Forwarded from The Hacker News
🚨 Google says the Salesloft Drift breach is much larger than believed.
All Drift integrations should be treated as compromised.
Revoke, rotate, investigate.
Details here → https://thehackernews.com/2025/08/google-warns-salesloft-oauth-breach.html
All Drift integrations should be treated as compromised.
Revoke, rotate, investigate.
Details here → https://thehackernews.com/2025/08/google-warns-salesloft-oauth-breach.html
Forwarded from The Hacker News
🚨 FBI & Dutch police just shut down VerifTools—a dark web hub selling fake passports & driver’s licenses for as little as $9.
BUT within hours, operators relaunched under a new domain.
Criminals used it to bypass KYC checks & steal millions in crypto.
Here’s what’s next ↓ https://thehackernews.com/2025/08/feds-seize-64m-veriftools-fake-id.html
BUT within hours, operators relaunched under a new domain.
Criminals used it to bypass KYC checks & steal millions in crypto.
Here’s what’s next ↓ https://thehackernews.com/2025/08/feds-seize-64m-veriftools-fake-id.html
Forwarded from The Hacker News
🚨 FreePBX zero-day under active attack.
Hackers are exploiting a CVSS 10.0 flaw to hijack systems, drop backdoors & potentially gain root access. If your admin panel is exposed online, assume compromise.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/freepbx-servers-targeted-by-zero-day.html
Hackers are exploiting a CVSS 10.0 flaw to hijack systems, drop backdoors & potentially gain root access. If your admin panel is exposed online, assume compromise.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/freepbx-servers-targeted-by-zero-day.html
Forwarded from The Hacker News
🚨 Passwordstate, used by 29,000 orgs worldwide, just patched a critical flaw.
A crafted URL could bypass its emergency access page — exposing credentials.
Researchers also warn its browser extension was at risk of clickjacking: one bad click could leak logins, cards, even 2FA codes.
Full details here → https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html
A crafted URL could bypass its emergency access page — exposing credentials.
Researchers also warn its browser extension was at risk of clickjacking: one bad click could leak logins, cards, even 2FA codes.
Full details here → https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html
Forwarded from Tech & Leaks Zone
Qualcomm garbage naming scheme strikes again
Snapdragon 8 Gen 4 ❌
Snapdragon 8 Elite ✅
Snapdragon 8 Gen 5 ❌
Snapdragon 8 Elite 2 ❌
Snapdragon 8 Elite Gen 5 ✅
https://fixvx.com/9550pro/status/1961235804195623005
Snapdragon 8 Gen 4 ❌
Snapdragon 8 Elite ✅
Snapdragon 8 Gen 5 ❌
Snapdragon 8 Elite 2 ❌
Snapdragon 8 Elite Gen 5 ✅
https://fixvx.com/9550pro/status/1961235804195623005
Forwarded from Tech & Leaks Zone
Another engineering Sample of Exynos 2600 appeared on Geekbench 6
Samsung Exynos 2600 is manufactured by Samsung Foundry on its 2nm process and it may power the Galaxy S26 series.
CPU:
• 1x Cortex- X930 @ 3.8GHz
• 3x Cortex- A730 @ 3.25GHz
• 6x Cortex- A730 @ 2.75GHz
Thus, a deca-core chip of 1+3+6 configuration. The most interesting part is that, all the cores are either medium or high performance cores, thus Exynos 2600 will completely ditch the useless little cores. Link: https://browser.geekbench.com/v6/cpu/13551451
Geekbench 6.4 scores
Single-core: 3309
Multi-core: 11256
Follow @TechLeaksZone
Samsung Exynos 2600 is manufactured by Samsung Foundry on its 2nm process and it may power the Galaxy S26 series.
CPU:
• 1x Cortex- X930 @ 3.8GHz
• 3x Cortex- A730 @ 3.25GHz
• 6x Cortex- A730 @ 2.75GHz
Thus, a deca-core chip of 1+3+6 configuration. The most interesting part is that, all the cores are either medium or high performance cores, thus Exynos 2600 will completely ditch the useless little cores. Link: https://browser.geekbench.com/v6/cpu/13551451
Geekbench 6.4 scores
Single-core: 3309
Multi-core: 11256
Follow @TechLeaksZone
Forwarded from The Hacker News
🚨 Hackers hijacked an abandoned Sogou Zhuyin update server—turning old software into a weapon.
