Forwarded from Gizchina.com
Discover If Your Xiaomi Device Is Getting HyperOS Now https://www.gizchina.com/xiaomi-phones/discover-if-your-xiaomi-device-is-getting-hyperos-now
Gizchina
Stay Updated: The Ultimate Guide to Xiaomi's HyperOS Rollout
Xiaomi is rolling out HyperOS globally, linking smartphones, smart home devices, and cars for a seamless “Human x Car x Home” ecosystem.
Forwarded from The Hacker News
Microsoft and Cloudflare just nuked a global phishing empire.
🔒 338 fake domains tied to “RaccoonO365” — a $355/month phishing-as-a-service — used to steal 5,000+ Microsoft 365 passwords across 94 countries were seized in a coordinated takedown.
Full story → https://thehackernews.com/2025/09/raccoono365-phishing-network-shut-down.html
🔒 338 fake domains tied to “RaccoonO365” — a $355/month phishing-as-a-service — used to steal 5,000+ Microsoft 365 passwords across 94 countries were seized in a coordinated takedown.
Full story → https://thehackernews.com/2025/09/raccoono365-phishing-network-shut-down.html
Forwarded from The Hacker News
⚠️ VPNs are failing modern security.
They give hackers room to move, lack real-time visibility & break the least-privilege rule.
🔑 Zero-trust is the only way forward—see how KeeperPAM shuts every backdoor.
Full story → https://thehackernews.com/expert-insights/2025/09/the-limitations-of-vpn-based-access-for.html
They give hackers room to move, lack real-time visibility & break the least-privilege rule.
🔑 Zero-trust is the only way forward—see how KeeperPAM shuts every backdoor.
Full story → https://thehackernews.com/expert-insights/2025/09/the-limitations-of-vpn-based-access-for.html
Forwarded from The Hacker News
🚨 DoJ slams BreachForums’ creator with 3 YEARS in prison
Conor “Pompompurin” Fitzpatrick, 22, finally gets hard time after an appeals court tossed his shockingly light 17-day sentence.
He ran a hacker marketplace with 14 BILLION stolen records—and was caught with child abuse material.
Full story → https://thehackernews.com/2025/09/doj-resentences-breachforums-founder-to.html
Conor “Pompompurin” Fitzpatrick, 22, finally gets hard time after an appeals court tossed his shockingly light 17-day sentence.
He ran a hacker marketplace with 14 BILLION stolen records—and was caught with child abuse material.
Full story → https://thehackernews.com/2025/09/doj-resentences-breachforums-founder-to.html
Forwarded from The Hacker News
🚨 Scattered Spider isn’t gone—and now hitting U.S. banks.
Hackers tricked an exec, hijacked Azure accounts, raided VMware servers & tried to steal cloud data.
Their “retirement” was a smokescreen.
Full story → https://thehackernews.com/2025/09/scattered-spider-resurfaces-with.html
Hackers tricked an exec, hijacked Azure accounts, raided VMware servers & tried to steal cloud data.
Their “retirement” was a smokescreen.
Full story → https://thehackernews.com/2025/09/scattered-spider-resurfaces-with.html
Forwarded from The Hacker News
Meet Georgetown's cybersecurity faculty on October 2 to learn more about the Cybersecurity Risk Management master's program.
Advance your cybersecurity career with Georgetown.
👉 View event: https://thn.news/scs-cybersec-2025
Advance your cybersecurity career with Georgetown.
👉 View event: https://thn.news/scs-cybersec-2025
Forwarded from The Hacker News
⚠️ Most “AI security” tools can’t see what your team pastes into ChatGPT or uploads to personal AI apps.
Bans? They just drive shadow AI deeper.
🔑 Real fix: last-mile, in-browser controls—redact, warn, allow—no clunky agents or network reroutes.
Full guide → https://thehackernews.com/2025/09/rethinking-ai-data-security-buyers-guide.html
Bans? They just drive shadow AI deeper.
🔑 Real fix: last-mile, in-browser controls—redact, warn, allow—no clunky agents or network reroutes.
Full guide → https://thehackernews.com/2025/09/rethinking-ai-data-security-buyers-guide.html
Forwarded from The Hacker News
🚨 China-backed hackers just impersonated top U.S. officials to steal intel.
