Forwarded from The Hacker News
North Korea’s hackers just unleashed RokRAT again.
🎯 Targets: academics, ex-officials & researchers in South Korea.
📩 Disguised as an intelligence newsletter—opens a PDF decoy while stealing everything from files to screenshots via Dropbox & Google Cloud.
Read ↓ https://thehackernews.com/2025/09/scarcruft-uses-rokrat-malware-in.html
🎯 Targets: academics, ex-officials & researchers in South Korea.
📩 Disguised as an intelligence newsletter—opens a PDF decoy while stealing everything from files to screenshots via Dropbox & Google Cloud.
Read ↓ https://thehackernews.com/2025/09/scarcruft-uses-rokrat-malware-in.html
Forwarded from Android Security & Malware
Threat Actors Use Facebook Ads to Deliver Android Malware
https://www.bitdefender.com/en-us/blog/labs/malvertising-campaign-on-meta-expands-to-android-pushing-advanced-crypto-stealing-malware-to-users-worldwide
https://www.bitdefender.com/en-us/blog/labs/malvertising-campaign-on-meta-expands-to-android-pushing-advanced-crypto-stealing-malware-to-users-worldwide
Bitdefender Labs
Malvertising Campaign on Meta Expands to Android, Pushing Advanced Crypto-Stealing Malware to Users Worldwide
Many people believe that smartphones are somehow less of a target for threat actors.
Forwarded from Android Security & Malware
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
https://gbhackers.com/whatsapp-zero-day-vulnerability-exploited-with-0-click-attacks/
https://gbhackers.com/whatsapp-zero-day-vulnerability-exploited-with-0-click-attacks/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
WhatsApp Zero-Day Vulnerability Exploited with 0-Click Attacks to Hack Apple Devices
WhatsApp zero-day vulnerability CVE-2025-55177 is currently under active exploitation, with a critical advisory issued as attackers target iOS and Mac devices.
Forwarded from Android Security & Malware
SikkahBot Malware Campaign Lures and Defrauds Students in Bangladesh
https://cyble.com/blog/sikkahbot-malware-defrauds-students-in-bangladesh/
https://cyble.com/blog/sikkahbot-malware-defrauds-students-in-bangladesh/
Cyble
SikkahBot Malware Campaign Defrauds Students In Bangladesh
Cyble Research and Intelligence Labs (CRIL) has uncovered “SikkahBot”, a new Android malware campaign targeting students in Bangladesh since July 2024.
Forwarded from Android Security & Malware
SSLPinDetect: Advanced SSL Pinning Detection for Android Security Analysis
Blog: https://petruknisme.medium.com/sslpindetect-advanced-ssl-pinning-detection-for-android-security-analysis-1390e9eca097
Tool: https://github.com/aancw/SSLPinDetect
Blog: https://petruknisme.medium.com/sslpindetect-advanced-ssl-pinning-detection-for-android-security-analysis-1390e9eca097
Tool: https://github.com/aancw/SSLPinDetect
Medium
SSLPinDetect: Advanced SSL Pinning Detection for Android Security Analysis
In the ever-evolving landscape of mobile application security, SSL pinning has become a crucial defense mechanism against man-in-the-middle…
#A14 #Official #TD #GSI #iodéOS #LineageOS
BD: 2025 09 01
SPL: August
iodéOS-5.16-20250901
Note
Maintainer: iodé.tech
Download: LINK
@TrebleGsis_PrivacySecure_Chat
@TrebleGsis_PrivacySecure_Channel
BD: 2025 09 01
SPL: August
iodéOS-5.16-20250901
iodéOS is an Android based Operating System freed from Google trackers. iodéOS analyses in real-time connection attempts from your apps and allows you to:
see the identity of all recipients and the quantity of data they wish to collect
block if you want malicious recipients (advertisements, malwares, spams, statistics & trackers)
measure how privacy-respectful your apps are
Note
A new beta OTA has been push for all versions (including GSI), with August security patch included. It has finally been merged into Lineage for v4 and v5.
Maintainer: iodé.tech
Download: LINK
@TrebleGsis_PrivacySecure_Chat
@TrebleGsis_PrivacySecure_Channel
Forwarded from The Hacker News
🚨 80% of cyber incidents now start in the browser.
Enter Scattered Spider—a hacking group that hijacks Chrome & Edge sessions to steal logins, cookies, even your calendar.
The scary part? MFA won’t save you.
Here’s how they do it—and how to stop them ↓ https://thehackernews.com/2025/09/when-browsers-become-attack-surface.html
Enter Scattered Spider—a hacking group that hijacks Chrome & Edge sessions to steal logins, cookies, even your calendar.
The scary part? MFA won’t save you.
Here’s how they do it—and how to stop them ↓ https://thehackernews.com/2025/09/when-browsers-become-attack-surface.html
Forwarded from The Hacker News
🔒 One week. Multiple pivots.
Attackers aren’t picking one door anymore—they’re breaking through all of them at once.
From apps to cloud to supply chains, here’s how cyber risk is morphing into a blended threat.
Full recap → https://thehackernews.com/2025/09/weekly-recap-whatsapp-0-day-docker-bug.html
Attackers aren’t picking one door anymore—they’re breaking through all of them at once.
From apps to cloud to supply chains, here’s how cyber risk is morphing into a blended threat.
Full recap → https://thehackernews.com/2025/09/weekly-recap-whatsapp-0-day-docker-bug.html