LT Tech Blog

GTIG AI Threat Tracker: Threat Actors Deploy AI-Enabled Malware in 2025

TL;DR Google’s Threat Intelligence Group reports a shift from using AI for productivity to embedding LLMs inside malware, including dropper…

December 24, 2025

Threats & Incidents Vulnerabilities & CVEs

Triofox Vulnerability CVE-2025-12480: Unauthenticated Host-Header Bypass Enables RCE

TL;DR Mandiant reported exploitation of an unauthenticated access flaw in Gladinet’s Triofox (CVE-2025-12480) that allowed attackers to bypass authentication, create…

December 24, 2025

Cybersecurity Security Tools

Time Travel Triage: Using Time Travel Debugging to Analyze .NET Hollowing

TL;DR Time Travel Debugging (TTD) in WinDbg lets analysts record a deterministic execution trace of a user-mode process and replay…

December 24, 2025

Cybersecurity Threats & Incidents

UNC1549 exploits third-party access, VDI breakouts and custom malware

TL;DR Mandiant's follow-up analysis details UNC1549 campaigns from late 2023 through 2025 targeting aerospace, aviation and defense sectors using supplier…

December 24, 2025

Cybersecurity Threats & Incidents

Beyond the Watering Hole — APT24 Shifts to Multi-Vector Espionage Attacks

TL;DR Google's Threat Intelligence Group is tracking a three-year campaign by APT24, a PRC-nexus actor, that uses a custom, heavily…

December 24, 2025

Threats & Incidents Vulnerabilities & CVEs

Sanctioned Intellexa Continues to Deploy Multiple Mobile Zero-Day Exploits

TL;DR Google's Threat Intelligence Group reports that Intellexa, despite US sanctions, remains an active commercial spyware vendor exploiting numerous mobile…

December 24, 2025

Threats & Incidents Vulnerabilities & CVEs

Multiple Threat Actors Exploiting React2Shell (CVE-2025-55182)

TL;DR A critical unauthenticated RCE in React Server Components, CVE-2025-55182 (React2Shell), was disclosed Dec. 3, 2025 and quickly saw widespread…

December 24, 2025

Cybersecurity Vulnerabilities & CVEs

Microsoft fixes 60+ Windows vulnerabilities in November Patch Tuesday, including zero-day

TL;DR Microsoft released fixes for more than 60 vulnerabilities across Windows and related products in the November Patch Tuesday cycle,…

December 24, 2025

Cloud & Dev Security incidents

Cloudflare Outage Exposes Dependence and Offers Security Roadmap

TL;DR A multi-hour Cloudflare outage on Nov. 18 disrupted many high-profile sites and forced some customers to bypass the service.…

December 24, 2025

Policy / Compliance Security Tools

Mozilla Ends Monitor Plus Ties to Onerep, Service Closing Dec. 17, 2025

TL;DR Mozilla said it will discontinue Monitor Plus — its paid data-broker scanning and removal offering that used Onerep —…

December 24, 2025

LT Tech Blog

Latest Post

Capita tells civil servants to wait for chatbots to fix pension portal issues

Auditing my subscriptions for the New Year revealed $100 in monthly waste

Samsung Galaxy S26 could rise in price in South Korea but stay flat in US

Galaxy S26 Edge’s Return in Doubt After Indian Certification Listing Sparks Debate

JBL expands open-ear lineup: Sense Pro, Sense Lite and Soundgear Clips land in March

Capita tells civil servants to wait for chatbots to fix pension portal issues

Auditing my subscriptions for the New Year revealed $100 in monthly waste

Samsung Galaxy S26 could rise in price in South Korea but stay flat in US

Galaxy S26 Edge’s Return in Doubt After Indian Certification Listing Sparks Debate

Capita tells civil servants to wait for chatbots to fix pension portal issues

Zoox issues voluntary recall after robotaxis cross lane lines near intersections

FCC Bans New Foreign-Made Drones in US, New DJI Models Blocked

John Carreyrou and other authors sue six AI firms over pirated book training

Capita tells civil servants to wait for chatbots to fix pension portal issues

Auditing my subscriptions for the New Year revealed $100 in monthly waste

Samsung Galaxy S26 could rise in price in South Korea but stay flat in US

Galaxy S26 Edge’s Return in Doubt After Indian Certification Listing Sparks Debate

GTIG AI Threat Tracker: Threat Actors Deploy AI-Enabled Malware in 2025

Triofox Vulnerability CVE-2025-12480: Unauthenticated Host-Header Bypass Enables RCE

Time Travel Triage: Using Time Travel Debugging to Analyze .NET Hollowing

UNC1549 exploits third-party access, VDI breakouts and custom malware

Beyond the Watering Hole — APT24 Shifts to Multi-Vector Espionage Attacks

Sanctioned Intellexa Continues to Deploy Multiple Mobile Zero-Day Exploits

Multiple Threat Actors Exploiting React2Shell (CVE-2025-55182)

Microsoft fixes 60+ Windows vulnerabilities in November Patch Tuesday, including zero-day

Cloudflare Outage Exposes Dependence and Offers Security Roadmap

Mozilla Ends Monitor Plus Ties to Onerep, Service Closing Dec. 17, 2025

You missed

Capita tells civil servants to wait for chatbots to fix pension portal issues

Auditing my subscriptions for the New Year revealed $100 in monthly waste

Samsung Galaxy S26 could rise in price in South Korea but stay flat in US

Galaxy S26 Edge’s Return in Doubt After Indian Certification Listing Sparks Debate