This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from The Hacker News
🤦 Hackers built #ransomware — then left the key behind.
CyberVolk’s new VolkLocker targets 💻 Windows and 🐧 Linux.
The flaw? the lock key is hard-coded and saved as a plain file on the system.
Files can be unlocked for free — but after 48 hours, it can wipe 🗑️ personal folders.
🔗 Read: https://thehackernews.com/2025/12/volklocker-ransomware-exposed-by-hard.html
CyberVolk’s new VolkLocker targets 💻 Windows and 🐧 Linux.
The flaw? the lock key is hard-coded and saved as a plain file on the system.
Files can be unlocked for free — but after 48 hours, it can wipe 🗑️ personal folders.
🔗 Read: https://thehackernews.com/2025/12/volklocker-ransomware-exposed-by-hard.html
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from The Hacker News
🚨 Active phishing attacks in Russia spread Phantom Stealer.
Fake bank transfer emails use ISO attachments. The malware steals browser data, crypto wallets, passwords, and files, then sends them out via Telegram or Discord.
Finance, payroll, accounting, and legal teams are the main targets.
🔗 Read: https://thehackernews.com/2025/12/phantom-stealer-spread-by-iso-phishing.html
Fake bank transfer emails use ISO attachments. The malware steals browser data, crypto wallets, passwords, and files, then sends them out via Telegram or Discord.
Finance, payroll, accounting, and legal teams are the main targets.
🔗 Read: https://thehackernews.com/2025/12/phantom-stealer-spread-by-iso-phishing.html
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from The Hacker News
⚡ Your SaaS wasn’t hacked. It was impersonated via the browser.
Attackers ran clean, verified Chrome and Edge extensions for years. Millions of installs. One silent update flipped them into spyware.
Not a device attack. Not a cloud breach. Both at once. The browser sat in the middle, unseen, holding the keys.
🔗 Learn more: https://thehackernews.com/2025/12/a-browser-extension-risk-guide-after.html
Attackers ran clean, verified Chrome and Edge extensions for years. Millions of installs. One silent update flipped them into spyware.
Not a device attack. Not a cloud breach. Both at once. The browser sat in the middle, unseen, holding the keys.
🔗 Learn more: https://thehackernews.com/2025/12/a-browser-extension-risk-guide-after.html
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from The Hacker News
Sensitive data is everywhere: SaaS, cloud, AI pipelines, and most teams can’t see it.
That’s why DSPM is becoming a top security priority for 2026.
Next-gen DSPM goes beyond visibility→ real-time context, automation, and AI-aware protection.
Learn more: https://thn.news/dspm-top-tools
That’s why DSPM is becoming a top security priority for 2026.
Next-gen DSPM goes beyond visibility→ real-time context, automation, and AI-aware protection.
Learn more: https://thn.news/dspm-top-tools
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from The Hacker News
FreePBX’s worst flaw isn’t a bug — it’s a legacy setting.
If AUTHTYPE is set to webserver, attackers can fake a login header and get admin access. From there, they can add their own user and run code on the system.
Default configs are safe. Old tweaks aren’t.
🔗 Read: https://thehackernews.com/2025/12/freepbx-authentication-bypass-exposed.html
If AUTHTYPE is set to webserver, attackers can fake a login header and get admin access. From there, they can add their own user and run code on the system.
Default configs are safe. Old tweaks aren’t.
🔗 Read: https://thehackernews.com/2025/12/freepbx-authentication-bypass-exposed.html
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM
Forwarded from It's FOSS
YouTube's AI-powered moderation system needs to be held accountable.
https://itsfoss.com/news/youtubes-ai-mod-enshittification/
https://itsfoss.com/news/youtubes-ai-mod-enshittification/
It's FOSS
YouTube’s AI is Breaking the Creator Ecosystem
A moderation system that leans on automation just knocked legitimate tech tutorials and even entire channels offline. The appeals felt automated, too. Creators are powerless against opaque enforcement and the incentives that should favor craft and trust are…
This media is not supported in your browser
VIEW IN TELEGRAM
This media is not supported in your browser
VIEW IN TELEGRAM