PAM isn’t just a cybersecurity tool. It’s a game-changer for operational efficiency, compliance & security.

• Enforces the principle of least privilege
• Boosts regulatory compliance
• Protects from evolving threats

Don’t miss out on this essential shift in cybersecurity leadership.

Read: https://thehackernews.com/2025/02/the-evolving-role-of-pam-in.html

⚠️ Big names like LockBit and BlackCat are collapsing, but smaller players are multiplying. Cybercriminals raked in $813.5M from ransomware in 2024—a sharp drop from $1.25B in 2023.

Smaller, faster, and more dangerous—ransomware just got a whole lot trickier.

Get the full insights: https://thehackernews.com/2025/02/ransomware-extortion-drops-to-8135m-in.html

Bogus websites masquerading as Google Chrome are now distributing ValleyRAT—an evolving remote access trojan.

Targeting high-value roles in finance, accounting, and sales, this threat actor—Silver Fox—strategically targets sensitive systems.

Read the full report: https://thehackernews.com/2025/02/fake-google-chrome-sites-distribute.html

🚨 URGENT: Attackers are exploiting newly discovered flaws in SimpleHelp RMM software to establish persistent access to networks and deploy ransomware.

CVE-2024-57726, CVE-2024-57727, CVE-2024-57728: Flaws enabling privilege escalation, remote code execution.

👉 Secure your systems and read the full details: https://thehackernews.com/2025/02/hackers-exploit-simplehelp-rmm-flaws.html

The RBI is introducing a dedicated "bank[.]in" domain to combat digital fraud and secure digital transactions.

Read the full article: https://thehackernews.com/2025/02/indias-rbi-introduces-exclusive-bankin.html

🚨 Alert: Publicly exposed ASP'NET machine keys could give attackers an easy way to infiltrate your systems.

🔑 Over 3,000 keys are now available for exploitation. Microsoft reveals how attackers can inject malicious code using these keys to gain remote code execution.

🔗 Read full article: https://thehackernews.com/2025/02/microsoft-identifies-3000-publicly.html

🚨 CISA warns of active exploitation in Trimble Cityworks GIS software, with a high-severity vulnerability (CVE-2025-0994, CVSS 8.6) being weaponized in the wild.

If left unpatched, attackers could gain unauthorized access and deploy harmful payloads like Cobalt Strike and VShell.

Read: https://thehackernews.com/2025/02/cisa-warns-of-active-exploitation-in.html

🔒 AI-Powered Social Engineering is Here – And It's Evolving FAST!

Criminals are automating and personalizing attacks, making them more effective than ever.

AI-generated phishing emails and deepfake CFOs are tricking employees into transferring millions.

👉 Learn how to equip your workforce to spot deception: https://thehackernews.com/2025/02/ai-powered-social-engineering.html

🛑 DeepSeek's iOS app is transmitting sensitive user data without encryption to a cloud platform linked to ByteDance (TikTok), leaving it wide open to hackers.

👉 See the full story and analysis here: https://thehackernews.com/2025/02/deepseek-app-transmits-sensitive-user.html

⚠️ Researchers have uncovered two malicious ML models on Hugging Face using a new attack method—"broken" pickle files—to bypass detection.

These models execute a reverse shell right from the start, connecting to a hard-coded IP.

🔧 Learn more: https://thehackernews.com/2025/02/malicious-ml-models-found-on-hugging.html

The situation is NOT good. (post summarized by ChatGPT)

Hector Martin discusses a controversial forced update for Google Pixel 4a that appears to significantly reduce battery capacity. The update introduces a new kernel, but it was built on an engineer’s personal machine rather than the proper build system, violating GPL rules and showing signs of a rushed implementation.

Critically, the update lowers the maximum charge voltage from 4.44V to 3.95V, which directly impacts battery performance. This change only affects Lishen (LSN) batteries, while Sunwoda (ATL) batteries remain unaffected. A new “debug” battery profile cuts capacity in half (3080mAh → 1539mAh), suggesting deliberate throttling.

Users can check their battery type by looking at the number next to the QR code—8230015901 indicates ATL (good), while 8230020501 is LSN (bad).

https://social.treehouse.systems/@marcan/113914172433692339

This is the forced update for the pixel 4a for those who didn't understand the context of the post yet

Google dual sourced battery for the Pixel 4a for cost cutting. The ATL battery models 4a are unaffected and going good as usual.
However, with the Lishen battery model, Google is quite serious with the 4a to avoid a class action lawsuit.

https://www.reddit.com/r/Pixel4a/comments/1id6zw8/attention_google_customer_service_said_device/

25 year old Rhiannon Evans of Wales, the United Kingdom, has been sentenced for a short stinted cyber harassment campaign which consisted of her farting into her cell phone camera.

As a result of an on-going child custody conflict, Ms. Evans began sending Deborah Prytherech videos of herself farting into her phone camera.

From December 22nd, 2024 - January 1st, 2025, Ms. Evans continued to send videos of herself farting into her cell phone camera, subsequently turning the camera toward her face, and smiling, to Deborah Prytherech several times a day.

Deborah Prytherech went to the police. Local authorities found the messages indecent or grossly offensive.

Representatives of Ms. Evans state Ms. Evans had been under the influence of alcohol and did not intend to cause distress to Deborah Prytherech. Court officials disagreed and asserted Ms. Evans smiling following each fart was sufficient to prove malicious intent.

Ms. Evans has been sentenced to:
- £100 in compensation to the victim
- £199 in court costs
- Abstain from alcohol for two months
- Complete 15 rehabilitation sessions
- A two-year restraining order prohibiting contact with Deborah Prytherech