CloudSEK researchers have uncovered a new attack vector, dubbed ClickFix, which exploits invisible prompt injection and the prompt overdose technique to compromise automated AI summarization systems. The essence of the method lies in concealing...
The post Ransomware in Your Summary? New Attack Weaponizes AI Assistants appeared first on Penetration Testing Tools.
This is the fifth edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in July's report, our goal is to equip security and anti-fraud teams with greater visibility into the email infrastructure commonly exploited by bots and fraudsters.
What this list includes: The
The post Fraudulent email domain tracker: August 2025 appeared first on Security Boulevard.
With each passing year, the number of cryptocurrency-related attacks orchestrated by North Korean groups continues to grow. Their methods are becoming increasingly sophisticated—ranging from large-scale breaches to infiltrating companies through planted employees. Coinbase CEO...
The post Inside the War on Crypto: Coinbase CEO Details Fight Against North Korean Hackers appeared first on Penetration Testing Tools.
In early August 2025, specialists at Fortinet FortiGuard Labs detected a large-scale phishing campaign distributing the UpCrypter loader through counterfeit emails purporting to contain voicemail notifications or order confirmations. The attackers crafted highly convincing...
The post A Global Phishing Spree: The New Campaign Spreading RATs with Fake Voicemails appeared first on Penetration Testing Tools.
GhostBSD has unveiled an updated release, version 25.02-R14.3p2. Built upon FreeBSD 14.3, this iteration delivers bug fixes and refinements aimed at enhancing both stability and overall user experience. The most notable innovation is the...
The post A macOS-like Desktop for BSD? GhostBSD Unveils the Gershwin Environment appeared first on Penetration Testing Tools.
You must login to view this content
Authorities in the U.S. state of Maryland are investigating a cyberattack that has compromised information systems used to organize transportation services for people with disabilities. The Maryland Transit Administration (MTA) announced on social media...
The post Cyberattack on Maryland Transit Agency Disrupts Services for Persons with Disabilities appeared first on Penetration Testing Tools.
The Android mobile ecosystem has been struck by a new wave of threats driven by the evolution of the HOOK banking trojan. The latest iteration of this malicious program has gained an expanded arsenal...
The post Hook v3: The Banking Trojan That’s Evolving into a Hybrid Ransomware-Spyware Threat appeared first on Penetration Testing Tools.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The list includes two flaws in Citrix Session Recording and one in Git, all...
The post CISA Adds Three Vulnerabilities to Catalog, Urges Immediate Patching appeared first on Penetration Testing Tools.
The Chinese group UNC6384 has launched a series of attacks against diplomats in Southeast Asia and several other countries, acting in the interests of Beijing. The campaign, observed by Google Threat Intelligence Group in...
The post The Spy on the Network: How a Chinese APT Group Is Hijacking Wi-Fi to Target Diplomats appeared first on Penetration Testing Tools.