Forwarded from The Hacker News
Warning: Hackers found a VS Code Marketplace loophole—deleted extension names can be reused by anyone.
One group already slipped in ransomware that demands Shiba Inu tokens.
If a popular extension is removed, its name is up for grabs.
Here’s why this is a supply chain nightmare ↓ https://thehackernews.com/2025/08/researchers-find-vs-code-flaw-allowing.html
One group already slipped in ransomware that demands Shiba Inu tokens.
If a popular extension is removed, its name is up for grabs.
Here’s why this is a supply chain nightmare ↓ https://thehackernews.com/2025/08/researchers-find-vs-code-flaw-allowing.html
Forwarded from The Hacker News
🚨 A fake PDF editor is hijacking Google ads—tricking users into downloading TamperedChef, a new info-stealing malware.
It steals logins, cookies & even backdoors your system. The worst part? It hid for 56 days before activating.
Read → https://thehackernews.com/2025/08/tamperedchef-malware-disguised-as-fake.html
It steals logins, cookies & even backdoors your system. The worst part? It hid for 56 days before activating.
Read → https://thehackernews.com/2025/08/tamperedchef-malware-disguised-as-fake.html
Forwarded from The Hacker News
🚨 Google says the Salesloft Drift breach is much larger than believed.
All Drift integrations should be treated as compromised.
Revoke, rotate, investigate.
Details here → https://thehackernews.com/2025/08/google-warns-salesloft-oauth-breach.html
All Drift integrations should be treated as compromised.
Revoke, rotate, investigate.
Details here → https://thehackernews.com/2025/08/google-warns-salesloft-oauth-breach.html
Forwarded from The Hacker News
🚨 FBI & Dutch police just shut down VerifTools—a dark web hub selling fake passports & driver’s licenses for as little as $9.
BUT within hours, operators relaunched under a new domain.
Criminals used it to bypass KYC checks & steal millions in crypto.
Here’s what’s next ↓ https://thehackernews.com/2025/08/feds-seize-64m-veriftools-fake-id.html
BUT within hours, operators relaunched under a new domain.
Criminals used it to bypass KYC checks & steal millions in crypto.
Here’s what’s next ↓ https://thehackernews.com/2025/08/feds-seize-64m-veriftools-fake-id.html
Forwarded from The Hacker News
🚨 FreePBX zero-day under active attack.
Hackers are exploiting a CVSS 10.0 flaw to hijack systems, drop backdoors & potentially gain root access. If your admin panel is exposed online, assume compromise.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/freepbx-servers-targeted-by-zero-day.html
Hackers are exploiting a CVSS 10.0 flaw to hijack systems, drop backdoors & potentially gain root access. If your admin panel is exposed online, assume compromise.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/freepbx-servers-targeted-by-zero-day.html
Forwarded from The Hacker News
🚨 Passwordstate, used by 29,000 orgs worldwide, just patched a critical flaw.
A crafted URL could bypass its emergency access page — exposing credentials.
Researchers also warn its browser extension was at risk of clickjacking: one bad click could leak logins, cards, even 2FA codes.
Full details here → https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html
A crafted URL could bypass its emergency access page — exposing credentials.
Researchers also warn its browser extension was at risk of clickjacking: one bad click could leak logins, cards, even 2FA codes.
Full details here → https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html
Forwarded from Tech & Leaks Zone
Qualcomm garbage naming scheme strikes again
Snapdragon 8 Gen 4 ❌
Snapdragon 8 Elite ✅
Snapdragon 8 Gen 5 ❌
Snapdragon 8 Elite 2 ❌
Snapdragon 8 Elite Gen 5 ✅
https://fixvx.com/9550pro/status/1961235804195623005
Snapdragon 8 Gen 4 ❌
Snapdragon 8 Elite ✅
Snapdragon 8 Gen 5 ❌
Snapdragon 8 Elite 2 ❌
Snapdragon 8 Elite Gen 5 ✅
https://fixvx.com/9550pro/status/1961235804195623005
Forwarded from Tech & Leaks Zone
Another engineering Sample of Exynos 2600 appeared on Geekbench 6
Samsung Exynos 2600 is manufactured by Samsung Foundry on its 2nm process and it may power the Galaxy S26 series.
CPU:
• 1x Cortex- X930 @ 3.8GHz
• 3x Cortex- A730 @ 3.25GHz
• 6x Cortex- A730 @ 2.75GHz
Thus, a deca-core chip of 1+3+6 configuration. The most interesting part is that, all the cores are either medium or high performance cores, thus Exynos 2600 will completely ditch the useless little cores. Link: https://browser.geekbench.com/v6/cpu/13551451
Geekbench 6.4 scores
Single-core: 3309
Multi-core: 11256
Follow @TechLeaksZone
Samsung Exynos 2600 is manufactured by Samsung Foundry on its 2nm process and it may power the Galaxy S26 series.
CPU:
• 1x Cortex- X930 @ 3.8GHz
• 3x Cortex- A730 @ 3.25GHz
• 6x Cortex- A730 @ 2.75GHz
Thus, a deca-core chip of 1+3+6 configuration. The most interesting part is that, all the cores are either medium or high performance cores, thus Exynos 2600 will completely ditch the useless little cores. Link: https://browser.geekbench.com/v6/cpu/13551451
Geekbench 6.4 scores
Single-core: 3309
Multi-core: 11256
Follow @TechLeaksZone
Forwarded from The Hacker News
🚨 Hackers hijacked an abandoned Sogou Zhuyin update server—turning old software into a weapon.
Hundreds of victims, from Taiwan to the U.S., were hit with spyware & backdoors disguised as legit updates.
Even Wikipedia links pointed users to malware.
Read → https://thehackernews.com/2025/08/abandoned-sogou-zhuyin-update-server.html
Hundreds of victims, from Taiwan to the U.S., were hit with spyware & backdoors disguised as legit updates.
Even Wikipedia links pointed users to malware.
Read → https://thehackernews.com/2025/08/abandoned-sogou-zhuyin-update-server.html
Forwarded from The Hacker News
Russia’s APT29 hacked legit websites—secretly redirecting ~10% of visitors into fake “Cloudflare” pages to hijack Microsoft accounts.
Amazon flagged and disrupted the campaign, but the group quickly spun up new domains.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/amazon-disrupts-apt29-watering-hole.html
Amazon flagged and disrupted the campaign, but the group quickly spun up new domains.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/amazon-disrupts-apt29-watering-hole.html
Forwarded from Android Security & Malware
GodFather - Part 1 - A multistage dropper
https://shindan.io/blog/godfather-part-1-a-multistage-dropper
https://shindan.io/blog/godfather-part-1-a-multistage-dropper
shindan.io
Blog - GodFather - Part 1 - A multistage dropper
Shindan est une application SaaS, mobile et desktop qui détecte les compromissions et vulnérabilités sur smartphones et tablettes, sans accès aux données personnelles. Obtenez un diagnostic rapide et précis pour protéger vos VIP et collaborateurs.
Forwarded from Bones' Tech Garage
We agree on FOSS apps and Phone service.
https://www.makeuseof.com/cant-believe-people-pay-these-subscriptions/
https://www.makeuseof.com/cant-believe-people-pay-these-subscriptions/
MUO
I can’t believe people still pay for these subscriptions
Some subscriptions are worth the recurring cost, but not these ones.