Forwarded from The Hacker News
⚡ Deepfake CEOs. Fake job offers. Cloned websites.
AI-powered scams are fooling even trained teams—because they look real. These aren’t phishing emails. They’re full-scale impersonation attacks.
See how to stop them in real time.
Watch the webinar → https://thehackernews.com/2025/07/deepfakes-fake-recruiters-cloned-cfos.html
AI-powered scams are fooling even trained teams—because they look real. These aren’t phishing emails. They’re full-scale impersonation attacks.
See how to stop them in real time.
Watch the webinar → https://thehackernews.com/2025/07/deepfakes-fake-recruiters-cloned-cfos.html
Forwarded from The Hacker News
🚨 One flaw. Total takeover.
A critical bug in Windows Server 2025 lets attackers generate any dMSA/gMSA password—across the forest.
It bypasses Credential Guard and can persist for years.
Details here → https://thehackernews.com/2025/07/critical-golden-dmsa-attack-in-windows.html
A critical bug in Windows Server 2025 lets attackers generate any dMSA/gMSA password—across the forest.
It bypasses Credential Guard and can persist for years.
Details here → https://thehackernews.com/2025/07/critical-golden-dmsa-attack-in-windows.html
Forwarded from The Hacker News
🚨 Your AI agent isn’t just helping—it has full access to code, payroll, email, and more.
If one device gets hacked, it can leak everything—fast.
The real risk? It’s not the AI. It’s who (or what) can talk to it.
Learn how to lock it down → https://thehackernews.com/2025/07/ai-agents-act-like-employees-with-root.html
If one device gets hacked, it can leak everything—fast.
The real risk? It’s not the AI. It’s who (or what) can talk to it.
Learn how to lock it down → https://thehackernews.com/2025/07/ai-agents-act-like-employees-with-root.html
Forwarded from The Hacker News
ISPs are high-value DDoS targets—and need tailored defenses.
We tested the DDoS resilience of a leading mobile operator by simulating six attacks that bypassed their CDN and hit the origin server directly.
While network-layer attacks were blocked, two app-layer attacks—a GET Flood and POST Flood—slipped through.
Read the full case study and our hardening recommendations → https://thn.news/african-telecom-ddos
We tested the DDoS resilience of a leading mobile operator by simulating six attacks that bypassed their CDN and hit the origin server directly.
While network-layer attacks were blocked, two app-layer attacks—a GET Flood and POST Flood—slipped through.
Read the full case study and our hardening recommendations → https://thn.news/african-telecom-ddos
Forwarded from The Hacker News
🚨 Hackers are exploiting fully patched SonicWall SMA 100 firewalls using stolen OTP seeds and a stealth backdoor.
Google says the malware, OVERSTEP, rewrites boot scripts, hides logs, and steals credentials—persisting even after reboots.
Full story → https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html
Google says the malware, OVERSTEP, rewrites boot scripts, hides logs, and steals credentials—persisting even after reboots.
Full story → https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html
Forwarded from Bones' Tech Garage
Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying | Electronic Frontier Foundation
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
Electronic Frontier Foundation
Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying
Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out cell-site simulators
Forwarded from Bones' Tech Garage
Introduction - Rayhunter - An IMSI Catcher Catcher
https://efforg.github.io/rayhunter/
https://efforg.github.io/rayhunter/
Forwarded from Bones' Tech Garage
Privacy and security are not just use of programs. It's also habits and practices. If you don't want to share it with the internet it might be best to be kept offline.
https://www.makeuseof.com/screenshots-you-shouldnt-save-on-smartphone/
https://www.makeuseof.com/screenshots-you-shouldnt-save-on-smartphone/
MUO
Hackers Love These 7 Screenshots You Keep in Your Gallery
Your phone gallery might be a hacker’s favorite buffet.
Forwarded from Hacker News
Anytype
OpenAI – vulnerability responsible disclosure
Update with OpenAI response added
What happened?
On 29 May 2025 I privately reported a vulnerability to the OpenAI disclosure mailbox using an encrypted email. The flaw allows peeking at chat responses intended for other users. This content may contain personal…
What happened?
On 29 May 2025 I privately reported a vulnerability to the OpenAI disclosure mailbox using an encrypted email. The flaw allows peeking at chat responses intended for other users. This content may contain personal…
Forwarded from Hacker News
connect.mozilla.org
Where’s Firefox going next? You tell us.
Hey Firefox friends! We’re trying something new and would love your help. Features like tab groups, vertical tabs, profiles, new tab wallpapers, PWAs, and taskbar pinning weren’t just ideas – they were direct responses to what you told us you wanted. Your…
Forwarded from Hacker News
GrapheneOS Mastodon
GrapheneOS (@GrapheneOS@grapheneos.social)
Our lead developer was forcibly conscripted into a war and we've been asking for help regularly since then and expressing that the situation was dire. Android 16 making our life harder than expected made it worse. The Android 16 changes weren't really the…
Forwarded from Hacker News
Прямий
Ukrainian Hackers Cripple IT Infrastructure of Russian Drone Manufacturer — What We Know So Far
Українські кіберактивісти у співпраці з військовою розвідкою успішно паралізували діяльність одного з найбільших російських виробників безпілотників — компанії "Гаскар Інтеграция". Внаслідок атаки знищено понад 47 Тб критичних даних, заблоковано внутрішні…
Forwarded from Telegram Info English (DbSergey)
Telegram User Identification via Facial Recognition
Users on Telegram’s test server have discovered an officially verified bot that scans faces using the camera — likely for identity verification purposes.
