Proofpoint is warning of a surge in phishing attacks in which attackers hijack corporate Microsoft 365 accounts not
The post The Trusted Trap: How Hackers Weaponize Microsoft’s Own Login Flows to Bypass MFA appeared first on Penetration Testing Tools.
After nearly five years of apparent dormancy, the Iranian threat group Infy—also known as Prince of Persia—has resurfaced.
The post Thunder & Lightning Return: Iran’s Infy APT Resurfaces with Advanced Foudre Exploits appeared first on Penetration Testing Tools.
The group behind one of the most notorious ransomware distribution services, RansomHouse, has significantly strengthened the technical sophistication
The post Level Up: RansomHouse Deploys the “Mario” Encryptor to Crush ESXi Hypervisors appeared first on Penetration Testing Tools.
Romania’s National Administration of Water Resources has fallen victim to a large-scale cyberattack that resulted in the encryption
The post Locked by BitLocker: 1,000 Systems Crippled in Massive Cyberattack on Romanian Waters appeared first on Penetration Testing Tools.
If you ever found the idea of “almost macOS, but on Linux” appealing, it is alive again. The
The post Forbidden Fruit: The New pearOS Reinvents Arch Linux with a Stunning macOS 26 Aesthetic appeared first on Penetration Testing Tools.
Former Israeli Prime Minister Naftali Bennett has acknowledged that his Telegram account was accessed without authorization, even though
The post The Octopus Trap: Iranian Hackers Breach Naftali Bennett’s Telegram in Bold Cyber Strike appeared first on Penetration Testing Tools.
India’s Central Bureau of Investigation (CBI) has announced the arrest of three individuals suspected of orchestrating a large-scale
The post 21,000 SIMs Discovered: CBI Dismantles Massive “Phishing Factory” in Operation Chakra-V appeared first on Penetration Testing Tools.
Google has filed a lawsuit against a Chinese-speaking group it describes as a central driver behind a massive
The post Operation Magic Cat: Google Sues to Dismantle the Chinese “Darcula” Phishing Empire appeared first on Penetration Testing Tools.
A new open-source project has emerged in the threat-hunting ecosystem, aiming to address one of the discipline’s most
The post Hacking “Analytical Amnesia”: How the ATHF Framework Gives AI a Memory for Threat Hunting appeared first on Penetration Testing Tools.
The popular video platform TikTok has found itself at the center of a new scandal involving alleged violations
The post The Intimacy Breach: TikTok Sued for Unlawfully Tracking Users on Grindr appeared first on Penetration Testing Tools.
In 2025, hackers linked to North Korea stole a record-breaking two billion dollars in cryptocurrency—51% more than the
The post The $2 Billion Heist: North Korea Smashes Crypto Theft Records in 2025 appeared first on Penetration Testing Tools.
A new tool has surfaced on the dark web, quickly drawing the attention of security professionals—and not for
The post The Pitch-Black Bot: DIG AI Emerges as the Dark Web’s Uncensored Malware Engine appeared first on Penetration Testing Tools.
WatchGuard has warned customers of a critical vulnerability in its Firebox firewalls that is already being actively exploited
The post Perimeter Breach: Critical Zero-Day CVE-2025-14733 Exploited to Hijack WatchGuard Firewalls appeared first on Penetration Testing Tools.
Researchers have uncovered a vulnerability in the UEFI firmware implementations used on motherboards from several major manufacturers, including
The post Critical UEFI Flaw Bypasses All Early-Boot Protections appeared first on Penetration Testing Tools.
TrapFlagForSyscalling: Bypass user-land hooks by syscall tampering via the Trap Flag The Trap Flag (TF) is a special bit in
The post The Single-Step Sniper: Bypassing EDR Hooks with TrapFlagForSyscalling appeared first on Penetration Testing Tools.
The U.S. Treasury is cautiously suggesting that the ransomware market may be beginning to cool. In a new
The post The Extortion Deficit: Ransomware Payments Plunge by 33% as Victims Refuse to Pay appeared first on Penetration Testing Tools.
Groups operating in the interests of the DPRK continue to aggressively expand their infrastructure for cyber espionage, financial
The post Shared Shadows: Hunt.io Uncovers the Unified Staging Grounds of Lazarus and Kimsuky appeared first on Penetration Testing Tools.
The leak of a fourth episode linked to the APT35 hacking group—also known as Charming Kitten—dramatically reshapes perceptions
The post The Accounting of Intrusion: How the “Episode 4” Leak Exposed APT35’s Bureaucratic Machine appeared first on Penetration Testing Tools.
The Tor Project has published its Form 990 tax filings and an independent audit of its financial statements
The post Onions & Audit Trails: How the Tor Project is Decoupling from Government Funding appeared first on Penetration Testing Tools.
Check Point researchers have uncovered a new campaign known as the so-called YouTube Ghost Network—a web of hijacked
The post Vectored Overloading: New “Ghost Network” Hijacks YouTube to Deploy Stealthy GachiLoader appeared first on Penetration Testing Tools.
