Information Security News|Cyber Security|Hacking Tutorial

Bored Ape Yacht Club NFTs heist. How come this keeps happening over and over again?

On: April 26, 2022

A group of cybercriminals managed to steal non-fungible token (NFT) worth about $3 million USD from the popular Bored Ape Yacht Club collection. Threat actors reportedly took control of theRead More →

2 critical vulnerabilities exploitable remotely in trailer brake controllers can cause accidents on highways

On: April 26, 2022

In: Vulnerabilities

Cybersecurity specialists report the detection of two critical vulnerabilities in Power Line Communications (PLC) J2497, a two-way serial communications link used in trailers and other transport vehicles. According to theRead More →

How to do local privilege escalation attacks on Windows to brute force the local administrator account?

On: April 25, 2022

In: Tutorials

Privilege escalation attacks pose a severe cyber security risk to all kinds of systems in public and private organizations. In these attacks, threat actors exploit vulnerabilities or design flaws inRead More →

Zoom is set to pay $85 million USD as part of a class-action settlement; users traumatized by hackers and pranksters irrupting in their meetings

On: April 25, 2022

In: Incidents

Thousands of companies began to implement the remote work modality due to the pandemic, which led to a notable increase in the use of video calling tools such as Zoom.Read More →

Pwn2Own Miami paid $400,000 USD for 26 zero-day exploits on ICS and SCADA products

On: April 22, 2022

In: Technology

This week concluded the most recent edition of the ethical hacking event Pwn2Own Miami 2022, during which prizes of $ 400,000 USD were awarded thanks to the report of 26Read More →

Critical remote code execution vulnerability in Atlassian Bitbucket Data Center: Update immediately

On: April 22, 2022

In: Vulnerabilities

This week Atlassian issued a security report announcing the fix of CVE-2022-26133, a remote code execution vulnerability in Atlassian Bitbucket Data Center, a released code collaboration platform that supports codeRead More →

Two out of three Android smartphones sold in 2021 could easily be hacked through an audio file to exploit vulnerabilities in Qualcomm and MediaTek chipsets

On: April 21, 2022

In: Mobile Security

A security report from Check Point notes that three vulnerabilities in audio decoders on Qualcomm and MediaTek chips would allow threat actors to remotely access audio conversations on millions ofRead More →

Critical vulnerability in Java allows forgery of certificates, signatures, WebAuthn messages and evade authentication mechanisms: Update immediately

On: April 21, 2022

In: Incidents

Some versions of Java are affected by a critical vulnerability in the Elliptic Curve Digital Signature Algorithm (ECDSA) signature validation that would allow threat actors to digitally sign files andRead More →

AWS patches to fix Log4j vulnerabilities could be exploited for privilege escalation or container escape attacks

On: April 20, 2022

In: Vulnerabilities

Cybersecurity specialists from Palo Alto Networks mention that patches released by Amazon Web Services (AWS) to address vulnerabilities in Log4j could be evaded to escalate privileges on the system orRead More →

New Oracle update fixes 520 vulnerabilities in 12 products: Three critical flaws with CVSS scores of 10 and 70 flaws with 9.8/10 score

On: April 20, 2022

In: Vulnerabilities

In its quarterly Critical Patch Update (CPU), Oracle has included a total of 520 patches to address all sorts of vulnerabilities. This update fixes security flaws in dozens of products,Read More →

2 critical vulnerabilities exploitable remotely in trailer brake controllers can cause accidents on highways

How to do local privilege escalation attacks on Windows to brute force the local administrator account?

Zoom is set to pay $85 million USD as part of a class-action settlement; users traumatized by hackers and pranksters irrupting in their meetings

Pwn2Own Miami paid $400,000 USD for 26 zero-day exploits on ICS and SCADA products

Critical remote code execution vulnerability in Atlassian Bitbucket Data Center: Update immediately

Two out of three Android smartphones sold in 2021 could easily be hacked through an audio file to exploit vulnerabilities in Qualcomm and MediaTek chipsets

Critical vulnerability in Java allows forgery of certificates, signatures, WebAuthn messages and evade authentication mechanisms: Update immediately

AWS patches to fix Log4j vulnerabilities could be exploited for privilege escalation or container escape attacks

New Oracle update fixes 520 vulnerabilities in 12 products: Three critical flaws with CVSS scores of 10 and 70 flaws with 9.8/10 score

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

13 Insanely Easy Techniques to Hack & Exploit Agentic AI Browsers

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

Backdooring ATMs via Bootloader? These Hackers Showed It’s Still Possible in 2025”

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]