SolarWinds Security Vulnerabilities - https://www.solarwinds.com/trust-center/security-advisories 

SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts - https://www.wiz.io/blog/sapwned-sap-ai-vulnerabilities-ai-security 

SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts - https://www.wiz.io/blog/sapwned-sap-ai-vulnerabilities-ai-security 

APT41 Has Arisen From the DUST - https://cloud.google.com/blog/topics/threat-intelligence/apt41-arisen-from-dust/ 

CrowdStrike code update bricking Windows machines around the world - https://www.theregister.com/2024/07/19/crowdstrike_falcon_sensor_bsod_incident/ 

Tweet de BRODY NISBET - https://x.com/brody_n77/status/1814185935476863321 

Cisco Smart Software Manager On-Prem Password Change Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy 

Cisco Secure Email Gateway Arbitrary File Write Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH 

FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks - https://www.sentinelone.com/labs/fin7-reboot-cybercrime-gang-enhances-ops-with-new-edr-bypasses-and-automated-attacks/  

The Return of Ghost Emperor’s Demodex - https://www.sygnia.co/blog/ghost-emperor-demodex-rootkit/ 

North Korean Hackers Update BeaverTail Malware to Target MacOS Users - https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html 

Deep Dive: Exposing Stealthy New BlackSuit Ransomware - https://www.deepinstinct.com/blog/deep-dive-exposing-stealthy-new-blacksuit-ransomware 

Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks - https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html 

Qilin Revisited: Diving into the techniques and procedures of the recent Qilin Ransomware Attacks - https://www.group-ib.com/blog/qilin-revisited/ 

Satori Threat Intelligence Alert: Konfety Spreads ‘Evil Twin’ Apps for Multiple Fraud Schemes - https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-konfety-spreads-evil-twin-apps-for-multiple-fraud-schemes 

CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin - https://lists.apache.org/thread/nx6g6htyhpgtzsocybm242781o8w5kq9 

Post da Fundação ShadowServer sibre os ataques em que se busca explorar a vulnerabilidade CVE-2024-27348 https://infosec.exchange/@shadowserver/112795058069606954 

Oracle Critical Patch Update Advisory - July 2024 - https://www.oracle.com/security-alerts/cpujul2024.html 

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks - https://www.trendmicro.com/en_us/research/24/g/CVE-2024-38112-void-banshee.html 

NEW BUGSLEEP BACKDOOR DEPLOYED IN RECENT MUDDYWATER CAMPAIGNS - https://research.checkpoint.com/2024/new-bugsleep-backdoor-deployed-in-recent-muddywater-campaigns/ 

MuddyWater replaces Atera by custom MuddyRot implant in a recent campaign - https://blog.sekoia.io/muddywater-replaces-atera-by-custom-muddyrot-implant-in-a-recent-campaign/#h-muddyrot-analysis 

Investigating the New Jellyfish Loader - https://cyble.com/blog/investigating-the-new-jellyfish-loader/ 

APT44: Unearthing Sandworm - https://services.google.com/fh/files/misc/apt44-unearthing-sandworm.pdf 

CRITICAL FLAW IN EXIM MTA COULD ALLOW TO DELIVER MALWARE TO USERS’ INBOXES - https://securityaffairs.com/165649/hacking/critical-flaw-exim-mta.html 

Fake Microsoft Teams for Mac delivers Atomic Stealer - https://www.malwarebytes.com/blog/threat-intelligence/2024/07/fake-microsoft-teams-for-mac-delivers-atomic-stealer 

Braodo Info Stealer Targeting Vietnam and Abroad - https://www.cyfirma.com/research/braodo-info-stealer-targeting-vietnam-and-abroad/ 

DodgeBox: A deep dive into the updated arsenal of APT41 | Part  - https://www.zscaler.com/blogs/security-research/dodgebox-deep-dive-updated-arsenal-apt41-part-1 

'Chupa-cabra' e infiltrado: como hackers deram dano milionário ao INSS - https://www.uol.com.br/tilt/noticias/redacao/2023/07/12/chupa-cabra-e-infiltrado-como-hackers-deram-dano-milionario-ao-inss.htm

CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools - https://sysdig.com/blog/crystalray-rising-threat-actor-exploiting-oss-tools/ 

DarkGate: Dancing the Samba With Alluring Excel Files - https://unit42.paloaltonetworks.com/darkgate-malware-uses-excel-files/ 

New Malware Campaign Targeting Spanish Language Victims - https://cofense.com/blog/new-malware-campaign-targeting-spanish-language-victims/ 

Asia's SMS stealers: 1,000 bots and one study - https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/asia-s-sms-stealers-1-000-bots-and-one-study/#id0 

Microsoft and Adobe Patch Tuesday, July 2024 Security Update Review - https://blog.qualys.com/vulnerabilities-threat-research/2024/07/09/microsoft-patch-tuesday-july-2024-security-update-review 

RESURRECTING INTERNET EXPLORER: THREAT ACTORS USING ZERO-DAY TRICKS IN INTERNET SHORTCUT FILE TO LURE VICTIMS (CVE-2024-38112) - https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/ 

CVE-2024-37985 - FetchBench: Systematic Identification and Characterization of Proprietary Prefetchers - https://publications.cispa.saarland/3991/1/ccs23-fetchbench.pdf

CVE-2024-38021: Moniker RCE Vulnerability Uncovered in Microsoft Outlook - https://blog.morphisec.com/cve-2024-38021-microsoft-outlook-moniker-rce-vulnerability

Blast-RADIUS - https://www.blastradius.fail/ 

Patch or Peril: A Veeam vulnerability incident - https://www.group-ib.com/blog/estate-ransomware/

PHP CGI Argument Injection (CVE-2024-4577)- Vulnerability Analysis and Exploitation - https://www.cyfirma.com/research/php-cgi-argument-injection-cve-2024-4577-vulnerability-analysis-and-exploitation/

The Mechanics of ViperSoftX: Exploiting AutoIt and CLR for Stealthy PowerShell Execution - https://www.trellix.com/blogs/research/the-mechanics-of-vipersofts-exploiting-autoit-and-clr-for-stealthy-powershell-execution/ 

Justice Department Leads Efforts Among Federal, International, and Private Sector Partners to Disrupt Covert Russian Government-Operated Social Media Bot Farm - https://www.justice.gov/opa/pr/justice-department-leads-efforts-among-federal-international-and-private-sector-partners 

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action - https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-190a 

Decrypted: DoNex Ransomware and its Predecessors - https://decoded.avast.io/threatresearch/decrypted-donex-ransomware-and-its-predecessors/ 

CloudSorcerer – A new APT targeting Russian government entities - https://securelist.com/cloudsorcerer-new-apt-cloud-actor/113056/ 

Kematian-Stealer : A Deep Dive into a New Information Stealer - https://www.cyfirma.com/research/kematian-stealer-a-deep-dive-into-a-new-information-stealer/ 

Attack on cybersecurity researchers: pseudo-exploit for regreSSHion - https://www.kaspersky.com/blog/cve-2024-6387-regresshion-researcher-attack/51646/ 

Kimsuky Group’s New Backdoor Appears (HappyDoor) - https://asec.ahnlab.com/en/67660/ 

Turning Jenkins Into a Cryptomining Machine From an Attacker's Perspective - https://www.trendmicro.com/en_us/research/24/g/turning-jenkins-into-a-cryptomining-machine-from-an-attackers-pe.html 

Cloudflare 1.1.1.1 incident on June 27, 2024 - https://blog.cloudflare.com/cloudflare-1111-incident-on-june-27-2024/