Author

Black & White Path

We are the beacon of the cyber world, a stepping stone on the road to security.

219

Articles

Likes

Views

Comments

Latest from Black & White Path

100 recent articles max

Black & White Path

Apr 10, 2026 · Blockchain

North Korean “Ghost” Developers Infiltrate DeFi: Multi‑Role Ops Across Multiple Projects

An investigation reveals that North Korean state‑linked developers, using fake identities and remote tooling, have simultaneously held senior roles in several Solana‑based DeFi projects, leading to a sudden 62% TVL drop in Stabble and exposing systemic vulnerabilities in the industry’s hiring and audit practices.

Blockchain espionageDeFi securityOSINT investigation

0 likes · 10 min read

North Korean “Ghost” Developers Infiltrate DeFi: Multi‑Role Ops Across Multiple Projects

Black & White Path

Apr 10, 2026 · Information Security

Critical Flowise Flaw Enables Hackers to Compromise Thousands of AI Workflows

Researchers discovered a critical CVE‑2025‑59528 in Flowise's custom MCP node that allows arbitrary JavaScript execution, was patched in version 3.0.6, yet thousands of instances remain exposed and were actively exploited in the wild as reported by VulnCheck.

AI workflow securityArbitrary code executionCVE-2025-59528

0 likes · 5 min read

Critical Flowise Flaw Enables Hackers to Compromise Thousands of AI Workflows

Black & White Path

Apr 9, 2026 · Information Security

North Korean IT Worker’s ‘123456’ Password Exposes $1M Money‑Laundering Backend

An investigation by ZachXBT uncovered that a North Korean IT laborer’s use of the default password “123456” on the internal payment platform luckyguys.site allowed researchers to access a $1 million‑per‑month money‑laundering operation, revealing weak OpSec, infostealer infection, forged identities, and links to OFAC‑sanctioned companies.

Information SecurityOPSECblockchain

0 likes · 7 min read

North Korean IT Worker’s ‘123456’ Password Exposes $1M Money‑Laundering Backend

Black & White Path

Apr 9, 2026 · Information Security

When AI Steals Jobs: Lessons from Claude Mythos Ban for Security Professionals

Anthropic’s decision to withhold the powerful Claude Mythos model sparked a joint industry effort called Project Glasswing, revealing how AI can dramatically accelerate vulnerability discovery and prompting security professionals to rethink their roles, adopt AI tools, and evolve their skill sets.

AI securityClaude MythosProject Glasswing

0 likes · 9 min read

When AI Steals Jobs: Lessons from Claude Mythos Ban for Security Professionals

Black & White Path

Apr 8, 2026 · Artificial Intelligence

Run Massive AI Models on a Single PC: The 1‑Bit LLM Revolution

Microsoft’s open‑source bitnet.cpp transforms 100‑billion‑parameter LLM inference from GPU‑only to ordinary CPUs by replacing floating‑point matrix multiplication with integer add‑subtract, cutting energy use by 82 %, memory by 90 % and delivering up to 6× speed on x86/ARM hardware.

1-bit LLMBitNetCPU inference

0 likes · 7 min read

Run Massive AI Models on a Single PC: The 1‑Bit LLM Revolution

Black & White Path

Apr 8, 2026 · Industry Insights

Who Gains the Most in the 2026 Hacker Forum Wars?

The 2026 showdown among BreachForums, NotBreachForums, and LAPSUS$ reveals how brand value, internal rivalries, and resurrection tactics shape the underground cybercrime market, with the FBI watching the chaos unfold while observers dissect the power dynamics.

BreachForumsLAPSUS$brand effect

0 likes · 7 min read

Who Gains the Most in the 2026 Hacker Forum Wars?

Black & White Path

Apr 7, 2026 · Information Security

How Attackers Exploit Outlook 365 to Force Capture of NTLM Hashes

Security researchers reveal that by embedding malicious UNC paths in specially crafted Outlook 365 emails or meeting invites, attackers can trigger automatic SMB authentication, steal the victim’s Net‑NTLMv2 hash, and subsequently perform offline cracking or NTLM relay attacks, posing a high‑stealth threat to enterprises.

NTLMNTLM relayOutlook 365

0 likes · 5 min read

How Attackers Exploit Outlook 365 to Force Capture of NTLM Hashes

Black & White Path

Apr 7, 2026 · Information Security

Ransomware ‘Shaming’ Attacks Surge: Over 2,000 Companies Exposed in 2026

Ransomware groups are increasingly using double‑extortion "shaming" tactics, publicly leaking stolen data to pressure victims, with Breachsense reporting more than 2,000 compromised firms in 2026, a 40% rise projected for the year, prompting new defensive strategies across industries.

CybersecurityThreat Intelligencedata breach

0 likes · 10 min read

Ransomware ‘Shaming’ Attacks Surge: Over 2,000 Companies Exposed in 2026

Black & White Path

Apr 7, 2026 · Industry Insights

How a Telegram Leak of 918 Databases Fueled a Dark‑Web Power Struggle

In early 2026 a rival hacker group released 918 previously paid breach databases for free on Telegram, exposing internal disputes within ShinyHunters and aiming to cripple their attempt to revive BreachForums by making the data openly available.

BreachForumsShinyHuntersTelegram

0 likes · 4 min read

How a Telegram Leak of 918 Databases Fueled a Dark‑Web Power Struggle

Black & White Path

Apr 6, 2026 · Information Security

Beyond Face Verification: Jinkusu Cam Triggers Trust Collapse in eKYC

The article dissects Jinkusu Cam, a real‑time deepfake and voice‑cloning tool that undermines eKYC facial verification, outlines its technical stack, highlights emerging fraud challenges, and proposes multi‑layered defensive strategies for financial institutions.

DeepfakeJinkusu CameKYC

0 likes · 11 min read