menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

TechCrunch

1w

read

213

img
dot

Image Credit: TechCrunch

Hacked, leaked, exposed: Why you should never use stalkerware apps

  • There is a rising trend of stalkerware companies being hacked or experiencing data breaches, with at least 25 known cases since 2017, exposing sensitive personal information of victims and customers.
  • Companies like SpyX, Spyzie, Cocospy, and mSpy have been breached, compromising millions of user data, leading to potential real-world harm and violence.
  • Stalkerware companies promote illegal behavior by marketing their apps as tools to spy on partners, leading to unethical surveillance practices.
  • Hackers target these companies due to their lack of concern for customer data protection, making using such apps risky and irresponsible.
  • Various stalkerware companies have been targeted and hacked multiple times, resulting in significant data exposures and privacy violations.
  • Despite some companies shutting down after breaches, many rebrand and continue operations, contributing to the persistence of the stalkerware industry.
  • Using stalkerware is illegal and unethical, as it involves unlawful surveillance, jeopardizes data security, and can lead to severe consequences for victims and users.
  • Security experts advise against using stalkerware and suggest utilizing legitimate parental control tools for monitoring children responsibly.
  • The exposure of stalkerware data highlights the risks associated with using such apps and emphasizes the importance of safeguarding personal privacy and digital security.
  • If assistance is needed regarding domestic abuse or stalkerware concerns, resources like the National Domestic Violence Hotline and the Coalition Against Stalkerware are available for support.

Read Full Article

like

12 Likes

share

3 Shares

source image

Hackingblogs

1w

read

294

img
dot

Image Credit: Hackingblogs

Bug Bounty 10-Day Complete Free Training: Day5 – Starting Reconnaissance

  • On Day 5 of the 10-Day Bug Bounty Bootcamp, reconnaissance is highlighted as the essential initial step for bug hunting.
  • The focus is on topics like lookups, WHOIS lookups, DNS records, and the use of tools like Amass for automating the reconnaissance process.
  • Horizontal and vertical correlation in reconnaissance involve finding all assets related to a business and identifying subdomains under a domain respectively.
  • CIDR (Classless Inter-Domain Routing) is discussed as a method to express IP addresses and network masks efficiently.
  • An example using CIDR notation (192.168.1.0/24) is provided to clarify the concept further.
  • The article explains subnet masks, broadcast addresses, and the range of valid IP addresses for a given network.
  • Tools like Nmap and Fping are suggested for CIDR enumeration to detect live hosts within a given CIDR range.
  • Autonomous System Numbers (ASNs) are explained as unique identifiers for autonomous systems, with Private ASNs and Public ASNs serving different purposes.
  • Reverse Lookup techniques like Reverse WHOIS Lookup, Reverse DNS Lookup, and Reverse Name server/Mail Server queries are discussed.
  • The automation of reconnaissance using tools like Amass for both passive and active subdomain enumeration is emphasized.

Read Full Article

like

17 Likes

share

4 Shares

source image

Securityaffairs

1w

read

337

img
dot

Image Credit: Securityaffairs

California Cryobank, the largest US sperm bank, disclosed a data breach

  • California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information.
  • CCB discovered unauthorized activity on its IT systems on April 21, 2024.
  • Threat actors potentially accessed and/or acquired customers' personal information.
  • CCB is offering affected individuals free credit monitoring services and implementing enhanced security measures.

Read Full Article

like

20 Likes

share

4 Shares

source image

Guardian

1w

read

329

img
dot

Image Credit: Guardian

Italian activist alerts ICC to spyware attack when in communication with court

  • Italian activist David Yambio alerted the ICC that his phone was under surveillance while providing confidential information about torture victims in Libya.
  • The Citizen Lab confirmed Yambio was targeted by spyware while communicating with The Hague, with the attack occurring around June 2024.
  • Yambio urged ICC members to check their phones for spyware, raising concerns of interference in ICC proceedings involving torture victims.
  • The use of spyware has put pressure on Giorgia Meloni's government in Italy following previous revelations of surveillance targeting activists and journalists.
  • Osama Najim, wanted by the ICC for war crimes, was released by Italian authorities, sparking criticism over human rights violations in Libya.
  • The spyware used against Yambio and others was linked to an Israeli company, Paragon Solutions, now owned by a US investor.
  • WhatsApp disclosed that 90 users, including journalists and civil society members, were targeted by clients of Paragon, leading to scrutiny of the Italian government.
  • Paragon has suspended its contract with Italy due to alleged violations of rules against using spyware on journalists and civil society members.
  • Apple provided a fix for the security flaw exploited in the attacks on Yambio, highlighting the sophistication and high cost of the spyware.
  • The revelations have prompted questions about the deployment and use of spyware by various countries, with concerns raised about compliance with domestic laws.

