SpearSpray is an advanced password spraying tool designed specifically for Active Directory environments. It combines user enumeration via LDAP
The post SpearSpray: The Stealthy Tool That Bypasses Lockout Policies in Active Directory appeared first on Penetration Testing Tools.
Google has released an unscheduled Chrome update to patch a zero-day vulnerability already being exploited in active attacks.
The post PATCH NOW: Google Issues Emergency Chrome Update for Actively Exploited Zero-Day appeared first on Penetration Testing Tools.
Microsoft has released its December security updates: Patch Tuesday brings fixes for 57 vulnerabilities, including three zero-days (one
The post PATCH NOW: Microsoft Fixes 57 Flaws, Including Three Zero-Days Actively Exploited appeared first on Penetration Testing Tools.
The investigation in Japan has detained two Chinese nationals suspected of orchestrating the largest known market-manipulation scheme involving
The post Japan’s Largest Scam: Chinese Duo Used Hijacked Accounts to Manipulate Stock Prices appeared first on Penetration Testing Tools.
Experts at Doctor Web have identified a new click-fraud trojan, Trojan.ChimeraWire, which disguises itself as the activity of
The post ChimeraWire: The Click-Fraud Trojan Disguised as a Human User appeared first on Penetration Testing Tools.
The financially motivated group Storm-0249, long known as a broker of initial access for ransomware operators, has markedly
The post Invisible Ransomware: Storm-0249 Weaponizes SentinelOne EDR in Stealth Attacks appeared first on Penetration Testing Tools.
A newly discovered vulnerability in Node.js, designated CVE-2025-55182 and informally dubbed React2Shell, has become a favored weapon of
The post React2Shell Exploit: Botnets Target 150K+ Devices Daily with Node.js Flaw appeared first on Penetration Testing Tools.
The widow of Saudi dissident journalist Jamal Khashoggi has filed a complaint with the French prosecutor’s office, alleging
The post Khashoggi’s Widow Files French Complaint Over Pegasus Spyware Infection appeared first on Penetration Testing Tools.
The International Criminal Court has released a draft policy aimed at confronting crimes committed through digital technologies. The
The post Digital War Crimes: ICC Drafts Policy to Judge Cyber-Enabled Genocide and Aggression appeared first on Penetration Testing Tools.
DllShimmer Weaponize DLL hijacking easily. Backdoor any function in any DLL without disrupting normal process operation. How it
The post DllShimmer: The Stealth Tool for Weaponizing DLL Hijacking without Detection appeared first on Penetration Testing Tools.
DumpGuard is a credential dumping tool that can extract the NTLMv1 hashes of users on modern Windows systems.
The post DumpGuard Tool Bypasses Credential Guard to Steal NTLMv1 Hashes appeared first on Penetration Testing Tools.
Researchers from Howler Cell have detailed an underground marketplace for compromised websites operated by students and freelancers across
The post Student Sells Hacked Sites: Beima Web Shell Undetectable, Targets .Gov & .Edu appeared first on Penetration Testing Tools.
APT-C-53 has once again intensified its distribution of malicious attachments targeting organizations in Ukraine. The latest wave of
The post APT-C-53 Hits Ukraine: New Attack Exploits WinRAR Flaw for Persistence appeared first on Penetration Testing Tools.
The launch of the IPCola service on underground forums in 2023 initially appeared to be yet another proxy
The post The Proxy Ghost: IPCola’s Network Feeds on User Devices Covertly appeared first on Penetration Testing Tools.
On Monday, Warby Parker and Google announced that they are preparing to release AI-powered smart glasses, with the
The post Google & Warby Parker Partner on AI Smart Glasses to Launch in 2026 appeared first on Penetration Testing Tools.
At the beginning of the year, Japan was shaken by a scandal surrounding a major data breach involving
The post Japan Cyber-Shock: Teen Hacked Kaikatsu Club, Used AI to Bypass Defenses appeared first on Penetration Testing Tools.
A data leak at the Chinese company Knownsec—long heralded as one of the flagships of the nation’s cybersecurity
The post China’s “King of Vulnerabilities” Hacked: Knownsec Leak Exposes Zero-Day Flaws appeared first on Penetration Testing Tools.
A researcher known under the pseudonym Vulndisclosure has reported a vulnerability, dubbed ZeroBoot, that enables an attacker to
The post ZeroBoot: New Flaw Bypasses Samsung Galaxy Encryption with Physical Access appeared first on Penetration Testing Tools.
A ransomware attack has crippled the operations of several key Puerto Rican government agencies, yet officials have still
The post Critical Shutdown: Ransomware Cripples Puerto Rico Agencies Via Contractor Breach appeared first on Penetration Testing Tools.
In February, a Slovenian information security researcher published an analysis of the Chinese remote-management device NanoKVM, revealing that
The post The KVM with a Secret: NanoKVM Ships with Critical Flaws and a Covert Microphone appeared first on Penetration Testing Tools.
