Xiaomi Users Will Soon Send Encrypted Messages to iPhones
https://www.gizchina.com/2025/03/27/xiaomi-users-will-soon-send-encrypted-messages-to-iphones/

Persepolis

Persepolis is a download manager written in Python. Persepolis is a sample of free and open-source software. It's developed for GNU/Linux distributions, BSDs, macOS, and Microsoft Windows.

🔗 Links:
- Download
- Screenshots
- Features
- Source Code
Developer: Persepolisdm

❤️ Special thanks to @SC1444 for recommending!

🏷️ Tags: #Desktop #Windows #Linux #MacOS #Tools

ApkToolGUI

a tool for reverse engineering 3rd party, closed, binary Android apps. It makes possible to debug smali code step by step. Also it makes working with app easier because of project-like files structure and automation of some repetitive tasks like building apk, etc.

🔗Links
- Download
- Requirements
- Features
- Screenshot
- Source code
Developer: AndnixSH

❤️ Thanks to @SC1444 for app recommendation!

🏷 Tags: #Windows #Utilities

Redmi K80 Pro Transformed into a Powerful Handheld Console by Chinese Modder
https://www.gizchina.com/2025/03/27/redmi-k80-pro-transformed-into-a-powerful-handheld-console-by-chinese-modder/

AerynOS 2025.03 is the first release following the Serpent OS rebranding.

https://news.itsfoss.com/aerynos-2025-03/

🚨 One click from insider to admin?

A critical flaw in NetApp SnapCenter (CVE-2025-26512, CVSS 9.9) lets authenticated users escalate privileges to full admin—on remote systems.

SnapCenter powers enterprise backups—this isn’t niche, it’s everywhere.

🔗Read: https://thehackernews.com/2025/03/netapp-snapcenter-flaw-could-let-users.html

👀 6-year-old bugs are back—and being weaponized.

CISA just flagged two 2019 Sitecore RCE flaws (CVE-2019-9874 & 9875) as actively exploited.

But it doesn’t stop there:
➡️ Next.js auth bypass (CVE-2025-29927) is under live attack
➡️ DrayTek routers face fresh waves targeting old RCE/LFI bugs.

🔗 Details: https://thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html

Old CVEs. New exploits. Patch now.

🚨 150,000+ websites hijacked. Millions redirected.

Hackers are injecting malicious JavaScript into legit sites to push Chinese-language gambling ads—using fake Bet365 branding, fullscreen overlays, and iframe tricks.

🔗 Full story: https://thehackernews.com/2025/03/150000-sites-compromised-by-javascript.html

🔥 Still opening Office docs without checking? In 2025, that’s a major risk.

Hackers still use Word and Excel to deliver malware—no macros, no clicks.

Top threats: Phishing docs, fake logins, QR traps.

🛡️ Scan before you open. Learn more: https://thehackernews.com/2025/03/top-3-ms-office-exploits-hackers-use-in.html

🚨 Fake India Post site used to hack Windows & Android users!

APT36 (aka Transparent Tribe), linked to Pakistan, is behind a phishing site—postindia[.]site—targeting Indian citizens 🇮🇳

👉 Details that matter → https://thehackernews.com/2025/03/apt36-spoofs-india-post-website-to.html

💡 Stay sharp, don’t click blind.

🛑 Shadow SaaS is your biggest blind spot—and CASB can’t save you.

New report reveals why traditional CASB tools fail to detect or stop unsanctioned apps, identity leaks, and data exfiltration.

🔍 80% of SaaS use is shadow IT
⚠️ API scanners can’t block live attacks
🧠 The fix? Security at the browser level

📄 Read the report: https://thehackernews.com/2025/03/new-report-explains-why-casb-solutions.html