A naukri.com initiative
Hacking News
Hackingblogs
6d
82
Image Credit: Hackingblogs
Bug Bounty 10-Day Complete Free Training: Day8 – Learning CMS Exploitation
- Day 8 of the Bug Bounty Beginner Course focuses on learning CMS exploitation to refine skills in identifying and exploiting vulnerabilities within popular CMS platforms.
- CMS (Content Management System) allows non-programmers to manage digital content for websites, with examples like WordPress, Joomla, Drupal, Wix, and Shopify.
- WordPress, Joomla, and Drupal offer various functionalities catering to different website complexities and user levels.
- Tools like WPScan for WordPress and Joomscan for Joomla aid in scanning for vulnerabilities related to plugins, themes, and weak passwords.
- WPScan is used to identify outdated plugins, weak passwords, and more on WordPress websites, ensuring security researchers and bug bounty hunters locate flaws efficiently.
- Joomscan is utilized for Joomla websites to enumerate components and perform security scans for configuration errors and vulnerabilities.
- DroopScan is a Drupal security scanner that discovers common problems and vulnerabilities within Drupal-based websites.
- Further integration of CMS exploitation with Exploit DB and understanding OWASP top 10 bugs will be covered in upcoming sessions of the 10-day Bootcamp.
- Learning CMS exploitation enhances web development and vulnerability testing capabilities, providing a foundation for handling security issues effectively.
- The curriculum aims to equip participants with comprehensive knowledge and practical skills to succeed in bug bounty programs and security testing endeavors.
Read Full Article
4 Likes
Securityaffairs
6d
358
Image Credit: Securityaffairs
BlackLock Ransomware Targeted by Cybersecurity Firm
- Resecurity found an LFI flaw in the leak site of BlackLock ransomware, exposing clearnet IPs and server details.
- Cybersecurity experts exploited the vulnerability and obtained additional information related to the ransomware network infrastructure.
- BlackLock Ransomware is one of the fastest-growing strains, targeting organizations in various sectors across different countries.
- The rebranding of BlackLock as Mamona Ransomware and the takeover by DragonForce group are potential developments in this scenario.
Read Full Article
21 Likes
Pymnts
6d
152
Image Credit: Pymnts
Future of Bank Security Is Being Written by Ethical Hackers
- Banks are evolving their security postures to keep up with digital transformation and the ever-changing attack surface.
- Traditional pen testing is being replaced by adaptive resilience and intelligent models that combine AI with ethical hacking.
- Strike 360, an AI-driven platform, is automating the pen test process, increasing speed and precision.
- In the future, the majority of companies will rely on automated testing, with hybrid models only for critical assets.
Read Full Article
9 Likes
Securityaffairs
6d
107
Image Credit: Securityaffairs
Google fixed the first actively exploited Chrome zero-day since the start of the year
- Google has fixed a high-severity security vulnerability in the Chrome browser for Windows.
- The flaw, tracked as CVE-2025-2783, was actively exploited in attacks targeting organizations in Russia.
- The vulnerability lies in the Mojo IPC library on Windows, which is used to enhance Chrome's security.
- Details about the attacks and threat actors were not disclosed by Google.
Read Full Article
6 Likes
Securityaffairs
6d
210
Image Credit: Securityaffairs
Authentication bypass CVE-2025-22230 impacts VMware Windows Tools
- Broadcom released security updates to address a high-severity authentication bypass vulnerability, CVE-2025-22230, in VMware Tools for Windows.
- The vulnerability allows low-privileged local attackers to escalate privileges on vulnerable VMs without user interaction.
- The flaw affects VMware Tools versions 12.x.x, 11.x.x for Windows, Linux, and macOS. The company addressed the vulnerability in VMware Tools 12.5.1.
- This is the latest security issue addressed by Broadcom, following the earlier release of security updates for zero-day vulnerabilities in various VMware ESX products.
Read Full Article
12 Likes
TronWeekly
6d
183
Image Credit: TronWeekly
Abracadabra.Money Hit by $13 Million Exploit Amid GMX Integration Breach
- $13 million in Ethereum stolen from Abracadabra.Money’s GMX-integrated pools.
- GMX’s core contracts remain secure, limiting the exploit to Abracadabra’s cauldrons.
- Stolen funds moved from Arbitrum to Ethereum, dispersed across three addresses.
- The breach affected Abracadabra.Money's smart contracts, but not GMX's core contracts.
Read Full Article
10 Likes
Securelist
6d
194
Image Credit: Securelist
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
- Kaspersky detects a wave of infections caused by highly sophisticated malware targeting Google Chrome users.
- The malware exploits a zero-day vulnerability in Google Chrome to escape the browser's sandbox protection.
- Kaspersky reports the vulnerability to Google, who releases an update to fix the issue.
- The attack appears to be the work of a state-sponsored APT group and the goal seems to be espionage.
Read Full Article
11 Likes
Securityaffairs
7d
178
Image Credit: Securityaffairs
Android malware campaigns use .NET MAUI to evade detection
- Researchers warn of a new Android malware that uses .NET MAUI to mimic legit services and evade detection.
