GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials....
hacking
Android pre-installed apps are affected by high-severity vulnerabilities
Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research...
LEAF – Linux Evidence Acquisition Framework
Linux Evidence Acquisition Framework (LEAF) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality...
GhostTouch: how to remotely control touchscreens with EMI
Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang...
FBI: Compromised US academic credentials available on various cybercrime forums
The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors...
Ransomware-Simulator – Ransomware Simulator Written In Golang
The goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This...
ERMAC 2.0 Android Banking Trojan targets over 400 apps
A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC...
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers...
Pocsploit – A Lightweight, Flexible And Novel Open Source Poc Verification Framework
pocsploit is a lightweight, flexible and novel open source poc verification framework Pain points of the POC framework in the...
Exposed: the threat actors who are poisoning Facebook
An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning...
Zyxel addresses four flaws affecting APs, AP controllers, and firewalls
Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates...
Experts warn of a new malvertising campaign spreading the ChromeLoader
Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary...
FindFunc – Advanced Filtering/Finding of Functions in IDA Pro
FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a...
Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed
The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the...
Italy announced its National Cybersecurity Strategy 2022/26
Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of...
Unknown APT group is targeting Russian government entities
An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from...
Frida-Ios-Hook – A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values Of Methods On iOS Platform
A tool that helps you can easy using frida. It support script for trace classes, functions, and modify the return...
Internationa police operation led to the arrest of the SilverTerrier gang leader
The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international...
DroidDetective – A Machine Learning Malware Analysis Framework For Android Apps
A machine learning malware analysis framework for Android apps. DroidDetective is a Python tool for analysing Android applications (APKs) for...
Chaining Zoom bugs is possible to hack users in a chat by sending them a message
Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set...
CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure...
Tornado – Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Portforwarding
anonymously reverse shell over onion network using If you are having any operating system compatiblity issue, let me know. I...
Reposaur – The Open Source Compliance Tool For Development Platforms
Reposaur is the open source compliance tool for development platforms. Audit, verify and report on your data and configurations easily...
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy...
