Android NFC Malware Steals Banking Data via Relay Attacks
DevilNFC and NFCMultiPay capture card details and PINs, locking victims in fake interfaces during transactions.
DevilNFC and NFCMultiPay capture card details and PINs, locking victims in fake interfaces during transactions.
Unpatched Gogs RCE Puts Entire Repositories at Risk
A 9.4 severity flaw allows any authenticated user to execute code via malicious branch names; no CVE issued yet.
A 9.4 severity flaw allows any authenticated user to execute code via malicious branch names; no CVE issued yet.
Microsoft Is Taking Screenshots of Your PC
Microsoft Recall is a privacy nightmare. Disable it NOW.
Settings > Privacy & security > Recall & snapshots → Turn OFF
Why it's critical:
- Takes screenshots every 5 seconds
- Captures passwords, credit cards, SSNs, bank screens
- Snapshots stored in unencrypted SQLite DB when logged in
- InfoStealer malware can easily extract everything
- WHY Greenberg called it "pre-installed spyware"
Microsoft made it opt-in & added Windows Hello auth AFTER security researchers exposed the flaws
If you're on a Copilot+ PC, verify it's OFF. Your sensitive data is at risk.
Microsoft Recall is a privacy nightmare. Disable it NOW.
Settings > Privacy & security > Recall & snapshots → Turn OFF
Why it's critical:
- Takes screenshots every 5 seconds
- Captures passwords, credit cards, SSNs, bank screens
- Snapshots stored in unencrypted SQLite DB when logged in
- InfoStealer malware can easily extract everything
- WHY Greenberg called it "pre-installed spyware"
Microsoft made it opt-in & added Windows Hello auth AFTER security researchers exposed the flaws
If you're on a Copilot+ PC, verify it's OFF. Your sensitive data is at risk.
Microsoft Condemns Public Zero-Day Disclosures
Actively exploited Windows flaws trigger takedowns of researcher accounts after controversial full disclosures.
Actively exploited Windows flaws trigger takedowns of researcher accounts after controversial full disclosures.
JINX-0164 Targets Crypto Firms via LinkedIn Lures
New threat actor deploys macOS AUDIOFIX infostealer and MiniRAT backdoor through fake recruiter messages and poisoned npm packages.
New threat actor deploys macOS AUDIOFIX infostealer and MiniRAT backdoor through fake recruiter messages and poisoned npm packages.
FortiClient EMS Flaw Enables Network-Wide Malware Deployment
Critical CVE-2026-35616 allows attackers to push credential stealers as fake updates across managed endpoints.
Critical CVE-2026-35616 allows attackers to push credential stealers as fake updates across managed endpoints.
Russian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say.
Security researchers are now handing Nightmare-Eclipse vulnerabilities for free, in what looks like both a show of support and a reaction to how Microsoft treats researchers. First up: "Bitskrieg," violates Secure Boot trust and fully bypasses BitLocker.
Rapid7 Observed Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257)
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit.
AI is making DDoS attacks faster, smarter, and far more dangerous.
Attackers are now using AI to discover weak spots, create new attack vectors, and scale assaults with terrifying efficiency.
Attackers are now using AI to discover weak spots, create new attack vectors, and scale assaults with terrifying efficiency.
A previously unknown threat actor has been quietly targeting Ukraine since at least August 2025.
GREYVIBE uses spear-phishing, fake CAPTCHA pages, and fraudulent websites to deliver custom malware to military, government, civilian, and business targets.
GREYVIBE uses spear-phishing, fake CAPTCHA pages, and fraudulent websites to deliver custom malware to military, government, civilian, and business targets.
Two new Android NFC relay malware families — DevilNFC and NFCMultiPay — are targeting banking customers in Europe and Latin America.
These tools, developed with possible AI assistance, steal card PINs. DevilNFC even locks victims in a fake interface using Kiosk Mode while relaying card data.
These tools, developed with possible AI assistance, steal card PINs. DevilNFC even locks victims in a fake interface using Kiosk Mode while relaying card data.
Tool, called "Cali365," tricks users into entering a code on the official Microsoft authentication page, enabling attackers to access emails, messages, and stored files.
Cyber breach impacts Israeli Holocaust victims’ support center:
- Hacker group “Handala” has unauthorized access to the national support center
- Over 2 million files (~1 TB) reportedly exfiltrated, including databases, emails, and internal communications
- Group released details on document contents and links to affiliated entities
#TGITM @TheGhostITM
- Hacker group “Handala” has unauthorized access to the national support center
- Over 2 million files (~1 TB) reportedly exfiltrated, including databases, emails, and internal communications
- Group released details on document contents and links to affiliated entities
#TGITM @TheGhostITM
❤1
Yossi Kardi, head of Israel’s National Cyber Directorate, concluded a week-long U.S. visit focused on strengthening cybersecurity and digital defense cooperation.
Discussions also referenced recent cyber incidents, including the breach of personal emails of Kash Patel, claimed by the “Handala” group.
#TGITM @TheGhostITM
Discussions also referenced recent cyber incidents, including the breach of personal emails of Kash Patel, claimed by the “Handala” group.
#TGITM @TheGhostITM
👎1
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface.
ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak.
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets.