Forwarded from Android Security & Malware
Fake Android Money Transfer App Targeting Bengali-Speaking Users
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-android-money-transfer-app-targeting-bengali-speaking-users/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-android-money-transfer-app-targeting-bengali-speaking-users/
McAfee Blog
Fake Android Money Transfer App Targeting Bengali-Speaking Users | McAfee Blog
Authored by Dexter Shin McAfee’s Mobile Research Team discovered a new and active Android malware campaign targeting Bengali-speaking users, mainly
Forwarded from Android Security & Malware
RaspyJack
Turn a Raspberry Pi Zero 2 W + Waveshare 1.44″ LCD into a pocket-sized, SharkJack-style network multitool.
Key features:
• Recon: Multi-profile Nmap scans
• Shells: Reverse-shell launcher (pick IP on the fly or use a preset)
• Creds Capture: Responder, ARP MITM + sniff, DNS-spoof phishing
• Loot Viewer: Read Nmap / Responder / DNSSpoof logs on the screen
https://github.com/7h30th3r0n3/Raspyjack
Turn a Raspberry Pi Zero 2 W + Waveshare 1.44″ LCD into a pocket-sized, SharkJack-style network multitool.
Key features:
• Recon: Multi-profile Nmap scans
• Shells: Reverse-shell launcher (pick IP on the fly or use a preset)
• Creds Capture: Responder, ARP MITM + sniff, DNS-spoof phishing
• Loot Viewer: Read Nmap / Responder / DNSSpoof logs on the screen
https://github.com/7h30th3r0n3/Raspyjack
Forwarded from The Hacker News
🚨 Sick of chasing meaningless vuln alerts?
Function-level runtime reachability shows only the code that's actually executing—no fluff, no false positives.
It’s like turning off the noise and seeing just the real threats.
Here’s why it changes everything ↓ https://thehackernews.com/expert-insights/2025/07/everything-to-know-about-runtime.html
Function-level runtime reachability shows only the code that's actually executing—no fluff, no false positives.
It’s like turning off the noise and seeing just the real threats.
Here’s why it changes everything ↓ https://thehackernews.com/expert-insights/2025/07/everything-to-know-about-runtime.html
Forwarded from cKure Red
Their findings indicate that EFR systems employ an
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from cKure
■■■■■ 🔠 🔠 🔠 🔠 🔠 🔠 📡
Sirius Scan, an open-source comprehensive vulnerability scanner that leverages community-driven security intelligence and automated penetration testing capabilities.
https://github.com/SiriusScan/Sirius
Sirius Scan, an open-source comprehensive vulnerability scanner that leverages community-driven security intelligence and automated penetration testing capabilities.
https://github.com/SiriusScan/Sirius
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - SiriusScan/Sirius
Contribute to SiriusScan/Sirius development by creating an account on GitHub.
Forwarded from cKure
■■■■□ 4️⃣ GitHub repositories host malware disguised as tools that gamers, and privacy-seekers are likely to download.
The fake VPN🧠 campaign drops malware straight into AppData and hides it from plain view
Process injection through MSBuild.exe allows this malware to operate without triggering obvious alarms.
https://www.cyfirma.com/research/github-abused-to-spread-malware-disguised-as-free-vpn
https://www.techradar.com/pro/criminals-are-using-a-dangerous-fake-free-vpn-to-spread-malware-via-github-heres-how-to-stay-safe
The fake VPN
Process injection through MSBuild.exe allows this malware to operate without triggering obvious alarms.
https://www.cyfirma.com/research/github-abused-to-spread-malware-disguised-as-free-vpn
https://www.techradar.com/pro/criminals-are-using-a-dangerous-fake-free-vpn-to-spread-malware-via-github-heres-how-to-stay-safe
Please open Telegram to view this post
VIEW IN TELEGRAM
CYFIRMA
GitHub Abused to Spread Malware Disguised as Free VPN - CYFIRMA
EXECUTIVE SUMMARY At CYFIRMA, we continuously monitor and investigate emerging cyber threats targeting both organizations and individuals. In this report,...
Forwarded from 𝗽𝗼𝗽𝗠𝗢𝗗𝗦 | 𝗙𝗢𝗦𝗦, 𝗟𝗶𝗳𝗲, 𝗠𝗲𝗺𝗲𝘀 (Ömer)
WebScraper
It is a toolkit containing scripts for webscraper in two ways one is with raw python and second is with javascript on cloudflare worker
🔗 Links:
- Setup
- Source code
Developer: 0xarchit
🏷️ Tags: #DevTools #Script #Utilities
It is a toolkit containing scripts for webscraper in two ways one is with raw python and second is with javascript on cloudflare worker
🔗 Links:
- Setup
- Source code
Developer: 0xarchit
❤️ Support the Project
If this project makes your life easier, here are a few quick ways to show some love:
⭐ Star the repo/app
☕ Buy a coffee for the developer
🛠 Contribute code, issues, or pull-requests
🏷️ Tags: #DevTools #Script #Utilities
Forwarded from The Hacker News
🚨 A new backdoor dubbed HazyBeacon is hitting Southeast Asian governments—hiding in plain sight using AWS Lambda.
It exfiltrates trade secrets via Google Drive and Dropbox.
State-backed. Stealthy. Still active.
Here’s what you need to know ↓ https://thehackernews.com/2025/07/state-backed-hazybeacon-malware-uses.html
It exfiltrates trade secrets via Google Drive and Dropbox.
State-backed. Stealthy. Still active.
Here’s what you need to know ↓ https://thehackernews.com/2025/07/state-backed-hazybeacon-malware-uses.html
https://github.com/dic1911/Momogram
This has unified push and a different service for translation. But it uses cloudflare for something.
This has unified push and a different service for translation. But it uses cloudflare for something.
GitHub
GitHub - dic1911/Momogram: A third-party Telegram android app.
A third-party Telegram android app. Contribute to dic1911/Momogram development by creating an account on GitHub.