A zero-day vulnerability residing within the Chinese content management system MetInfo has entered a phase of active exploitation
The post Zero-Day Surge: The MetInfo CMS Flaw That Grants Unauthenticated Root Access to Servers appeared first on Penetration Testing Tools.
The Chinese cyber-espionage collective Dragon Breath, also recognized by the designation APT-Q-27, has purportedly acquired a formidable new
The post Dragon Breath’s Leaked Driver Shatters Windows Security and Neutralizes EDRs appeared first on Penetration Testing Tools.
Over the past year, BO Team has significantly recalibrated its approach to incursions against Russian organizations. The syndicate
The post BO Team’s Pivot to High-Stakes Industrial Espionage and the ZeroSSH Threat appeared first on Penetration Testing Tools.
The Chinese cyber-espionage collective UAT-8302 has, for nearly a annum, conducted surreptitious incursions against governmental entities across South
The post UAT-8302’s Global Espionage Machine Is Hijacking Governments via the Cloud appeared first on Penetration Testing Tools.
Cybersecurity adversaries have asserted a monumental breach of one of the world’s preeminent pedagogical platforms, claiming the exfiltration
The post Class Dismissed? ShinyHunters Claims Massive Breach of 280 Million Records from Canvas LMS appeared first on Penetration Testing Tools.
AD CS LOLBAS Toolkit Native Windows toolkit for AD CS enumeration and exploitation. Everything runs through built-in OS
The post Living Off The Registry: Master AD CS Enumeration with the Native LOLBAS Toolkit appeared first on Penetration Testing Tools.
The seemingly innocuous download of a mobile game could culminate in a smartphone being compromised by sophisticated spyware.
The post Rigged Game: How North Korea’s ScarCruft Group Infiltrated a Gaming Platform to Deploy BirdCall Spyware appeared first on Penetration Testing Tools.
The novel Linux implant, Quasar Linux, poses a formidable threat not merely to individual workstations but to the
The post Quasar Linux (QLNX) Emerges to Subvert the Global Software Supply Chain appeared first on Penetration Testing Tools.
A contentious debate has emerged surrounding Google Chrome following reports of the surreptitious deployment of a substantial AI
The post The Invisible 4GB Update: Why Google Chrome is Secretly Loading Gemini Nano onto Your Hard Drive appeared first on Penetration Testing Tools.
Adversaries no longer find it requisite to engineer sophisticated malware from its inception. Frequently, the appropriation of a
The post The Administrator’s Shadow: How Hackers Turned a Popular GitHub Utility into an Invisible C2 Backdoor appeared first on Penetration Testing Tools.
A critical vulnerability has been identified within the ubiquitous Apache web server, potentially facilitating the complete compromise of
The post Emergency Patch: Critical RCE Vulnerability in Apache HTTP Server 2.4.67 Threatens Millions of Systems appeared first on Penetration Testing Tools.
Trajan: CI/CD Security Scanner Trajan scans CI/CD pipelines for security vulnerabilities that attackers use to compromise software supply
The post Supply Chains in the Crosshairs: Scan and Simulate Multi-Stage Attacks with Trajan appeared first on Penetration Testing Tools.
North Korean cyber-operatives have once again demonstrated how a handful of precision strikes can fundamentally reshape annual cryptocurrency
The post Two Strikes, Half a Billion: How North Korean Hackers Seized 76% of All Stolen Crypto in Just 120 Days appeared first on Penetration Testing Tools.
Adversaries commenced the exploitation of a critical vulnerability within Weaver E-cology a mere few days following the release
The post The Five-Day Race: Hackers Weaponize Critical Weaver E-cology RCE via Exposed Debugging API appeared first on Penetration Testing Tools.
A seemingly innocuous file transmitted via a support chat escalated into a significant crisis for DigiCert. An adversary
The post The Support Chat Trap: How a “Customer Screenshot” Led to a Critical Code-Signing Breach at DigiCert appeared first on Penetration Testing Tools.
In an ironic twist of fate, hackers attempted to coerce the architects of Grand Theft Auto, only to
The post The Billion-Dollar Blunder: How Hackers Inadvertently Sent Rockstar Games Stock Soaring with GTA Revenue Leaks appeared first on Penetration Testing Tools.
The Wasabi Protocol was divested of millions of dollars within mere minutes, a catastrophe precipitated not by a
The post Zero Delay, Total Loss: How a Compromised Key and a Disabled Timelock Cost Wasabi Protocol $5 Million appeared first on Penetration Testing Tools.
DLLHijackHunter is an automated Windows DLL hijacking detection tool that goes beyond static analysis. It discovers, validates, and confirms
The post Beyond Static Analysis: Hunt, Filter, and Confirm Hijacks with DLLHijackHunter appeared first on Penetration Testing Tools.
Trellix, a preeminent titan in the cybersecurity industry, has disclosed a breach of its internal source code repository.
The post Trellix Investigates Unauthorized Breach of Internal Source Code Repository appeared first on Penetration Testing Tools.
WhatsApp has remediated two vulnerabilities within its messaging architecture following disclosures through Meta’s bug bounty program. Both flaws
The post WhatsApp Patches “NUL Byte” Flaw and AI Media Exploits Across Windows, iOS, and Android appeared first on Penetration Testing Tools.
