menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

14h

read

87

img
dot

Image Credit: Securityaffairs

Attackers exploited SonicWall SMA appliances since January 2025

  • Threat actors have been exploiting a remote code execution flaw in SonicWall SMA appliances since January 2025.
  • The vulnerability, CVE-2021-20035, allows remote authenticated attackers to inject arbitrary commands and potentially execute code.
  • The flaw affects SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v devices, and the vendor patched it in September 2021.
  • SonicWall SMA 100 series appliances have been targeted in an active campaign to steal VPN credentials using default or weak passwords.

Read Full Article

like

5 Likes

share

1 Share

source image

Coinpedia

18h

read

147

img
dot

Image Credit: Coinpedia

FTX’s Bankman-Fried Moved to Low-Security Prison, Home to Infamous Criminals

  • Sam Bankman-Fried, founder of the collapsed cryptocurrency exchange FTX, was transferred to the low-security Federal Correctional Institution Terminal Island.
  • Bankman-Fried made headlines for giving an unauthorized jailhouse interview with media personality Tucker Carlson, sparking public attention.
  • Bankman-Fried was convicted and sentenced to 25 years in prison for his role in the collapse of FTX, one of the largest frauds in cryptocurrency history.
  • There are speculations that Bankman-Fried's recent right-wing messaging could be a strategy to secure a pardon from President Trump.

Read Full Article

like

8 Likes

share

2 Shares

source image

Kitploit

19h

read

22

img
dot

Image Credit: Kitploit

Maryam - Open-source Intelligence(OSINT) Framework

  • OWASP Maryam is an open-source framework for OSINT and data gathering.
  • It provides a robust environment to harvest data from open sources and search engines quickly.
  • You can install Maryam via pip or from the GitHub repository.
  • The framework supports various modules for searching and gathering data.

Read Full Article

like

1 Like

share

Share

source image

Hackingblogs

23h

read

10.4k

img
dot

Image Credit: Hackingblogs

Samsung Phones Exposed to Major Security Vulnerabilities!

  • Millions of Samsung phones are saving passwords in plain text in the clipboard, posing a serious security vulnerability.
  • The clipboard in Samsung phones saves all copied content, including passwords, indefinitely and without auto-delete settings.
  • Samsung is aware of the issue but has not yet addressed it.
  • The lack of urgency in resolving the vulnerability exposes users to potential theft or leakage of passwords.

Read Full Article

like

17 Likes

share

23 Shares

source image

Securityaffairs

1d

read

120

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog

  • U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities catalog.
  • CISA added Apple products and Microsoft Windows NTLM vulnerabilities to its Known Exploited Vulnerabilities catalog.
  • Apple released security updates to address two vulnerabilities impacting iOS, iPadOS & macOS, which have been exploited in sophisticated attacks.
  • Microsoft fixed a Windows NTLM hash disclosure spoofing vulnerability, which has been actively exploited since March.

Read Full Article

like

7 Likes

share

1 Share

source image

Hackersking

2d

read

253

img
dot

Image Credit: Hackersking

How To Install Kali NetHunter Lite On Any Android Device

  • This blog provides a guide on how to install Nethunter Lite on any rooted Android device.
  • Prerequisites include having a rooted device with Magisk and installing BusyBox.
  • Download the suitable version of Kali NetHunter Lite based on your device's hardware details.
  • Use Magisk module to flash the downloaded file and reboot the device to access Nethunter applications.

Read Full Article

like

15 Likes

share

3 Shares

source image

Medium

52m

read

52

img
dot

Image Credit: Medium

The Critical Role of Information Security Across the Software Development Lifecycle (SDLC)

  • Baking security needs into the early phase of the software development lifecycle ensures it becomes part of the app's foundation.
  • Viewing the design through a security lens helps identify and fix weak spots before coding even begins.
  • Following secure coding practices is essential to prevent breaches caused by sloppy coding.
  • Thorough testing for vulnerabilities before launching the app is crucial to ensure nothing slips through the cracks.

Read Full Article

like

3 Likes

share

Share

source image

Hackersking

2h

read

84

img
dot

Image Credit: Hackersking

Robots Dot to Dot Nattapong: The Creative Future of EdTech & Robotics

  • Innovative idea 'Robots Dot to Dot Nattapong' merges robotics, artistry, and education to introduce STEM concepts creatively.
  • This approach combines robotic designs and dot-to-dot drawings to facilitate early-age learning of robotics and logic.
  • The method enhances skills like critical thinking, hand-eye coordination, and pattern recognition crucial for coding and engineering.
  • Dot to Dot Nattapong teaches children to envision robots in a mechatronic way, integrating mechanical structure and design.
  • The approach blends art, engineering, coding, and robotics, offering a holistic learning experience for young learners.
  • Educationally, this technique bridges EdTech and STEAM, engaging students through a medium they resonate with.
  • It aids in teaching visual learning, logic in sequence, enticement, STEM subjects, and the amalgamation of technical and creative aspects.
  • The creator behind 'Robots Dot to Dot Nattapong' likely focuses on developing educational content supporting creative learning in robotics.
  • This innovation envisions equal learning opportunities in robotics, potentially evolving into interactive applications and global learning communities.
  • Such creative learning approaches reshape traditional education molds, fostering creativity and technical skills in learners of all ages.

