Zoom attack tricks victims into allowing remote access to install malware and steal money
Be careful when talking to people you’ve not met with before over the Zoom video conferencing system; you might get […]
Zoom attack tricks victims into allowing remote access to install malware and steal money
Be careful when talking to people you’ve not met with before over the Zoom video conferencing system; you might get
[tl;dr sec] #276 – AI-created PoC Exploit, Cloud Snitch, Kubernetes Attack Simulation
Hey there, I hope you’ve been doing well! 👋 Come see my BSidesSF keynote! Shorter issue this week due to
[tl;dr sec] #276 – AI-created PoC Exploit, Cloud Snitch, Kubernetes Attack Simulation Read More »
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware
At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of
Android malware turns phones into malicious tap-to-pay machines
Got an Android phone? Got a tap-to-pay card? Then you’re like millions of other users now at risk from a
Android malware turns phones into malicious tap-to-pay machines Read More »
4.7 million customers’ data accidentally leaked to Google by Blue Shield of California
Blue Shield of California leaked the personal data of 4.7 million people to Google after a Google Analytics misconfiguration. The
4.7 million customers’ data accidentally leaked to Google by Blue Shield of California Read More »
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure
As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025,
159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure Read More »
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools Read More »
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals Read More »