menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Hackingblogs

3w

read

1k

img
dot

Image Credit: Hackingblogs

ChatGPT, Gemini, DeepSeek, Copilot, and Other Major AI Models Affected by Policy Puppetry Prompt Injection (PPPI)

  • Policy Puppetry is a prompt injection technique that bypasses safety features in major AI models.
  • Attackers can create dangerous content by exploiting this technique and bypassing safety measures.
  • Popular AI models affected by Policy Puppetry Prompt Injection (PPPI) include ChatGPT, Gemini, DeepSeek, Copilot, and others.
  • The attack leverages a flaw in the way AI models manage data regarding policies and poses significant security concerns.

Read Full Article

like

25 Likes

share

6 Shares

source image

Securityaffairs

3w

read

189

img
dot

Image Credit: Securityaffairs

CEO of cybersecurity firm charged with installing malware on hospital systems

  • CEO of cybersecurity firm Veritaco, Jeffrey Bowie, charged with violating Oklahoma's Computer Crimes Act.
  • Bowie allegedly installed malware on employee computers at Oklahoma City St. Anthony Hospital on August 6, 2024.
  • Security footage shows Bowie attempting to access multiple offices and installing malicious software to capture and transmit screenshots.
  • No patient data was accessed, and the unauthorized attempt was quickly contained with the assistance of law enforcement.

Read Full Article

like

11 Likes

share

2 Shares

source image

Hackersking

3w

read

415

img
dot

Image Credit: Hackersking

Open Source Tool For Activating Microsoft Windows and Office

  • The struggle to activate Windows or Microsoft Office is surely a problem many face.
  • Microsoft Activation Scripts (MAS) is an open-source tool that greatly assists with activation woes without putting users at risk with virus-infected software or cracked versions.
  • MAS offers various activation methods including HWID Activation, KMS38 Activation, Online KMS Activation, Ohook Activation, and TS-Forge Activation to cater to different system setups.
  • MAS is considered safe and legal as it is open-source and transparent. However, it is recommended to use it for testing, educational purposes, or development to adhere to Microsoft's terms of service.

Read Full Article

like

24 Likes

share

5 Shares

source image

Arstechnica

3w

read

92

img
dot

Image Credit: Arstechnica

FBI offers $10 million for information about Salt Typhoon members

  • The FBI is offering $10 million for information about the China-state hacking group tracked as Salt Typhoon and its intrusion into sensitive networks belonging to US telecommunications companies.
  • Salt Typhoon is one of the hacking groups working for the People’s Republic of China and is believed to be behind espionage attacks to collect vital information.
  • The FBI announced the reward of up to $10 million, relocation assistance, and other compensation for information about Salt Typhoon's members and their compromise of US telecommunications companies.
  • The offer is part of the agency's efforts to combat cybersecurity threats and obtain crucial information about state-sponsored hacking groups.

Read Full Article

like

5 Likes

share

1 Share

source image

Securityaffairs

3w

read

110

img
dot

Image Credit: Securityaffairs

JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure

  • Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS).
  • JPCERT/CC researchers reported that a new malware, dubbed DslogdRAT, and a web shell were deployed by exploiting a zero-day vulnerability during attacks on Japanese organizations in December 2024.
  • The vulnerability, tracked as CVE-2025-0282 (CVSS score: 9.0), is a stack-based buffer overflow that impacts Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3.
  • DslogdRAT spawns two child processes: one stays idle in a loop, while the second handles core functions like C2 communication and command execution via the pthread library.

Read Full Article

like

6 Likes

share

1 Share

source image

Securityaffairs

3w

read

132

img
dot

Image Credit: Securityaffairs

SAP NetWeaver zero-day allegedly exploited by an initial access broker

  • A zero-day vulnerability in SAP NetWeaver, tracked as CVE-2025-31324, is potentially being exploited.
  • The vulnerability allows unauthenticated attackers to upload malicious executable files to the system.
  • Once the files are uploaded, the attackers can execute them on the host system, leading to a full compromise of the SAP environment.
  • The vulnerability has been patched by SAP, and researchers recommend applying the patch to mitigate the risk.