Hundreds of victims, from Taiwan to the U.S., were hit with spyware & backdoors disguised as legit updates.
Even Wikipedia links pointed users to malware.
Read → https://thehackernews.com/2025/08/abandoned-sogou-zhuyin-update-server.html
Hundreds of victims, from Taiwan to the U.S., were hit with spyware & backdoors disguised as legit updates.
Even Wikipedia links pointed users to malware.
Read → https://thehackernews.com/2025/08/abandoned-sogou-zhuyin-update-server.html
Forwarded from The Hacker News
Russia’s APT29 hacked legit websites—secretly redirecting ~10% of visitors into fake “Cloudflare” pages to hijack Microsoft accounts.
Amazon flagged and disrupted the campaign, but the group quickly spun up new domains.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/amazon-disrupts-apt29-watering-hole.html
Amazon flagged and disrupted the campaign, but the group quickly spun up new domains.
Here’s what you need to know ↓ https://thehackernews.com/2025/08/amazon-disrupts-apt29-watering-hole.html
Forwarded from Android Security & Malware
GodFather - Part 1 - A multistage dropper
https://shindan.io/blog/godfather-part-1-a-multistage-dropper
https://shindan.io/blog/godfather-part-1-a-multistage-dropper
shindan.io
Blog - GodFather - Part 1 - A multistage dropper
Shindan est une application SaaS, mobile et desktop qui détecte les compromissions et vulnérabilités sur smartphones et tablettes, sans accès aux données personnelles. Obtenez un diagnostic rapide et précis pour protéger vos VIP et collaborateurs.
Forwarded from Bones' Tech Garage
We agree on FOSS apps and Phone service.
https://www.makeuseof.com/cant-believe-people-pay-these-subscriptions/
https://www.makeuseof.com/cant-believe-people-pay-these-subscriptions/
MUO
I can’t believe people still pay for these subscriptions
Some subscriptions are worth the recurring cost, but not these ones.
Forwarded from #TBOT: Take Back Our Tech
Media is too big
VIEW IN TELEGRAM
🙏 Finding an XMPP Server: The Easy Way
Read the full article on Substack
If you’ve been following the show you know I recommend XMPP as the only true decentralized messaging protocol.
Why?
- Anyone can run their own server
- XMPP is an open protocol, and most XMPP software is open source
- Registering is simple and free
- XMPP comes with great features such as end to end encrypted messaging, encrypted voice & video calls, file sharing, and more
Because XMPP is decentralized, different servers can choose to implement different features. This means picking the right server is important. This used to be difficult, but now a new effort by a team of XMPP community veterans solves this problem.
https://providers.xmpp.net
The XMPP Providers resource is a collaborative effort to collect and categorize XMPP providers based on their features.
—
🫶 @takebackourtech
📩 WEBSITE & NEWSLETTER | 🎥 VIDEOS| XMPP | SUBSTACK
Read the full article on Substack
If you’ve been following the show you know I recommend XMPP as the only true decentralized messaging protocol.
Why?
- Anyone can run their own server
- XMPP is an open protocol, and most XMPP software is open source
- Registering is simple and free
- XMPP comes with great features such as end to end encrypted messaging, encrypted voice & video calls, file sharing, and more
Because XMPP is decentralized, different servers can choose to implement different features. This means picking the right server is important. This used to be difficult, but now a new effort by a team of XMPP community veterans solves this problem.
https://providers.xmpp.net
The XMPP Providers resource is a collaborative effort to collect and categorize XMPP providers based on their features.
—
🫶 @takebackourtech
📩 WEBSITE & NEWSLETTER | 🎥 VIDEOS| XMPP | SUBSTACK
Forwarded from Gizchina.com
2.5 Billion Gmail Users Advised to Harden Accounts After Salesforce Data Theft! https://www.gizchina.com/google-2/25-billion-gmail-users-advised-to-harden-accounts-after-salesforce-data-theft
Gizchina
2.5 Billion Gmail Users Advised to Harden Accounts After Salesforce Data Theft!
More than 2.5B Gmail users urged to review security after Salesforce-linked theft. Find practical steps to reduce scam and takeover risk now.