- The malware disguises itself as legitimate services to steal sensitive information from users.
- It uses hidden C# blob binaries instead of traditional DEX files for evasion.
- Malware authors leverage various techniques like multi-stage loading and encryption to obfuscate the malicious behaviors.
Read Full Article
10 Likes
Securityaffairs
7d
228
Image Credit: Securityaffairs
Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack
- South Africa's largest poultry producer, Astral Foods, suffered a cyberattack resulting in over $1 million in losses.
- The cyberattack disrupted deliveries and impacted operations of the company.
- Astral Foods implemented disaster recovery protocols and confirmed no sensitive data was compromised.
- The company warned investors about the potential impact on earnings per share for the current financial period.
Read Full Article
13 Likes
Securityaffairs
7d
120
Image Credit: Securityaffairs
A cyberattack hits Ukraine’s national railway operator Ukrzaliznytsia
- A cyberattack on Ukraine's national railway operator Ukrzaliznytsia disrupted online ticket services, causing long lines at Kyiv’s station.
- The attack did not impact train operations. Ukrzaliznytsia is investigating the attack and restoring the affected systems with the help of the Cyber Department of the Security Service of Ukraine.
- Railways are essential for Ukraine’s transportation, evacuation, and supply chains amid the ongoing war. With airports closed, Ukrzaliznytsia plays a crucial role in moving people, delivering aid, and exporting goods, underscoring the need to protect critical infrastructure.
- Authorities did not attribute the attack to a specific threat actor, however, past attacks on Ukraine’s critical infrastructure have been linked to Russian nation-state actors.
Read Full Article
7 Likes
Securelist
7d
340
Image Credit: Securelist
Financial cyberthreats in 2024
- Financial cyberthreats, including phishing and malware, are a significant part of the global cyberthreat landscape as digital transactions increase yearly.
- The 2024 report by Kaspersky focuses on banking Trojans and phishing targeting online banking, shopping accounts, and cryptocurrency wallets.
- Key findings include a rise in financial phishing attempts, with banks being the top lure and cryptocurrency phishing seeing a substantial increase.
- PC malware affecting financial users decreased, while mobile banking malware attacks nearly quadrupled in 2024.
- Popular targets for phishing include banks, online shopping sites like Amazon, and payment systems, with PayPal being a frequent target.
- Cryptocurrency phishing scams are on the rise, with an 83.37% increase in 2024 compared to the previous year.
- Cybercriminals use various tactics like fake prizes, free offers, and account verification scams to deceive victims into sharing financial data.
- Top organizations mimicked by phishing sites in 2024 include Amazon, Apple, and PayPal, with phishing attacks targeting both individuals and businesses.
- To defend against financial cyberthreats, users are advised to use strong authentication, avoid suspicious links, and employ reliable security solutions.
- For businesses, updating software, educating employees on security practices, and implementing strict security policies are recommended measures.
Read Full Article
20 Likes
Hackersking
7d
158
Image Credit: Hackersking
A Open-Source Multiboot USB Solution Ventoy
- Ventoy is an open-source multiboot USB solution that simplifies the creation of bootable USB drives.
- Key features of Ventoy include direct booting from image files, support for multiple image formats, multiboot capability, persistence support, and being open-source and actively maintained.
- To install Ventoy, download the latest release, prepare the USB drive, run the installation executables, and add image files to the USB drive. Booting from the Ventoy USB drive allows users to select the desired image from a menu.
- Ventoy is a convenient tool for creating a versatile and easily manageable multiboot USB drive without the need for constant reformatting.
Read Full Article
9 Likes
Idownloadblog
7d
383
Image Credit: Idownloadblog
Nugget v5 officially released with support for animated wallpapers, other bug fixes & improvements
- The Nugget v5.0 update has been officially released, introducing animated wallpapers for iPhones and iPads.
- The update brings support for applying animated wallpapers using .tendies files.
- Users can download community-based wallpapers or create their own using a Mac.
- Future updates may include video wallpaper capabilities.
Read Full Article
23 Likes
Securityaffairs
1w
196
Image Credit: Securityaffairs
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools
- Medusa ransomware campaign tracked by Elastic Security Labs.
- Attackers use a malicious Windows driver named ABYSSWORKER to disable EDR tools.
- Driver masquerades as a CrowdStrike Falcon driver and is signed with a revoked Chinese certificate.
- ABYSSWORKER uses various techniques to obstruct static analysis and disable EDR systems.
Read Full Article
11 Likes
Securityaffairs
1w
267
Image Credit: Securityaffairs
Attackers can bypass middleware auth checks by exploiting critical Next.js flaw
- A critical flaw in the Next.js React framework could be exploited to bypass authorization checks under certain conditions.
- The Next.js React framework has addressed the vulnerability in versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
- Authorization checks in Next.js middleware can be bypassed, potentially allowing unauthorized access.
- Next.js users are advised to update their framework or use a workaround to protect their applications.
Read Full Article
16 Likes
For uninterrupted reading, download the app