Tag: security
-
Former Hacker Reflects: Power is Knowing When to Stop
When the conversation turns to hackers, the imagination often conjures images of digital chaos—individuals who breach systems for profit, amusement, or ideology. Yet, behind many of these stories lies something far more complex: psychology, internal conflict, and choices made at the very edge of acceptability. One former member of the shadowy hacking community has chosen…
-
Mysterious C:\inetpub Folder After Windows Update? It’s Normal
Following the installation of the April security updates for Windows, some users have noticed the sudden appearance of a mysterious, empty directory at C:\inetpub. Despite the lack of notifications or explanations in the user interface, there is no cause for alarm—everything is proceeding according to plan. This is a deliberate security measure introduced by Microsoft…
-
Urgent Apple Update: Zero-Day Exploits Target iPhones
Apple has released emergency security updates for its devices to patch two critical zero-day vulnerabilities that were actively exploited in an “exceptionally sophisticated attack” targeting a limited number of iPhone users. The vulnerabilities affect CoreAudio (CVE-2025-31200) and RPAC (CVE-2025-31201), and span across all major Apple operating systems: iOS, macOS, tvOS, iPadOS, and visionOS. According to…
-
Android to Auto-Reboot Locked Devices for Enhanced Security
Google is introducing a new security feature in Android that will automatically reboot locked and unused devices after three consecutive days of inactivity. Upon reboot, the device’s memory returns to an encrypted state, effectively rendering direct access to user data impossible. Although Google has not officially disclosed the rationale behind this feature, experts believe its…
-
DragonFlyBSD Gets New, Improved Disk Encryption Module
DragonFlyBSD has finally received a long-awaited and noteworthy enhancement—last week, a new disk encryption module named dm_target_crypt_ng was integrated into the system. This is a reimagined version of the DM-crypt module, designed to be compatible with its Linux counterpart. The development is led by Michael Neumann, a prominent contributor to the DragonFlyBSD project. Unlike its…
-
Atlas Lion Infiltrates Cloud Infrastructure: Novel Attack Targets Retail Gift Cards
Experts at Expel have uncovered a novel tactic employed by the cybercriminal group known as Atlas Lion, which has been targeting large retail chains, clothing brands, and restaurant franchises. Rather than attacking from the outside, these threat actors disguise their activities as legitimate internal operations—registering their own virtual machines within corporate cloud infrastructure. Atlas Lion…
-
Zero-Day Exploit Targets Gladinet CentreStack: Critical RCE Vulnerability
Hackers are actively exploiting a zero-day vulnerability to compromise secure Gladinet CentreStack file-sharing servers. According to a security advisory from Gladinet, the flaw stems from improper handling of cryptographic keys responsible for maintaining the integrity of ASP.NET ViewState data. When misconfigured—or when a static machineKey is used in the web.config file—there exists the potential for…
-
Critical OttoKit Vulnerability Exploited: Hackers Gain Admin Control of WordPress Sites
Hackers have begun exploiting a critical vulnerability in the widely used WordPress plugin OttoKit (formerly known as SureTriggers) just hours after it was publicly disclosed. The flaw allows attackers to bypass authentication and gain full administrative control over affected websites. OttoKit enables users to automate actions on WordPress sites without writing code—linking plugins and third-party…
-
Malicious npm Package Hijacks Cryptocurrency Wallets in Supply Chain Attack
Software supply chain attacks are becoming increasingly sophisticated, with malicious actors disguising harmful code as legitimate libraries and embedding it into developers’ environments. A recent example is the malicious npm package named “pdf-to-office,” discovered by researchers at Reversing Labs. Purporting to offer functionality for converting PDF documents into Word format, its true purpose was far…
-
NVIDIA Container Toolkit Vulnerability: Critical Security Flaw and Denial-of-Service Risk
In September 2024, NVIDIA released a security update addressing the critical vulnerability CVE-2024-0132 in its Container Toolkit. The issue stemmed from a time-of-check to time-of-use (TOCTOU) race condition, which enabled attackers to orchestrate a so-called “container escape” and gain unauthorized access to host system resources. The flaw received a high CVSS severity score of 9.0.…
-
DCOM Exploits: New Techniques for Credential Theft Bypass Modern Defenses
The days when obtaining credentials using Mimikatz was trivially easy are rapidly becoming a thing of the past. Microsoft continues to harden its defenses against credential theft, while EDR systems grow ever more astute. As a result, traditional Red Team tactics—ranging from lateral movement to LSASS interaction—are increasingly triggering alarms within modern security solutions. Yet,…
-
Critical Fortinet FortiSwitch Vulnerability Allows Password Change Without Authentication
Fortinet has addressed a critical vulnerability in its FortiSwitch devices that allowed remote attackers to change administrator passwords without authentication. The flaw, discovered by the developer of the FortiSwitch web interface, has been assigned the identifier CVE-2024-48887 and carries a CVSS score of 9.8. The vulnerability stemmed from the absence of proper verification during the…
-
Lovable AI Platform Exploited for “VibeScamming” Phishing Attacks
The Lovable platform—designed to generate web applications from textual prompts—has unexpectedly become a boon for aspiring cybercriminals. According to research by Guardio Labs, Lovable has been identified as the most vulnerable to so-called jailbreak attacks, which allow users to circumvent built-in safeguards and create phishing pages nearly indistinguishable from legitimate ones. Researchers have dubbed this…
-
AMD Zen Processors Hit by Critical EntrySign Microcode Vulnerability
Google’s security team has uncovered a critical vulnerability in the microcode of AMD processors, designated as EntrySign (ID: AMD-SB-7033). This flaw affects the entire Zen processor lineup—from the original Zen 1 to the latest Zen 5—including both consumer-grade and enterprise-class CPUs. The vulnerability enables users with kernel-level privileges (ring 0) to load unsigned microcode updates,…
-
OpenSSL 3.5 LTS Released with Quantum-Resistant Crypto and QUIC Support
A new release of OpenSSL 3.5—one of the foundational libraries enabling secure communications over the internet—has officially arrived. Designated as a Long Term Support (LTS) version, this update significantly fortifies the integrity of network connections through the integration of quantum-resistant cryptography, support for the QUIC protocol, and a host of technical enhancements. The development team…