Read Full Article

like

5 Likes

share

1 Share

source image

Securityaffairs

1d

read

241

img
dot

Image Credit: Securityaffairs

ASUS routers with AiCloud vulnerable to auth bypass exploit

  • ASUS warns of an authentication bypass vulnerability in routers with AiCloud enabled.
  • The vulnerability, tracked as CVE-2025-2492, allows unauthorized execution of functions on the device.
  • The vulnerability can be exploited by sending a specially crafted request.
  • ASUS recommends updating firmware and using strong, unique passwords to mitigate the risk.

Read Full Article

like

14 Likes

share

3 Shares

source image

Kitploit

1d

read

177

img
dot

Image Credit: Kitploit

TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog

  • TruffleHog Explorer is a user-friendly web-based tool for visualizing and analyzing data extracted using TruffleHog.
  • TruffleHog is an open source secrets discovery and analysis tool used for finding credentials and sensitive data in repositories.
  • TruffleHog Explorer offers an improved UI/UX, powerful filtering options, and export capabilities for efficient review of potential secrets.
  • The tool supports GitHub TruffleHog JSON outputs, with plans to support additional formats and platforms in the future.

Read Full Article

like

10 Likes

share

2 Shares

source image

Hackingblogs

1d

read

9.4k

img
dot

Image Credit: Hackingblogs

Fake WhatsApp & Telegram Preinstalled on Chinese Android Phones: Millions Lost to Crypto-Stealing Malware

  • Fake WhatsApp & Telegram pre-installed on Chinese Android phones are infected with spyware that steals cryptocurrency.
  • Trojanized programs can scan photos for wallet seed phrases, spoof update links, and steal clipboard data.
  • The malware campaign is impacting low-cost Chinese phones, with more than 40 pre-installed apps compromised.
  • Users are advised to be cautious when interacting with unknown phone manufacturers and to use reliable programs and antivirus apps to protect their devices.

Read Full Article

like

24 Likes

share

25 Shares

source image

Securityaffairs

2d

read

46

img
dot

Image Credit: Securityaffairs

Entertainment venue management firm Legends International disclosed a data breach

  • Legends International disclosed a data breach from November 2024 that affected employees and visitors to its managed venues.
  • Legends International is a global leader in sports and entertainment venue management, specializing in delivering comprehensive solutions for stadiums, arenas, and attractions.
  • On November 9, 2024, Legends International detected unauthorized activity on its IT systems, took action to stop it, and launched an investigation with the help of external cybersecurity experts.
  • The company confirmed that a review is underway to determine if personal data was involved and is offering 24 months of free Experian IdentityWorks as a precaution.

Read Full Article

like

2 Likes

share

Share

source image

TheNewsCrypto

2d

read

19

img
dot

Crypto Exchange eXch to Shut Down Following Bybit Hack Money Laundering Allegations

  • Crypto exchange eXch will shut down on May 1 this year.
  • The firm is accused of having connections to the Lazarus group in the recent $1.4B Bybit hack.
  • eXch to employ Cease and Retreat strategy.
  • eXch announces 50 BTC open-source fund to support privacy solutions.

Read Full Article

like

1 Like

share

Share

source image

Kitploit

2d

read

43

img
dot

Image Credit: Kitploit

PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data

  • PANO is an OSINT investigation platform that combines graph visualization, timeline analysis, and AI tools to uncover hidden connections in data.
  • To get started with PANO, clone the repository and run the application using the provided scripts for Linux and Windows.
  • Key features include interactive graph visualization, timeline analysis, map integration, entity management for different types like email addresses and locations, and custom entity creation.
  • PANO's transform system allows for operations like email analysis, username search, image analysis, and AI integration for natural language investigation and pattern recognition.
  • The platform also provides specialized helpers for tasks such as cross-examination, portrait creation, media analysis, and translation.
  • Contributions to PANO are welcome, with guidelines on forking the repository, making changes, testing, and submitting pull requests provided.
  • System requirements for PANO include Python 3.11+, PySide6 for GUI, and an internet connection for online features.
  • Developers can create custom entities for specific data structures and behaviors, as well as custom transforms and helpers to extend PANO's functionality.
  • The project is licensed under CC BY-NC, allowing sharing and adaptation with appropriate attribution and for non-commercial use.
  • PANO was created by ALW1EZ and is available for download to explore its advanced OSINT investigation capabilities.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

2d

read

263

img
dot

Image Credit: Securityaffairs

China-linked APT Mustang Panda upgrades tools in its arsenal

  • China-linked APT group Mustang Panda deployed a new custom backdoor, MQsTTang, in recent attacks targeting Europe, Asia, and Australia.
  • The APT group has been active since at least 2012, targeting American and European entities as well as Asian countries.
  • Recent campaigns of APT Mustang Panda utilized European Union reports on the conflict in Ukraine as lures to deploy malware.
  • The group has introduced new tools such as MQsTTang backdoor, StarProxy lateral movement tool, and several keyloggers for enhanced stealth and functionality.

Read Full Article

like

15 Likes

share

3 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app