Available now! Telegram Research 2025 β the year's key insights 
cKure Red
Open in Telegram
The director's cut on critical feeds from InfoSec world π Main Channel: @cKure βοΈ or queries email us π¨ i@ckure.org
Show more2 601
Subscribers
+1824 hours
+347 days
+7630 days
Data loading in progress...
Similar Channels
Tags Cloud
Incoming and Outgoing Mentions
---
---
---
---
---
---
Attracting Subscribers
June '26
June '26
+93
in 2 channels
May '26
+82
in 1 channels
Get PRO
April '26
+81
in 2 channels
Get PRO
March '26
+69
in 2 channels
Get PRO
February '26
+51
in 2 channels
Get PRO
January '26
+119
in 2 channels
Get PRO
December '25
+81
in 2 channels
Get PRO
November '25
+86
in 1 channels
Get PRO
October '25
+54
in 3 channels
Get PRO
September '25
+56
in 3 channels
Get PRO
August '25
+34
in 2 channels
Get PRO
July '25
+39
in 3 channels
Get PRO
June '25
+41
in 2 channels
Get PRO
May '25
+71
in 3 channels
Get PRO
April '25
+36
in 1 channels
Get PRO
March '25
+37
in 2 channels
Get PRO
February '25
+50
in 1 channels
Get PRO
January '25
+29
in 1 channels
Get PRO
December '24
+75
in 3 channels
Get PRO
November '24
+112
in 3 channels
Get PRO
October '24
+65
in 1 channels
Get PRO
September '24
+110
in 1 channels
Get PRO
August '24
+114
in 1 channels
Get PRO
July '24
+127
in 6 channels
Get PRO
June '24
+53
in 2 channels
Get PRO
May '24
+70
in 2 channels
Get PRO
April '24
+158
in 26 channels
Get PRO
March '24
+95
in 2 channels
Get PRO
February '24
+153
in 24 channels
Get PRO
January '24
+114
in 2 channels
Get PRO
December '23
+96
in 1 channels
Get PRO
November '23
+28
in 1 channels
Get PRO
October '23
+34
in 1 channels
Get PRO
September '23
+22
in 0 channels
Get PRO
August '23
+32
in 0 channels
Get PRO
July '23
+31
in 0 channels
Get PRO
June '23
+32
in 0 channels
Get PRO
May '23
+16
in 0 channels
Get PRO
April '23
+29
in 0 channels
Get PRO
March '23
+22
in 0 channels
Get PRO
February '23
+18
in 0 channels
Get PRO
January '23
+28
in 0 channels
Get PRO
December '22
+33
in 0 channels
Get PRO
November '22
+33
in 0 channels
Get PRO
October '22
+12
in 0 channels
Get PRO
September '22
+14
in 0 channels
Get PRO
August '22
+38
in 0 channels
Get PRO
July '22
+34
in 0 channels
Get PRO
June '22
+30
in 0 channels
Get PRO
May '22
+38
in 0 channels
Get PRO
April '22
+40
in 0 channels
Get PRO
March '22
+51
in 0 channels
Get PRO
February '22
+23
in 0 channels
Get PRO
January '22
+39
in 0 channels
Get PRO
December '21
+243
in 0 channels
| Date | Subscriber Growth | Mentions | Channels | |
| 26 June | +1 | |||
| 25 June | +22 | |||
| 24 June | +4 | |||
| 23 June | +2 | |||
| 22 June | +1 | |||
| 21 June | +2 | |||
| 20 June | +7 | |||
| 19 June | +5 | |||
| 18 June | +1 | |||
| 17 June | +2 | |||
| 16 June | +3 | |||
| 15 June | +3 | |||
| 14 June | +1 | |||
| 13 June | +2 | |||
| 12 June | +2 | |||
| 11 June | +1 | |||
| 10 June | 0 | |||
| 09 June | +2 | |||
| 08 June | +3 | |||
| 07 June | +2 | |||
| 06 June | +4 | |||
| 05 June | +1 | |||
| 04 June | +2 | |||
| 03 June | +6 | |||
| 02 June | +9 | |||
| 01 June | +5 |
Channel Posts
| 2 | π The Eternal Jew rises with same tricks up the sleeve: βPopaβ Botnet Linked to Publicly-Traded Israeli Firm
https://x.com/i/status/2067993607597092865 | 746 |
| 3 | Exploiting CVE-2024-1065 via the Page Cache!
A strategy for physical-page UAFs in MIGRATE_MOVABLE, where Dirty Pagetable and Dirty Cred don't apply.
https://kuzey.rs/posts/MaliUAF/
Demonstrated on the Mali GPU UAF found by Project Zero. | 673 |
| 4 | Free research papers
https://sci-bot.ru/ | 1 139 |
| 5 |  π‘π
°οΈπ
°οΈπ
°οΈββπ
°οΈπ
°οΈπ
°οΈπ
°οΈ
PimEyes.Com | 1 317 |
| 6 | π©βπ» Performing RCE in Internet Explorer via clickjacking!