Read Full Article

like

19 Likes

share

4 Shares

source image

Securityaffairs

1w

read

337

img
dot

Image Credit: Securityaffairs

Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks

  • The 'Rules File Backdoor' attack targets AI code editors like GitHub Copilot and Cursor.
  • Threat actors exploit hidden Unicode characters and evasion tactics to inject undetectable malicious code.
  • The attack uses rule files to trick AI tools into generating code with security vulnerabilities or backdoors.
  • Researchers published a video proof-of-concept showcasing the manipulation of AI-generated files through instruction files.

Read Full Article

like

20 Likes

share

4 Shares

source image

Securityaffairs

2w

read

34

img
dot

Image Credit: Securityaffairs

Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft

  • At least 11 state-sponsored threat groups have been abusing Windows shortcut files for espionage and data theft, according to Trend Micro's Zero Day Initiative.
  • These threat actors have exploited the vulnerability ZDI-CAN-25373, with 1,000 malicious .lnk files discovered by ZDI researchers.
  • The vulnerability has been targeted by APT groups from North Korea, Iran, Russia, and China, with attacks aimed at various sectors and regions.
  • Microsoft has been notified of the vulnerability but has not addressed it with a security patch.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

2w

read

386

img
dot

Image Credit: Securityaffairs

ChatGPT SSRF bug quickly becomes a favorite attack vector

  • Threat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government organizations.
  • The SSRF vulnerability exists in the pictureproxy.php file of ChatGPT, allowing attackers to inject crafted URLs and make arbitrary requests.
  • Veriti researchers noted over 10,000 attack attempts within a week, primarily targeting government organizations in the US.
  • Misconfigured Intrusion Prevention Systems and Web Application Firewalls left 35% of the analyzed companies unprotected.

Read Full Article

like

23 Likes

share

5 Shares

source image

Siliconangle

2w

read

223

img
dot

Image Credit: Siliconangle

Flashpoint report highlights rising cyberthreats, with infostealers and ransomware leading the way

  • A new report from Flashpoint highlights major cyberthreats shaping 2025, with infostealers, ransomware, and vulnerabilities leading the way.
  • The report reveals a 33% increase in credential theft year-over-year, with over 3.2 billion credentials stolen through 2024.
  • Ransomware attacks increased by 10% in 2024, with five major ransomware groups accounting for nearly half of all incidents.
  • Vulnerabilities increased by 12% last year, with more than 39% of them being publicly available exploits.

Read Full Article

like

13 Likes

share

3 Shares

source image

Securityaffairs

2w

read

287

img
dot

Image Credit: Securityaffairs

GitHub Action tj-actions/changed-files was compromised in supply chain attack

  • The GitHub Action tj-actions/changed-files was compromised, enabling attackers to extract secrets from repositories using the CI/CD workflow.
  • Threat actors compromised the GitHub Action tj-actions/changed-files, allowing the leak of secrets from repositories using the continuous integration and continuous delivery CI/CD workflow.
  • The tj-actions/changed-files GitHub Action is used in over 23,000 repositories, automating workflows by detecting file changes in commits or pull requests.
  • GitHub promptly removed the tj-actions/changed-files Action and users are advised to update to version 46.0.1 and review workflows from March 14-15 for unexpected output in the changed-files section.

