Researchers at Ledger’s Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card’s password to anything the attacker picks. No old password. No backup card. Once it…
Category: EN
Microsoft Warns New ‘GigaWiper’ Malware Combines Espionage and Destructive Capabilities
A new multi-purpose backdoor allows cyber threat actors to conduct both quiet espionage activity and destructive wiping operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Warns New ‘GigaWiper’ Malware Combines Espionage and Destructive Capabilities
Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws
Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, could enable credential theft, privilege escalation, and arbitrary code execution on the host. A brief description of the high-severity vulnerabilities…
Florida ransomware negotiator convicted for helping ransomware gang extort US companies
A third ransomware negotiator has been jailed for helping a notorious ransomware group to extort American victim companies into paying the hackers. This article has been indexed from Security News | TechCrunch Read the original article: Florida ransomware negotiator convicted…
Cyber Briefing: 2026.07.10
Telecom carriers breached, top consulting data leaked, and higher education under siege: here is the high-stakes intelligence you need to protect your network boundaries. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.07.10
281 Android VPN Apps Expose Users to Traffic Leaks, Tracking and Tunnel Hijacking
A recent security analysis has revealed that a significant number of Android VPN applications, 281,281,281, expose users to serious privacy and security risks. These risks include traffic leaks, third-party tracking, weak encryption practices, and VPN tunnel hijacking. Android findings highlight…
Free Mobile VPNs Leak Data and Track Users – Research
The Broken Shield: Exclusive Study Finds Popular Free Mobile VPNs Leak Data and Track Users When you download… The post Free Mobile VPNs Leak Data and Track Users – Research appeared first on Hackers Online Club. This article has been…
This new Windows malware can take over your PC and wipe it clean
GigaWiper is a remote access Trojan that can spy on victims and permanently wipe their systems in three different ways. This article has been indexed from Malwarebytes Read the original article: This new Windows malware can take over your PC…
Anthropic and OpenAI Security Tools Could Fuel Cyber-Attacks, Researchers Warn
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire This article has been indexed from www.infosecurity-magazine.com Read the original article: Anthropic and OpenAI Security Tools Could Fuel Cyber-Attacks, Researchers Warn
Cybersecurity Negotiator Gets 70 Months for Helping BlackCat Extort Victims
Former ransomware negotiator Angelo Martino gets 70 months in prison for helping BlackCat extort US victims and misuse confidential client data in cyberattacks. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
How Check Point Email Security Stopped a Student Job Scam Before It Reached the Inbox
A student receives what looks like a routine summer job offer from a trusted school account. The link goes to Google Forms. The email passes authentication. There is no malware, no fake login page, and no strange-looking domain. To the…
New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic
The China-linked cybercrime group known as Silver Fox has been attributed to a new Rust-based remote access trojan (RAR) called MODBEACON. Chinese cybersecurity company QiAnXin said that while the threat cluster may appear like a low-sophistication, high-activity operation that propagates…
KDDI data breach exposes 12M people
Japanese telecommunications company KDDI has confirmed a significant data breach affecting roughly 12 million individuals after attackers gained unauthorized access to an email platform serving five internet service providers in Japan. This article has been indexed from CyberMaterial Read the…
Accenture Data Breach: 35GB Source Code Stolen
Accenture has confirmed a security incident following claims by a cybercriminal that they breached the global technology consulting firm and stole more than 35 gigabytes of sensitive data. This article has been indexed from CyberMaterial Read the original article: Accenture…
Blip: Free cross-platform file-sharing app
A new file-sharing application called Blip offers simplified device-to-device file transfers across multiple platforms with no size restrictions. This article has been indexed from CyberMaterial Read the original article: Blip: Free cross-platform file-sharing app
ESMA launches crypto custody oversight under MiCA
The European Securities and Markets Authority has initiated a formal supervisory review process for cryptocurrency custody providers operating under the European Union’s Markets in Crypto-Assets regulatory framework. This article has been indexed from CyberMaterial Read the original article: ESMA launches…
CIRCIA cyber incident reporting rules finalization expected
The Cybersecurity and Infrastructure Security Agency is preparing to finalize long-awaited cyber incident reporting regulations under the Cyber Incident Reporting for Critical Infrastructure Act. This article has been indexed from CyberMaterial Read the original article: CIRCIA cyber incident reporting rules…
Linux FUSE Vulnerability Allows Unprivileged Users to Pop a Root Shell
A newly disclosed Linux kernel vulnerability in the FUSE subsystem allows unprivileged local users to escalate privileges to root by corrupting the page cache and hijacking execution of a SUID binary such as /usr/bin/su on Ubuntu 26.04. Tracked as CVE-2026-31694,…
Hackers Exploit CitrixBleed 2 to Hijack MFA-Protected Sessions and Deploy DragonForce Ransomware
Threat actors are exploiting the CitrixBleed 2 vulnerability, tracked as CVE-2025-5777, to hijack active NetScaler sessions protected by multi-factor authentication and gain a foothold in enterprise environments. The activity indicates a standardized operator playbook, potentially operated by an initial access…
Forg365 PhaaS Uses Telegram and AI Lures to Hijack Microsoft 365 Accounts
Forg365 is a commercial phishing-as-a-service (PhaaS) platform specifically targeting Microsoft 365 users. It employs methods such as device-code phishing, adversary-in-the-middle (AiTM) workflows, AI-assisted lure generation, and token persistence tools. The platform’s onboarding process through Telegram, subscription model, and post-compromise features…