Read Full Article

like

7 Likes

share

1 Share

source image

Kitploit

3w

read

76

img
dot

Image Credit: Kitploit

Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit

  • Frogy 2.0 is an ASM toolkit for automating external recon to identify an organization's entire internet presence.
  • It aggregates assets using tools like CHAOS, Subfinder, crt.sh, and validates them with live DNS resolution.
  • The toolkit focuses on in-depth web recon by gathering detailed HTTP response data with HTTPX.
  • It smartly prioritizes assets based on factors like homepage status, login interfaces, technology stack, and generates risk scores.
  • Features include professional reporting with dynamic HTML reports and color-coded risk scoring.
  • Risk scoring is based on asset attractiveness, considering factors like purpose, URLs found, login interfaces, HTTP status, TLS version, and more.
  • Each factor contributes points to the risk score, helping prioritize assets for deeper testing by pentesters.
  • Installation involves cloning the repository and running an installer script to set up dependencies and tools.
  • The toolkit's future roadmap includes enhancements like security and compliance data, analytics, identifying endpoints, and more.
  • Frogy 2.0 aims to help security teams focus on assets that are more complex, privileged, or likely to be misconfigured.
  • It provides a systematic approach to identifying and prioritizing potential attack surfaces for testing and securing an organization's digital footprint.

Read Full Article

like

4 Likes

share

1 Share

source image

Hackingblogs

3w

read

88

img
dot

Image Credit: Hackingblogs

TikTok Hacked? 972,528 Passwords at Risk in Alleged Data Leak

  • The hackers group R00TK1T ISC CYBER TEAM claims to have infiltrated TikTok and obtained the passwords of 972,528 users.
  • TikTok and its parent company have been accused of ignoring user account problems and failing to take action in response.
  • R00TK1T ISC CYBER TEAM has a history of high-profile cyberattacks in Asia, the Middle East, and Africa.
  • The leaked data includes 972,528 email and password combinations, but the authenticity and impact of the leak are still being investigated.

Read Full Article

like

5 Likes

share

1 Share

source image

Securityaffairs

3w

read

309

img
dot

Image Credit: Securityaffairs

Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita

  • The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data.
  • DaVita Inc. provides kidney dialysis services worldwide and is currently investigating and addressing a recent cybersecurity incident that disrupted certain internal operations.
  • The Interlock ransomware gang claimed to have stolen 1510 GB of sensitive data, including patient records, insurance, and financial information.
  • DaVita's network was encrypted by InterLock Ransomware and the gang leaked the alleged stolen files on their data leak site.

Read Full Article

like

18 Likes

share

4 Shares

source image

Securityaffairs

3w

read

190

img
dot

Image Credit: Securityaffairs

Yale New Haven Health (YNHHS) data breach impacted 5.5 million patients

  • Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack.
  • Yale New Haven Health (YNHHS) disclosed a data breach that exposed personal information of 5.5 million patients.
  • On March 11, 2025, YNHHS faced a cybersecurity incident affecting IT services, which was contained with help from cybersecurity firm Mandiant.
  • The stolen data includes personal information such as full name, date of birth, home address, telephone number, email address, race/ethnicity, Social Security number, patient type, and medical record number.

Read Full Article

like

11 Likes

share

2 Shares

source image

Siliconangle

3w

read

82

img
dot

Image Credit: Siliconangle

Dashlane launches AI-powered Omnix platform to tackle phishing and shadow IT

  • Dashlane Inc. has launched Dashlane Omnix, an AI-accelerated credential security platform designed to address AI-powered phishing and shadow IT.
  • Dashlane Omnix unifies proactive intelligence, real-time response, and protected access to offer complete credential security across businesses.
  • The platform aims to combat the increase in phishing attacks and the rise of unmanaged AI apps driving shadow IT.
  • Dashlane Omnix provides intelligent detection of malicious websites and offers proactive credential protection, secure storage, and in-context alerts.