Read Full Article

like

17 Likes

share

4 Shares

source image

Securityaffairs

2w

read

51

img
dot

Image Credit: Securityaffairs

New StilachiRAT uses sophisticated techniques to avoid detection

  • Microsoft discovered a new remote access trojan (RAT), dubbed StilachiRAT, that uses sophisticated techniques to avoid detection.
  • StilachiRAT is a sophisticated RAT designed for stealth, persistence, and data theft.
  • The malware supports functionalities to steal credentials, digital wallet data, clipboard content, and system information.
  • StilachiRAT employs advanced evasion methods and targets cryptocurrency wallet extensions.

Read Full Article

like

3 Likes

share

Share

source image

Hackingblogs

2w

read

412

img
dot

Image Credit: Hackingblogs

Bug Bounty 10-Day Complete Free Training: Day4 – Recon, Cloud, Google Dork Workflows

  • The 10-Day Bug Bounty Bootcamp's fourth day focused on Workflows, including cloud, GitHub, and Google Dorking.
  • GitHub workflows involve locating sensitive information on GitHub where developers often upload confidential data unintentionally.
  • Trufflehog is a tool used for identifying sensitive information like API keys in code repositories.
  • Cloud Recon, a penetration testing technique, allows testers to examine targets across various cloud platforms like AWS, Google Cloud, and Azure.
  • A common issue is unauthorized access to AWS S3 buckets where sensitive data can be exposed.
  • Google Dorking can be used to find open S3 buckets by searching for specific terms or patterns in S3 URLs.
  • Brute forcing tools like cloud_enum.py can be used to enumerate AWS S3 buckets by guessing common bucket names.
  • The session also covered the power of Google Dorking, cloud workflows, and reconnaissance in bug bounty hunting.
  • Participants were encouraged to set up Kali or Linux for the next session focusing on practical bug bounty hunting techniques.

Read Full Article

like

24 Likes

share

5 Shares

source image

Securityaffairs

2w

read

344

img
dot

Image Credit: Securityaffairs

Threat actors rapidly exploit new Apache Tomcat flaw following PoC release

  • Threat actors rapidly exploit new Apache Tomcat flaw following PoC release
  • A recently disclosed Apache Tomcat vulnerability is being actively exploited after the release of a public PoC exploit
  • The vulnerability, tracked as CVE-2025-24813, allows remote code execution or information disclosure
  • Users are recommended to update their affected Tomcat versions immediately

Read Full Article

like

20 Likes

share

4 Shares

source image

Livebitcoinnews

2w

read

339

img
dot

Image Credit: Livebitcoinnews

OKX Halts DEX Aggregator Services for Security Upgrades

  • OKX temporarily suspends its DEX aggregator services to improve security measures following hacker activities of concern.
  • A hacker detection system is introduced to monitor and freeze questionable addresses, ensuring unauthorized transactions are prevented.
  • European officials are investigating OKX after the Bybit breach, allegedly connected to the Lazarus Group, in relation to new MiCA regulations.
  • OKX implemented new security features, including a detection tool for OKX Web3 and a real-time monitoring system for malicious wallet addresses.

Read Full Article

like

20 Likes

share

4 Shares

source image

Securityaffairs

2w

read

318

img
dot

Image Credit: Securityaffairs

Attackers use CSS to create evasive phishing messages

  • Threat actors exploit Cascading Style Sheets (CSS) to bypass spam filters and detection engines, and track users’ actions and preferences.
  • Cisco Talos observed threat actors abusing CSS to evade detection and track user behavior, raising security and privacy concerns.
  • Attackers use CSS properties like text-indent and font-size to hide phishing text in emails and bypass security parsers.
  • Threat actors can also track user behavior and conduct fingerprinting attacks using CSS, gathering data on recipients' preferences and system information.

Read Full Article

like

19 Likes

share

4 Shares

source image

Coinjournal

2w

read

387

img
dot

Image Credit: Coinjournal

Wemix CEO: delayed $6.2M hack announcement was to prevent “market panic”

  • Wemix Foundation suffered a $6.2 million hack on February 28 but only alerted its investors on March 4.
  • The hacker stole 8.65 million WEMIX coins from the platform's Play Bridge Vault.
  • Wemix CEO delayed the hack announcement to prevent market panic and additional attacks.
  • Kim Seok-hwan, the CEO of Wemix Foundation, denied the hack was the work of Lazarus, a North Korean-backed hacking group.

Read Full Article

like

23 Likes

share

5 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app