This bot’s development is presumably linked to a law that will soon take effect in the United Kingdom. The law requires websites and apps distributing adult content to verify the age of users seeking access to such material.
The @tginfo editorial team firmly believes that no identity verification requirements will be introduced for users outside the UK in the near future.
#UnitedKingdom
Users on Telegram’s test server have discovered an officially verified bot that scans faces using the camera — likely for identity verification purposes.
This bot’s development is presumably linked to a law that will soon take effect in the United Kingdom. The law requires websites and apps distributing adult content to verify the age of users seeking access to such material.
The @tginfo editorial team firmly believes that no identity verification requirements will be introduced for users outside the UK in the near future.
#UnitedKingdom
Forwarded from Android Security & Malware
Keyboard Input Injection vulnerability in Air Keyboard iOS App Still Unpatched
https://www.mobile-hacker.com/2025/07/17/remote-input-injection-vulnerability-in-air-keyboard-ios-app-still-unpatched/
https://www.mobile-hacker.com/2025/07/17/remote-input-injection-vulnerability-in-air-keyboard-ios-app-still-unpatched/
Forwarded from Android Security & Malware
Remote Code Execution Discovered in XTool AnyScan App: Risks to Phones and Vehicles
https://www.nowsecure.com/blog/2025/07/16/remote-code-execution-discovered-in-xtool-anyscan-app-risks-to-phones-and-vehicles/
https://www.nowsecure.com/blog/2025/07/16/remote-code-execution-discovered-in-xtool-anyscan-app-risks-to-phones-and-vehicles/
Nowsecure
Remote Code Execution Discovered in XTool AnyScan App: Risks to Phones and Vehicles - NowSecure
Learn how NowSecure has identified an app whose developers violated security guidelines, bypassing recommended procedures exposing systems to remote control.
Forwarded from Mishaal's Android News Feed
🎶 Get Apple's one-tap Ambient Music playlists on Android with this free new app
A new app brings Apple's Ambient Music relaxation playlists to Android so you can relax, work, or fall asleep
Click 👇for more details, screenshots, and the download link
🔗 https://www.androidauthority.com/apple-ambient-music-on-android-3578211/
A new app brings Apple's Ambient Music relaxation playlists to Android so you can relax, work, or fall asleep
Click 👇for more details, screenshots, and the download link
🔗 https://www.androidauthority.com/apple-ambient-music-on-android-3578211/
Android Authority
Get Apple's one-tap Ambient Music playlists on Android with this free new app
This free app ports Apple's Ambient Music feature to Android, allowing you to listen to calming music while you relax, work, or sleep.
Forwarded from Mishaal's Android News Feed
📺🎧 Bluetooth pairing sucks on most Google TV devices, but Google wants to change that
There are only four Google TV devices that support Fast Pair, a feature that makes it easy to pair new Bluetooth accessories to your TV
More details 👇
🔗 https://www.androidauthority.com/google-tv-fast-pair-supported-devices-3578252/
There are only four Google TV devices that support Fast Pair, a feature that makes it easy to pair new Bluetooth accessories to your TV
More details 👇
🔗 https://www.androidauthority.com/google-tv-fast-pair-supported-devices-3578252/
Android Authority
Bluetooth pairing sucks on most Google TV devices, but Google wants to change that
Fast Pair makes it dead simple to connect your Bluetooth accessories to your Android device, but only four Google TV devices support it.
Forwarded from #TBOT: Take Back Our Tech
Media is too big
VIEW IN TELEGRAM
⚡️The Digital You: Built From Your Data
@takebackourtech
In this clip, I explain how your actions online—likes, searches, purchases—are constantly being tracked and used to build a digital profile of you. Not to serve you, but to predict, influence, and profit from your behavior.
They don’t need your permission. They already have your data.
📺 Learn how this system works—and what you can do to opt out.
Watch the full webinar here.
—
🫶 @takebackourtech
📩 WEBSITE & NEWSLETTER | 🎥 VIDEOS| XMPP | SUBSTACK
@takebackourtech
In this clip, I explain how your actions online—likes, searches, purchases—are constantly being tracked and used to build a digital profile of you. Not to serve you, but to predict, influence, and profit from your behavior.
They don’t need your permission. They already have your data.
📺 Learn how this system works—and what you can do to opt out.
Watch the full webinar here.
—
🫶 @takebackourtech
📩 WEBSITE & NEWSLETTER | 🎥 VIDEOS| XMPP | SUBSTACK