TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше595
Підписники
Немає даних24 години
-37 днів
-1230 день
Архів дописів
595
HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands
https://thehackernews.com/2025/08/hook-android-trojan-adds-ransomware.html
Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages.
"A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims to coerce the victim into remitting a ransom payment," Zimperium zLabs researcher Vishnu Pratapagiri
595
Google to Verify All Android Developers in 4 Countries to Block Malicious Apps
https://thehackernews.com/2025/08/google-to-verify-all-android-developers.html
Google has announced plans to begin verifying the identity of all developers who distribute apps on Android, even for those who distribute their software outside the Play Store.
"Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices," the company said. "This creates crucial accountability, making it much harder for
595
CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git
https://thehackernews.com/2025/08/cisa-adds-three-exploited.html
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The list of vulnerabilities is as follows -
CVE-2024-8068 (CVSS score: 5.1) - An improper privilege management vulnerability in Citrix Session Recording
595
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
https://thehackernews.com/2025/08/unc6384-deploys-plugx-via-captive.html
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing's strategic interests.
"This multi-stage attack chain leverages advanced social engineering including valid code signing certificates, an adversary-in-the-middle (AitM) attack, and indirect execution techniques to evade
595
Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3
https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html
Docker has released fixes to address a critical security flaw affecting the Docker Desktop app for Windows and macOS that could potentially allow an attacker to break out of the confines of a container.
The vulnerability, tracked as CVE-2025-9074, carries a CVSS score of 9.3 out of 10.0. It has been addressed in version 4.44.3.
"A malicious container running on Docker Desktop could access the
595
Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads
https://thehackernews.com/2025/08/phishing-campaign-uses-upcrypter-in.html
Cybersecurity researchers have flagged a new phishing campaign that's using fake voicemails and purchase orders to deliver a malware loader called UpCrypter.
The campaign leverages "carefully crafted emails to deliver malicious URLs linked to convincing phishing pages," Fortinet FortiGuard Labs researcher Cara Lin said. "These pages are designed to entice recipients into downloading JavaScript
595
⚡ Weekly Recap: Password Manager Flaws, Apple 0-Day, Hidden AI Prompts, In-the-Wild Exploits & More
https://thehackernews.com/2025/08/weekly-recap-password-manager-flaws.html
Cybersecurity today moves at the pace of global politics. A single breach can ripple across supply chains, turn a software flaw into leverage, or shift who holds the upper hand. For leaders, this means defense isn’t just a matter of firewalls and patches—it’s about strategy. The strongest organizations aren’t the ones with the most tools, but the ones that see how cyber risks connect to business
595
Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations
https://thehackernews.com/2025/08/why-siem-rules-fail-and-how-to-fix-them.html
Security Information and Event Management (SIEM) systems act as the primary tools for detecting suspicious activity in enterprise networks, helping organizations identify and respond to potential attacks in real time. However, the new Picus Blue Report 2025, based on over 160 million real-world attack simulations, revealed that organizations are only detecting 1 out of 7 simulated attacks,
595
Transparent Tribe Targets Indian Govt With Weaponized Desktop Shortcuts via Phishing
https://thehackernews.com/2025/08/transparent-tribe-targets-indian-govt.html
The advanced persistent threat (APT) actor known as Transparent Tribe has been observed targeting both Windows and BOSS (Bharat Operating System Solutions) Linux systems with malicious Desktop shortcut files in attacks targeting Indian Government entities.
"Initial access is achieved through spear-phishing emails," CYFIRMA said. "Linux BOSS environments are targeted via weaponized .desktop
595
Malicious Go Module Poses as SSH Brute-Force Tool, Steals Credentials via Telegram Bot
https://thehackernews.com/2025/08/malicious-go-module-poses-as-ssh-brute.html
Cybersecurity researchers have discovered a malicious Go module that presents itself as a brute-force tool for SSH but actually contains functionality to discreetly exfiltrate credentials to its creator.
"On the first successful login, the package sends the target IP address, username, and password to a hard-coded Telegram bot controlled by the threat actor," Socket researcher Kirill Boychenko
595
GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets
https://thehackernews.com/2025/08/geoserver-exploits-polaredge-and.html
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.
The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
595
"What happens online stays online" and other cyberbullying myths, debunked
https://www.welivesecurity.com/en/kids-online/what-happens-online-stays-online-and-other-cyberbullying-myths-debunked/
Separating truth from fiction is the first step towards making better parenting decisions. Let’s puncture some of the most common misconceptions about online harassment.
595
The need for speed: Why organizations are turning to rapid, trustworthy MDR
https://www.welivesecurity.com/en/business-security/need-speed-organizations-turning-rapid-trustworthy-mdr/
How top-tier managed detection and response (MDR) can help organizations stay ahead of increasingly agile and determined adversaries
595
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection
https://thehackernews.com/2025/08/linux-malware-delivered-via-malicious.html
Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell.
The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a technical write-up.
"The payload isn't hidden inside the file content or a macro, it's encoded directly
595
Automation Is Redefining Pentest Delivery
https://thehackernews.com/2025/08/automation-is-redefining-pentest.html
Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn't kept pace.
Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,
595
Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage
https://thehackernews.com/2025/08/chinese-hackers-murky-genesis-and.html
Cybersecurity researchers are calling attention to malicious activity orchestrated by a China-nexus cyber espionage group known as Murky Panda that involves abusing trusted relationships in the cloud to breach enterprise networks.
"The adversary has also shown considerable ability to quickly weaponize N-day and zero-day vulnerabilities and frequently achieves initial access to their targets by
595
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown
https://thehackernews.com/2025/08/interpol-arrests-1209-cybercriminals.html
INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims.
"The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for cross-border cooperation," the agency said.
The effort is the second phase of an ongoing law
595
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
https://thehackernews.com/2025/08/ex-developer-jailed-four-years-for.html
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer's network with custom malware and deploying a kill switch that locked out employees when his account was disabled.
Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected computers in March 2025. He was arrested and
595
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
https://thehackernews.com/2025/08/pre-auth-exploit-chains-found-in.html
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows -
CVE-2025-57788 (CVSS score: 6.9) - A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user
595
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages
https://thehackernews.com/2025/08/cybercriminals-deploy-cornflakev3.html
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3.
Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
