A naukri.com initiative
Hacking News
Securityaffairs
1w
342
Image Credit: Securityaffairs
A flaw in Catwatchful spyware exposed logins of +62,000 users
- A flaw in the Catwatchful Android spyware exposed the full user database, leaking email addresses and plaintext passwords of over 62,000 users, including customers and the admin.
- Catwatchful, a spyware posing as a child monitoring app, is used for non-consensual surveillance, enabling access to victims' private data and real-time phone content.
- The spyware's database exposed around 62,000 accounts and data from 26,000 victims, primarily in Mexico, Colombia, India, and other Latin American countries, with the administrator's identity also revealed.
- Security researcher Eric Daigle found a SQL injection flaw in Catwatchful, leading to the exposure of plaintext logins and passwords, which prompted actions from Google's Safe Browsing and the Firebase team but the database remained online.
Read Full Article
20 Likes
Hackersking
1w
21
Image Credit: Hackersking
Phishing Attack Through WinRAR File Archiver Simulation Using .Zip Domain
- Google released new top-level domains in May 2023, including .zip, raising cybersecurity concerns.
- Cybercriminals can use TLDs like .zip to simulate phishing attacks, tricking users into downloading malicious files.
- An example phishing website was created to demonstrate how a .zip domain can be used for attacks, emulating WinRAR and Windows 11.
- Organizations are advised to block .zip and .mov domains to prevent phishing attacks leveraging these new TLDs.
Read Full Article
1 Like
Hackersking
1w
300
Image Credit: Hackersking
ecryptobit.com Ethereum: A Simple Guide to Understanding and Investing in Ethereum
- Ethereum is a popular cryptocurrency that allows the creation of decentralized applications (dApps) and operates on a blockchain.
- Key features of Ethereum include smart contracts, decentralization, and its primary cryptocurrency Ether (ETH).
- ecryptobit.com provides resources for users to understand and invest in Ethereum through learning tools, market analysis, security tips, and step-by-step investment guides.
- Considerations before investing in Ethereum include starting with manageable amounts, prioritizing security, staying informed, and being cautious of scams.
Read Full Article
18 Likes
Hackersking
1w
376
Image Credit: Hackersking
App Development for Startups with Garage2Global: Start Your Digital Journey
- Startups need mobile apps for customer management and strategic growth in the digital era.
- Garage2Global assists startups in app development, from launch to scaling for a competitive edge.
- Benefit of apps for startups include direct client engagement, brand recall, and user data insights.
- Garage2Global stands out for its affordable pricing, tech expertise, and custom app solutions.
- The process with Garage2Global involves idea discussion, design, development, testing, launch, and support.
Read Full Article
22 Likes
Hackers-Arise
1w
275
Image Credit: Hackers-Arise
Network Espionage – Using Russian Cameras as Proxies, Part 2
- The article discusses the technique of reverse engineering to hack into devices like cameras that cannot be easily accessed through basic attacks like SSH brute-forcing or web panel login.
- It explains the process of obtaining and unpacking the camera's firmware, analyzing hashed passwords within the firmware to crack them using tools like hashcat, and gaining access via Telnet with the cracked password.
- The article further details the creation and installation of a bind shell on the camera to establish persistent access, involving steps such as generating a shell, converting it to a scriptable format, copying the payload to the device, and running it.
- The technique described in the article showcases how reverse engineering, firmware analysis, password cracking, and manual payload building can provide access to devices that may have weak security measures, facilitating network espionage with cameras as pivot points.
Read Full Article
16 Likes
Securityaffairs
1w
177
Image Credit: Securityaffairs
China-linked group Houken hit French organizations using zero-days
- China-linked group Houken targeted French government, telecom, media, finance, and transport sectors using Ivanti CSA zero-days, according to France’s ANSSI.
- The campaign, active since September 2024, involved an intrusion set named Houken, leveraging zero-day exploits and a rootkit, and utilizing Chinese open-source tools and diverse infrastructure like VPNs and dedicated servers.
- The attackers exploited vulnerabilities CVE-20248190, CVE-2024-8963, and CVE-2024-9380 on Ivanti CSA devices, aiming to obtain credentials, ensure persistence, move laterally, conduct reconnaissance, steal credentials, and maintain control over compromised systems.
- The Houken intrusion set's tactics suggest a proficient actor aiming at high-value systems, possibly for espionage or selling access. ANSSI points out links between Houken and UNC5174, indicating a shared operator involved in selling access and intelligence.
Read Full Article
10 Likes
Bitcoinist
1w
385
Image Credit: Bitcoinist
SlowMist and Sentinel Labs Warn of New Crypto Cyberattack Campaigns, but Best Wallet Is a Safe Alternative
- Cryptocurrency cyberattacks are evolving with new mechanisms targeting users through fake browser extensions and sophisticated Mac malware, according to SlowMist and Sentinel Labs.
- Over 40 fake Firefox extensions masquerading as popular crypto wallets are actively stealing wallet credentials from unsuspecting users.
- Mac users are facing a new wave of social engineering attacks via fake Zoom updates, installing NimDoor malware to compromise sensitive data, including crypto wallet information.
