Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Pure Crypter Malware Analysis: 99 Problems but Detection Ain’t One Attacker exploits misconfigured AI tool to run AI-generated payload Crocodilus Mobile…
Tag: EN
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Cybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. “Some of the phishing emails were sent…
Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. Google fixes…
Wireshark 4.4.7 Released, (Sun, Jun 8th)
Wireshark release 4.4.7 fixes 1 vulnerability (%%cve:2025-5601%%) and 8 bugs. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.4.7 Released, (Sun, Jun 8th)
Extracting With pngdump.py, (Sun, Jun 8th)
Inspired by Xavier's diary entry “A PNG Image With an Embedded Gift”, I updated my pngdump.py program to enable the extraction of chunks and extra data (similar to my other analysis tools, like pngdump.py). This article has been indexed from…
From StackStorm to DeepTempo
And what does it tell us about Cybersecurity? As the founding CEO of StackStorm and now DeepTempo, I’ve seen how the needs of CISOs and SOCs have changed over the last 10+ years. New challenges and a better color scheme! When we…
Europe just launched DNS4EU, a public DNS resolver with privacy and security options
DNS is one of the cornerstones of the Internet. Put simply, it is designed to turn domain names, say ghacks.net, into IP addresses. This process is usually handled by the Internet service […] Thank you for being a Ghacks reader.…
Rust-Developed InfoStealer Extracts Sensitive Data from Chromium-Based Browsers
Browsers at risk The latest information-stealing malware, made in the Rust programming language, has surfaced as a major danger to users of Chromium-based browsers such as Microsoft Edge, Google Chrome, and others. Known as “RustStealer” by cybersecurity experts, this advanced…
Scalable Solutions for NHI Management
Is Your Organization Implementing Scalable Solutions for NHI Management? Is your business laying a solid groundwork for efficient Non-Human Identity (NHI) management? If not, you’re likely exposing your organization to unnecessary risks. Data leaks and breaches could be lurking around…
Boost Your Confidence with Strong NHI Management
Why Does NHI Management Matter? Imagine being able to boost your confidence, largely dependent on automated processes. What if there was a way to foster a sense of security about your organization’s data management, transparency, and regulatory compliance? In comes…
Driving Innovation through Secure NHIs
Are You Embracing Innovation Securely? The quest for innovation is always at the forefront. Our desire to push boundaries and create more efficient and dynamic solutions is a driving force for progress. However, amid all the technological advancements and breakthroughs,…
Empower Your Team with Robust NHI Protocols
How Crucial Are Robust NHI Protocols in Empowering Teams? These days, it’s a fair assumption that most businesses base a significant portion of their operations. The management of Non-Human Identities (NHIs) has become increasingly important. Although it’s a relatively new…
Trump administration takes aim at Biden and Obama cybersecurity rules
In a White House fact sheet, the administration claims that Biden’s Executive Order 14144 — signed days before the end of his presidency — was an attempt “to sneak problematic and distracting issues into cybersecurity policy.” This article has been…
Over 20 Malicious Apps on Google Play Target Users for Seed Phrases
Over 20 malicious apps on Google Play are stealing crypto seed phrases by posing as trusted wallets and exchanges, putting users’ funds at risk. This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto…
The 2024 Red Hat Product Security Risk Report: CVEs, XZ Backdoor, SSCAs, AI…oh my!
Grab a large sweet tea or a cup of coffee and read the 2024 Product Security Risk Report from Red Hat Product Security. As someone striving to stay informed about the open source ecosystem and its security challenges, I found…
Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source
Over 4 billion user records were found exposed online in a massive breach, possibly linked to the surveillance of Chinese citizens. Cybersecurity researcher Bob Dyachenko and the Cybernews team discovered a massive data leak in China that exposed billions of…
OffensiveCon25 – No Signal, No Security: Dynamic Baseband Vulnerability Research
Authors/Presenters: Daniel Klischies and David Hirsch Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube…
Unimed AI Chatbot Exposes Millions of Patient Messages in Major Data Leak
iA significant data exposure involving Unimed, one of the world’s largest healthcare cooperatives, has come to light after cybersecurity researchers discovered an unsecured database containing millions of sensitive patient-doctor communications. The discovery was made by cybersecurity experts at Cybernews,…
Critical Bug in E-commerce Website, Over 10000 Customers Impacted
WordPress plugin exploit Cybersecurity experts have found a critical unpatched security vulnerability impacting the TI WooCommerce Wishlist plugin for WordPress that unauthorized threat actors could abuse to upload arbitrary files. TI WooCommerce Wishlist has more than 100,000 active installations. It…
Kali GPT- AI Assistant That Transforms Penetration Testing on Kali Linux
Kali GPT, a specialized AI model built on GPT-4 architecture, has been specifically developed to integrate seamlessly with Kali Linux, offering unprecedented support for offensive security professionals and students alike. Kali GPT represents a significant breakthrough in the integration of…