They posed as the House China Committee chair & the U.S.-China Business Council, luring trade experts—then slipped in a Visual Studio Code backdoor.
Here’s the full report→ https://thehackernews.com/2025/09/chinese-ta415-uses-vs-code-remote.html
They posed as the House China Committee chair & the U.S.-China Business Council, luring trade experts—then slipped in a Visual Studio Code backdoor.
Here’s the full report→ https://thehackernews.com/2025/09/chinese-ta415-uses-vs-code-remote.html
Forwarded from The Hacker News
⚠️ Quantum hackers could shatter today’s encryption overnight.
🤖 AI attacks already trick 60%—breaches cost $10M+.
The cyber storm is here. Join our next expert WEBINAR to learn how to lock down your data before Q-day.
👉 Save your seat now ↓ https://thehackernews.com/2025/09/from-quantum-hacks-to-ai-defenses.html
🤖 AI attacks already trick 60%—breaches cost $10M+.
The cyber storm is here. Join our next expert WEBINAR to learn how to lock down your data before Q-day.
👉 Save your seat now ↓ https://thehackernews.com/2025/09/from-quantum-hacks-to-ai-defenses.html
Windows Task Scheduler has an entry (under COMODO group), COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921}
Located in:
AND the actual setting is @
... So, we have todisable it in Task Sheduler right-click and "Disable" which will change the "Hash" REG_BINARY value in the Registry.
Next in order for it to stick, take ownership of that Registry f. KEY https://superuser.com/questions/1682239/get-permission-for-registry-key and remove the "Full Control" entry for SYSTEM
... Leaving it as Read (Only); meaning that on next system reboot, COMODO Telemetry will remain Disabled. :)
#ShutUpAndDance
#EOF
w00t! 🙂
Located in:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921}AND the actual setting is @
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0270F065-4692-4A79-A84D-4743DFF07213}... So, we have to
Next in order for it to stick, take ownership of that Registry f. KEY https://superuser.com/questions/1682239/get-permission-for-registry-key and remove the "Full Control" entry for SYSTEM
... Leaving it as Read (Only); meaning that on next system reboot, COMODO Telemetry will remain Disabled. :)
#ShutUpAndDance
#EOF
w00t! 🙂
Forwarded from R0rt1z2’s Dumpster
Happy to share the public release of a PoC for Carbonara, a 2023 MediaTek DA1 exploit that has been used by multiple tools over the past few years but never before had a public release / information / reference.
The PoC is called penumbra, and it was fully developed from scratch by shomy! Make sure to check it out: https://github.com/shomykohai/penumbra! It also includes a great documentation.
She reverse engineered a paid GSM tool and, with a bit of help from me to understand the exploit mechanics, produced both the PoC and clear documentation explaining how the exploit works.
As a bonus, here's an MTKClient pull request that adds support for Carbonara, making the exploit available to other SoCs that aren't currently supported by penumbra.
Once again, huge thanks to shomy for the original research and implementation!
The PoC is called penumbra, and it was fully developed from scratch by shomy! Make sure to check it out: https://github.com/shomykohai/penumbra! It also includes a great documentation.
She reverse engineered a paid GSM tool and, with a bit of help from me to understand the exploit mechanics, produced both the PoC and clear documentation explaining how the exploit works.
As a bonus, here's an MTKClient pull request that adds support for Carbonara, making the exploit available to other SoCs that aren't currently supported by penumbra.
Once again, huge thanks to shomy for the original research and implementation!
Forwarded from NoGoolag
Media is too big
VIEW IN TELEGRAM
I Built a $20,000 Military Router for $106.23
https://www.youtube.com/watch?v=ofR7GFNZzJY
The Military contacted me...
