyzed by… AI !?!
https://jh.live/flare || Manage threat intelligence and your exposed attack surface with Flare! Try a free trial and see what info
carving emails & AI prompt injection hacking
https://jh.live/rekcah – Get the comics! || https://jh.live/antisyphon-2025 – Black Friday || Snag THE FUTURE IS ****** to play along with
Just ServiceUI.exe
The Microsoft Deployment Toolkit MSI contains ServiceUI.exe, but you don’t need the whole installer to see how that signed Microsoft
Beginner Blue Team Training!
Beginner Blue Team Training! Just Hacking Training livestream on December 5, 2025 at 1pm ET/10am PT. https://justhacking.comJohn HammondRead More
Someone Downloaded All of Spotify #technews #cybersecurity
Hak5 — Cyber Security Education, Inspiration, News & Community since 2005: —–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆—–☆ Our Site → https://www.hak5.org Shop → http://hakshop.myshopify.com/ Community
Latest
Threats Making WAVs – Incident Response to a Cryptomining Attack
Guardicore security researchers describe and uncover a full analysis of a cryptomining attack, which hid a cryptominer inside WAV files.