Credits: Igor Sak-Sakovsky's (π | Psych0tr1a)
https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/ | 1 323 |
| 7 | π‘π° For 19 years, GPS satellites have secretly broadcast a βnumbers stationβ in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, βghostβ substrings repeating years apart, and a βTEXTβ prefix spreading now.
https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer
https://github.com/sjmurdoch/gps-special-messages
https://x.com/i/status/2061829547289387209 | 1 735 |
| 8 | ππππ€ππππ
Transfer data between devices using just QR codes!
QR-Beam β A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 |
| 9 | ππππ€ππππ
Transfer data between devices using just QR codes!
QR-Beam β A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 |
| 10 | ππππ€ππππ
Transfer data between devices using just QR codes!
QR-Beam β A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 206 |
| 11 | π Mini Plasma Zero-Day by Chaotic Eclipse (aka Nightmare Eclipse) with a total of 6 0-Days in 6 weeks.
Official blog:
https://deadeclipse666.blogspot.com
https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge | 1 301 |
| 12 |  π±Anthropic co-founder says there is a "real possibility that AI will displace human labor at a very large scale," and that supporting those people "will be a moral imperative of historic proportions."
And we do not have a mechanism while most of the control of AI is with few wealthy nations and individuals. | 926 |
| 13 | π π π π π π π βπ π π
https://www.theverge.com/tech/935202/flipper-devices-one-zero-wireless-multi-tool-linux-open-source-computer | 1 408 |
| 14 | π€ ππππππ
Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent.
Opus implemented the agent and it works via Claude SDK with a Pro or Max subscription, no API.
https://github.com/evilsocket/audit
π | Simone | 1 499 |
| 15 |  π40K Starlink terminals hacked to lure Russians into a cyber trap as per anti-Russia propaganda news.
40,000 Starlink terminals go dark. Russian soldiers scramble for answers and turn to Telegram. They donβt realise theyβve just walked into a trap. The journalists travelled across Ukraine from Lviv to the front line in Zaporizhzhia to uncover a pretty audacious cyber operation. Meet Goldfinger and the 256 Cyber Assault Brigade and Yaro, and the 128th Mechanised Brigade, holding the line in the south. | 1 379 |
| 16 |  π€© βοΈβοΈβοΈβοΈβοΈβοΈ
LLM used to make a Zero-Day by APT group on a popular software.
The zero day was a 2FA bypass via logic bug πͺ²
Security researchers at Alphabetβs Google said they believe a cybercrime group used artificial intelligence to create a hacking tool that can bypass defenses in a widely-used tool to administer computer systems. The scheme, which was foiled when Google alerted the tool developer, would mark the first time that Googleβs Threat Intelligence Group caught a hacker using an AI-generated βzero-dayβ in such a way, according to a report published Monday. | 1 195 |
| 17 |  β οΈβ οΈβ οΈβ οΈβ οΈβ οΈ
CVE-2026-0073: Critical Android Zero-Click, Zero-Day exploit in wireless debugging (if enabled) can allow adjacent hacker (in same network) to execute code as shell user. | 1 426 |
| 18 |  π
°οΈπ
°οΈπ
°οΈπ’π
°οΈπ
°οΈπ
°οΈ
Devcore team chained βοΈβπ₯ 4 logic bugs to achieve sandbox escape in Microsoft Edge in PwnΒ²Own 2026, Berlin. | 1 187 |
| 19 | π€ Mythos finds a curl vulnerability.
https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/ | 1 296 |
| 20 |  πππππ’π’
FAST16 β Pre-Stuxnet Sabotage Malware (2005)
- Referenced in Shadow Brokers (2017) leak (βNOTHING TO SEE HEREβ)
- Compiled ~2005 β ~5 years before Stuxnet
- Type: Sabotage malware (not espionage)
Target
- High-precision engineering / simulation software
- Includes LS-DYNA, PKPM, MOHID
- Used for physics, impact, and advanced simulations (incl. nuclear-related domains)
Technique
- Kernel driver: "fast16.sys"
- In-memory patching of target processes
- Injects subtle calculation errors (floating-point manipulation)
- Goal: corrupt outputs while appearing normal
Propagation
- Worm-like spread via weak Windows network shares
Attribution
- Not confirmed
- Strong suspicion: US or allied origin (based on NSA-linked leak context)
Note
- LS-DYNA β purely βexplosive softwareβ
- Broader simulation usage; βexplosive calculationsβ is a subset use case | 1 781 |