I reverse-engineered a $20,000 military IP mesh radio using just $106.23 in open-source parts. This isn't a gimmick—it's a fully functional MANET router capable of push-to-talk, GPS sharing, ATAK integration, and more. In this video, I’ll show you how I built it, tested it, and deployed it in the real world—no subscriptions, no middlemen, just raw decentralized power. Whether you're off-grid, mission-ready, or just sick of Big Tech, this changes everything.
dataslayermedia
https://openmanet.net/
https://github.com/OpenMANET/
Build your own $20,000 MANET for $97 👉 https://buildwithparallel.com/products/haven
Buy On Pre-Built
https://morosx.com/
#mesh #router #openwrt #atak
https://www.youtube.com/watch?v=ofR7GFNZzJY
The Military contacted me...
I reverse-engineered a $20,000 military IP mesh radio using just $106.23 in open-source parts. This isn't a gimmick—it's a fully functional MANET router capable of push-to-talk, GPS sharing, ATAK integration, and more. In this video, I’ll show you how I built it, tested it, and deployed it in the real world—no subscriptions, no middlemen, just raw decentralized power. Whether you're off-grid, mission-ready, or just sick of Big Tech, this changes everything.
dataslayermedia
https://openmanet.net/
https://github.com/OpenMANET/
Build your own $20,000 MANET for $97 👉 https://buildwithparallel.com/products/haven
Buy On Pre-Built
https://morosx.com/
#mesh #router #openwrt #atak
Forwarded from Wild Kernels Bot
Wild_KSU_v0.0.99_13846-release.apk
17.3 MB
🔧 CI Manager (TEST BUILD) #ci_3646
📝 fix: replace deprecated Icons.Outlined.HelpOutline with AutoMirrored version
🔗 Commit: https://github.com/WildKernels/Wild_KSU/commit/a2d915eb9998f27a4e1611ac7099da9d7fbcb64f
🏃 Workflow: https://github.com/WildKernels/Wild_KSU/actions/runs/17721545976
📝 fix: replace deprecated Icons.Outlined.HelpOutline with AutoMirrored version
🔗 Commit: https://github.com/WildKernels/Wild_KSU/commit/a2d915eb9998f27a4e1611ac7099da9d7fbcb64f
🏃 Workflow: https://github.com/WildKernels/Wild_KSU/actions/runs/17721545976
Wild_KSU_v0.0.99-spoofed_13846-release.apk
17.3 MB
🔧 Spoofed Manager (TEST BUILD) #spoofed_3646
📝 fix: replace deprecated Icons.Outlined.HelpOutline with AutoMirrored version
🔗 Commit: https://github.com/WildKernels/Wild_KSU/commit/a2d915eb9998f27a4e1611ac7099da9d7fbcb64f
🏃 Workflow: https://github.com/WildKernels/Wild_KSU/actions/runs/17721545976
📝 fix: replace deprecated Icons.Outlined.HelpOutline with AutoMirrored version
🔗 Commit: https://github.com/WildKernels/Wild_KSU/commit/a2d915eb9998f27a4e1611ac7099da9d7fbcb64f
🏃 Workflow: https://github.com/WildKernels/Wild_KSU/actions/runs/17721545976
Forwarded from Tech & Leaks Zone
Interestingly:
As we know, the exploit has been patched on newer devices. From what I could confirm, devices released after in 2024 and after are patched against Carbonara, but some are still vulnerable anyway (most likely, OEMs not pulling mediatek patches in time).
Some devices I could confirm being vulnerable are:
- Moto G23/G13
- Moto G24
- Honor 200 Lite
https://github.com/bkerler/mtkclient/pull/1558#issue-3426045597
As we know, the exploit has been patched on newer devices. From what I could confirm, devices released after in 2024 and after are patched against Carbonara, but some are still vulnerable anyway (most likely, OEMs not pulling mediatek patches in time).
Some devices I could confirm being vulnerable are:
- Moto G23/G13
- Moto G24
- Honor 200 Lite
https://github.com/bkerler/mtkclient/pull/1558#issue-3426045597
GitHub
Serve Carbonara by shomykohai · Pull Request #1558 · bkerler/mtkclient
Hi @bkerler!
I recently rediscovered Carbonara exploit, and used the opportunity to make my own mtk tool: penumbra.
I used mtkclient and logs to study how the protocol works, as well as taking some...
I recently rediscovered Carbonara exploit, and used the opportunity to make my own mtk tool: penumbra.
I used mtkclient and logs to study how the protocol works, as well as taking some...