Cybercriminals charge $5K to add Android malware to Google Play
Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000,...
Year: 2023
Kodi discloses data breach after forum database for sale online
The Kodi Foundation has disclosed a data breach after hackers stole the organization's MyBB forum database containing user data and...
3CX confirms North Korean hackers behind supply chain attack
VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month's supply chain attack. "Based...
iPhones hacked via invisible calendar invites to drop QuaDream spyware
Microsoft and Citizen Lab discovered commercial spyware made by an Israel-based company QuaDream used to compromise the iPhones of high-risk...
Windows zero-day vulnerability exploited in ransomware attacks
Microsoft has patched a zero-day vulnerability in the Windows Common Log File System (CLFS), actively exploited by cybercriminals to escalate...
Hacked sites caught spreading malware via fake Chrome updates
Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware...
OpenAI launches bug bounty program with rewards up to $20K
AI research company OpenAI announced today the launch of a new bug bounty program to allow registered security researchers to...
SAP releases security updates for two critical-severity flaws
Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Certwatcher – Tool For Capture And Tracking Certificate Transparency Logs, Using YAML Templates Based DSL
CertWatcher is a tool for capturing and tracking certificate transparency logs, using YAML templates. The tool helps detect and analyze...
Daily Threat Intelligence – April 11 – 2023
Crypto exchanges are being targeted left, right, and center. A South Korean cryptocurrency exchange experienced a major attack that culminated...
HackerOne Bug Bounty Disclosure: idor-in-talentmap-api-can-be-abused-to-enumerate-personal-information-of-all-the-usersbynepalihacker0x01
Programme HackerOne U.S. Department of State U.S. Department of State Submitted by nepalihacker0x01 nepalihacker0x01 Report IDOR in TalentMAP API can...
HackerOne Bug Bounty Disclosure: sensitive-information-for-phpinfo-php-at-https://products-ean-com/byexploitmsf
Programme HackerOne Expedia Group Bug Bounty Expedia Group Bug Bounty Submitted by exploitmsf exploitmsf Report Sensitive information for phpinfo.php at...
HackerOne Bug Bounty Disclosure: testing-flow-includes-a-deepsource-secretbytriplesided
Programme HackerOne Weblate Weblate Submitted by triplesided triplesided Report Testing flow includes a DeepSource secret Full Report A considerable...
HackerOne Bug Bounty Disclosure: can-delete-other-user’s-post-and-company-page-postbyanandpingsafe
Programme HackerOne LinkedIn LinkedIn Submitted by anandpingsafe anandpingsafe Report Can delete other user's post and company page post Full Report...
Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security
Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as...
Newly Discovered “By-Design” Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers
A "by-design flaw" uncovered in Microsoft Azure could be exploited by attackers to gain access to storage accounts, move laterally...
Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages
Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages...
[eBook] A Step-by-Step Guide to Cyber Risk Assessment
In today's perilous cyber risk landscape, CISOs and CIOs must defend their organizations against relentless cyber threats, including ransomware, phishing,...
LockBit 3.0 Ransomware Victim: gregoire[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mundocuervo[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: fiamma[.]com[.]my
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: agp[.]ph
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: disltd[.]ca
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