Read Full Article

like

4 Likes

share

1 Share

source image

Kitploit

3w

read

398

img
dot

Image Credit: Kitploit

PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More

  • PEGASUS-NEO is a comprehensive penetration testing framework designed for security professionals and ethical hackers.
  • It combines multiple security tools and custom modules for reconnaissance, exploitation, wireless attacks, web hacking, and more.
  • The framework offers features such as network scanning, password attacks, WiFi cracking, web attacks, phishing templates, and tracking & analysis.
  • PEGASUS-NEO is provided for educational and ethical testing purposes only, and it is the user's responsibility to comply with applicable laws.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securityaffairs

3w

read

30

img
dot

Image Credit: Securityaffairs

Crooks exploit the death of Pope Francis

  • Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware.
  • Cybercriminals are ready to exploit any event of global interest, it has already happened in the past during events like Queen Elizabeth II’s death or the COVID-19 pandemic.
  • Disinformation and fake news spread like wildfire during these events, with cybercriminals using AI-generated images and videos to fuel conspiracy theories and draw clicks and shares.
  • To protect oneself, it is advised to keep the browser and OS up to date, use trusted web protection tools, be skeptical of sensational headlines, avoid clicking on suspicious links, and invest in a comprehensive security suite.

Read Full Article

like

1 Like

share

Share

source image

Securityaffairs

3w

read

261

img
dot

Image Credit: Securityaffairs

WhatsApp introduces Advanced Chat Privacy to protect sensitive communications

  • WhatsApp introduces Advanced Chat Privacy feature to protect sensitive communications.
  • The feature blocks chat exports, auto-media downloads, and the use of messages in AI features.
  • Users can enable Advanced Chat Privacy by selecting the option in the chat settings.
  • WhatsApp has recently launched an encrypted system to prevent contact loss during phone changes.

Read Full Article

like

15 Likes

share

3 Shares

source image

Securelist

4w

read

398

img
dot

Image Credit: Securelist

Operation SyncHole: Lazarus APT goes back to the well

  • The Lazarus group conducted the "Operation SyncHole" attack campaign targeting South Korean organizations, combining a watering hole strategy and vulnerability exploitation in South Korean software.
  • At least six organizations in South Korea's software, IT, financial, semiconductor, and telecommunications sectors were affected, with a focus on exploiting vulnerabilities in key software.
  • Lazarus used variants of malicious tools like ThreatNeedle, Agamemnon downloader, and SIGNBT during the campaign, exploiting a vulnerability in Cross EX software to compromise organizations.
  • The campaign involved a combination of watering hole attacks and exploitation of the Innorix Agent for lateral movement, impacting more organizations beyond the initially identified six.
  • Multiple malware execution chains were observed, involving ThreatNeedle, wAgent, SIGNBT, and COPPERHEDGE, indicating the group's evolving strategies and advanced capabilities.
  • The attackers leveraged vulnerabilities in South Korean software, such as Cross EX and Innorix Agent, for privilege escalation, lateral movement, and delivery of additional malware.
  • Detailed analysis revealed the actor's post-exploitation tactics, Windows command execution, infrastructure setup using compromised C2 servers, and their mistake in using the taskkill command.
  • The Lazarus group's evolving malware, asymmetric encryption use, and operational structure demonstrate a sophisticated and ongoing threat to South Korean entities, with a focus on supply chain attacks.
  • Mitigation efforts involved reporting vulnerabilities to KrCERT, monitoring and analyzing malware behavior, and swift response to minimize damage and prevent further exploitation by the group.
  • Kaspersky products detect the exploits and malware used in the attack, providing indicators of compromise to help organizations identify and remediate potential threats.

Read Full Article

like

23 Likes

share

5 Shares

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app