Forwarded from Hacker News
Forwarded from Hacker News
wiz.io
Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blog
A publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams with highly sensitive information.
Forwarded from Hacker News
GitHub
GitHub - transformerlab/transformerlab-app: Open Source Machine Learning Research Platform designed for frontier AI/ML workflows.…
Open Source Machine Learning Research Platform designed for frontier AI/ML workflows. Local, on-prem, or in the cloud. Open source. - transformerlab/transformerlab-app
#A15 #Unofficial #TD #GSI #VoltageOS #AOSP
Build Date: 2025 03 21
February 2025 Security Patch
VoltageOS 4.2-20250321.142314
Latest
Changelog
Maintainer: Chrisaw
Download
@treblegsis_privacysecure_chat
@treblegsis_privacysecure_channel
Build Date: 2025 03 21
February 2025 Security Patch
VoltageOS 4.2-20250321.142314
Latest
Changelog
Add check to only apply "ponces" securize patch IF you're NOT running a full gapps build - conflicts with Voltage GMS spoofing feature
Removed Bluetooth patch - made ongoing BT issues some users are having worse
Stop spoofing security patch level - leads to confusion and as far as I'm aware adds no real benefit when not running full gapps
Maintainer: Chrisaw
Download
@treblegsis_privacysecure_chat
@treblegsis_privacysecure_channel
Forwarded from The Hacker News
👀 While the world was distracted…
China’s Aquatic Panda ran a 10-month global spy op in 2022—hitting the U.S., France, Taiwan & more.
🕵️ Code-named Operation FishMedley
đź’» Used malware like ShadowPad & SodaMaster
đź’Ł Targets: Think tanks, NGOs, governments
See how it worked ⬇️ https://thehackernews.com/2025/03/china-linked-apt-aquatic-panda-10-month.html
China’s Aquatic Panda ran a 10-month global spy op in 2022—hitting the U.S., France, Taiwan & more.
🕵️ Code-named Operation FishMedley
đź’» Used malware like ShadowPad & SodaMaster
đź’Ł Targets: Think tanks, NGOs, governments
See how it worked ⬇️ https://thehackernews.com/2025/03/china-linked-apt-aquatic-panda-10-month.html
Forwarded from The Hacker News
78% of orgs are vulnerable to a 9.8 CVSS attack—not due to advanced hacks, but basic mDNS spoofing. 👀
Vonahi Security ran 10,000+ internal pentests in 2024. The top risks weren’t zero-days—they were simple, fixable flaws:
• 78% – mDNS spoofing
• 73% – NBNS spoofing
• 66% – LLMNR spoofing
• 50% – misconfigs
• 25% – outdated Windows
• 20% – weak passwords
Most orgs rely on firewalls & SIEMs—but skip real testing.
⚡ Automate it. Stay ahead. Attackers don’t wait. Your security testing shouldn’t either.
👉 Test your network: https://thehackernews.com/2025/03/10-critical-network-pentest-findings-it.html
Vonahi Security ran 10,000+ internal pentests in 2024. The top risks weren’t zero-days—they were simple, fixable flaws:
• 78% – mDNS spoofing
• 73% – NBNS spoofing
• 66% – LLMNR spoofing
• 50% – misconfigs
• 25% – outdated Windows
• 20% – weak passwords
Most orgs rely on firewalls & SIEMs—but skip real testing.
⚡ Automate it. Stay ahead. Attackers don’t wait. Your security testing shouldn’t either.
👉 Test your network: https://thehackernews.com/2025/03/10-critical-network-pentest-findings-it.html
Forwarded from The Hacker News
🔥 Ransomware just leveled up.
Medusa RaaS is now using a malicious driver—ABYSSWORKER—to kill EDR tools on sight. Signed with stolen Chinese certs, it poses as a legit CrowdStrike driver to slip past defenses.
🛠️ Includes codes to disable antivirus, kill processes, and reboot machines.
See the full breakdown → https://thehackernews.com/2025/03/medusa-ransomware-uses-malicious-driver.html
Medusa RaaS is now using a malicious driver—ABYSSWORKER—to kill EDR tools on sight. Signed with stolen Chinese certs, it poses as a legit CrowdStrike driver to slip past defenses.
🛠️ Includes codes to disable antivirus, kill processes, and reboot machines.
See the full breakdown → https://thehackernews.com/2025/03/medusa-ransomware-uses-malicious-driver.html
Forwarded from The Hacker News
⚠️ The rise of "Vibe Coding" together with developers' inherent "automation bias" creates the perfect attack surface.
🛑 New Rules File Backdoor attack, discovered by Pillar Security, lets hackers poison AI-powered tools like GitHub Copilot & Cursor, injecting hidden malicious code into projects that appear legitimate to developers.
Learn more: https://thn.news/github-copilot-vulnerability
🛑 New Rules File Backdoor attack, discovered by Pillar Security, lets hackers poison AI-powered tools like GitHub Copilot & Cursor, injecting hidden malicious code into projects that appear legitimate to developers.
Learn more: https://thn.news/github-copilot-vulnerability
Forwarded from The Hacker News
🚨 UAT-5918 has been quietly breaching Taiwan’s critical infrastructure since 2023—targeting IT, telecom, healthcare, and more.
Linked to China-based groups like Volt Typhoon, it uses open-source tools, web shells & reverse proxies to stay hidden for the long haul. đź‘€
Credential theft, deep persistence, manual exfiltration—this isn’t smash-and-grab. It’s slow burn espionage.
🔎 Full analysis | Don’t sleep on this: https://thehackernews.com/2025/03/uat-5918-targets-taiwans-critical.html
Linked to China-based groups like Volt Typhoon, it uses open-source tools, web shells & reverse proxies to stay hidden for the long haul. đź‘€
Credential theft, deep persistence, manual exfiltration—this isn’t smash-and-grab. It’s slow burn espionage.
🔎 Full analysis | Don’t sleep on this: https://thehackernews.com/2025/03/uat-5918-targets-taiwans-critical.html
Forwarded from Mishaal's Android News Feed
🛜 The Galaxy S25 is Samsung's first phone to support Android's Instant Hotspot feature
With Instant Hotspot, you can share your Samsung phone’s Internet connection with any Android tablet, not just Samsung-made ones.
More details 👇
đź”— https://www.androidauthority.com/galaxy-s25-instant-hotspot-3537161/
With Instant Hotspot, you can share your Samsung phone’s Internet connection with any Android tablet, not just Samsung-made ones.
More details 👇
đź”— https://www.androidauthority.com/galaxy-s25-instant-hotspot-3537161/
Android Authority
The Galaxy S25 is Samsung's first phone to support Android's Instant Hotspot feature
Android's Instant Hotspot is finally available on Samsung phones, starting with the Galaxy S25 series. Here's what this feature does!
Forwarded from Mishaal's Android News Feed
⏩ The Pixel 10 will have faster startup performance thanks to this Android change
A change in Android’s boot process has resulted in a 30% reduction in module loading time on the Pixel 10 and other Android devices.
More details 👇
đź”— https://www.androidauthority.com/pixel-10-startup-performance-3537302/
A change in Android’s boot process has resulted in a 30% reduction in module loading time on the Pixel 10 and other Android devices.
More details 👇
đź”— https://www.androidauthority.com/pixel-10-startup-performance-3537302/
Android Authority
The Pixel 10 will have faster startup performance thanks to this Android change
Google is making a change to Android’s early boot process that speeds up how quickly modules are loaded, making the Pixel 10 boot faster.