- Best Wallet is a recommended safe alternative, being a mobile-only crypto wallet with no official browser extension, making it immune to these cyberattacks. Avoid browser-based wallets and always verify software sources.
Read Full Article
23 Likes
TechCrunch
1w
80
Image Credit: TechCrunch
Ransomware gang Hunters International says it’s shutting down
- Ransomware gang Hunters International announced on its dark web page that it is shutting down without specifying reasons.
- The hackers are offering free decryption keys to all companies impacted by their ransomware to help recover encrypted data.
- Hunters International has had various victims, including a U.S. cancer center and the U.S. Marshals Service, despite the agency denying being hacked.
- There were indications as early as April that the group might transition to a new entity called World Leaks, using different ransomware software and hosting a new site.
Read Full Article
4 Likes
Hackers-Arise
1w
163
Image Credit: Hackers-Arise
The CyberWarrior Handbook, Part 01
- Learn how a small group of cyberwarriors can impact global geopolitics.
- Ukraine's fight for independence and how hackers influenced global outcomes.
- Details of a massive DDoS attack on critical Russian military and commercial interests.
- Success in targeting Russian oligarchs' yachts and plans to rebuild Ukraine.
- Future posts will cover IP camera hacks, industrial system attacks, and more.
Read Full Article
5 Likes
Coinpedia
1w
398
Image Credit: Coinpedia
Chrome And Firefox Users Targeted in Coordinated Crypto Credential Attacks
- 45 malicious Firefox extensions have been exposed for stealing cryptocurrency wallet details by impersonating trusted platforms.
- Attackers are using cloned open-source code and fake branding to target Chrome and Firefox users, urging caution when installing browser extensions.
- Chrome faces a zero-day vulnerability threat while Firefox users are at risk from harmful browser extensions, with 45 fake extensions identified in a campaign since April 2025.
- Security experts recommend installing extensions only from verified sources, treating browser extensions as software assets, and monitoring for signs of compromise to mitigate risks of crypto credential theft.
Read Full Article
23 Likes
Securityaffairs
1w
12
Image Credit: Securityaffairs
Europol shuts down Archetyp Market, longest-running dark web drug marketplace
- Europol, in collaboration with German authorities, has shut down Archetyp Market, the longest-running dark web drug marketplace.
- The operation spanned six countries and resulted in the arrest of the market's administrator in Spain, along with targeted actions against top vendors in Sweden.
- Archetyp Market operated for over five years, attracting over 600,000 users globally and facilitating drug transactions totaling at least EUR 250 million.
- The takedown was part of a significant international effort involving around 300 officers and led to the seizure of assets worth €7.8 million, delivering a blow to anonymous drug trafficking on the dark web.
Read Full Article
Like
Securityaffairs
1w
21
Image Credit: Securityaffairs
Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses
- A data breach at Kelly Benefits has impacted 550,000 people, with the number of affected individuals growing as the investigation continues.
- Benefits and payroll solutions firm Kelly Benefits confirmed the breach, revealing that more individuals were affected than originally believed.
- The breach, which occurred in December 2024, exposed sensitive personal data like names, SSNs, medical, and financial data.
- The latest update from the company disclosed that over 553,660 individuals were impacted, and affected individuals are being offered free credit monitoring and identity protection services.
Read Full Article
1 Like
Silicon
1w
246
Image Credit: Silicon
Qantas Confirms Customer Data Stolen By Hackers
- Australian airline Qantas experienced a cyber-attack compromising customer data of about 6 million individuals.
- The breach affected a third-party platform used by Qantas' customer contact centre, including customer names, email addresses, and phone numbers.
- No payment card details or login credentials were compromised in the attack, and Qantas has taken steps to secure its systems.
- The incident possibly linked to the hacking group Scattered Spider, known for targeting various sectors including airlines, using social-engineering methods for gaining unauthorized access.
Read Full Article
14 Likes
Hackers-Arise
1w
386
Image Credit: Hackers-Arise
The “Homeland” VP Pacemaker Hack: Is This Attack Realistic?
- IoT hacking, including medical devices, is a significant cybersecurity concern due to vulnerabilities in devices like pacemakers.
- The TV show Homeland depicted a scenario where a pacemaker hack was used to assassinate the U.S. Vice President, showing a dramatized but realistic core risk.
- Security researchers have demonstrated vulnerabilities in wireless medical devices like pacemakers and ICDs, showing they can be hacked through weak authentication and lack of encryption.
- While the Homeland hack is dramatized, the real-world risk is evident as some medical devices have weak security, leading to life-threatening consequences if hacked.
Read Full Article
23 Likes
Securityaffairs
1w
267
Image Credit: Securityaffairs
Cisco removed the backdoor account from its Unified Communications Manager
- Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager, tracked as CVE-2025-20309.
- The vulnerability allowed remote attackers to log in using hardcoded root credentials, granting full root privileges without authentication.
- Cisco removed the backdoor account from its Unified Communications Manager to mitigate the issue.
- Admins are advised to upgrade to fixed software releases to prevent exploitation of the vulnerability, with no workarounds available.
Read Full Article
16 Likes
For uninterrupted reading, download the app