Aggregator

AI爆款视频是什么AI爆款视频是一款AI视频生成工具，添加任意素材，一键智能生成爆款视频工具，支持抖音、小红书、视频号、B站和快手等平台视频生成，支持自媒体、财经评论、影视剧情、经验攻略和搞笑娱...

SSO access tokens can buy adversaries more time as they exfiltrate credentials and other sensitive information from a victim’s AWS CLI

Paper-to-Podcast是什么Paper-to-Podcast是一款将学术研究论文转化为对话式播客的工具，通过模拟三人互动讨论，使复杂的学术内容更加直观易懂。工具结构包括主持人引导、学习...

Running RTL-SDR in your Browser via an HTML5 App

本文将深入探讨一种基于在线平台的C2架构设计，该架构旨在通过实践构建一个具有更强隐蔽性和持久性的自研C2系统。

PHP已死…个锤子：PHP Docker官方映像拉取量达到10亿里程碑

The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both

15 кВт чистой энергии превращает любые воздушные цели в пыль.

Researchers identified FUNNULL, a Chinese CDN, as hosting malicious content, which includes fake trading apps for financial fraud, gambling sites likely used for money laundering, and phishing login pages targeting luxury brands.  The gambling sites use algorithmically generated domains and Tether cryptocurrency, possibly to bypass blocking and facilitate cross-border money flows.  FUNNULL acquired polyfill.io, a […]

The post Triad Nexus, Chinese Hackers Using 200,000 Domains For Widespread Cyber Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Итоги борьбы с запрещённым контентом за 2024 год.

Cybercriminals exploited typosquatting to deploy a malicious npm package, `@typescript_eslinter/eslint`, targeting developers seeking the legitimate TypeScript ESLint plugin, which was designed to mimic the genuine plugin, compromised systems by monitoring keystrokes, clipboard data, and executing remote commands.  They leveraged a WebSocket server for real-time control and data exfiltration as the persistence of a secondary malicious […]

The post Malicious ESLint Package Let Attackers Steal Data And Inject Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Wuhan Chinasoft Token Information Technology Co., Ltd. developed EagleMsgSpy, a surveillance tool operational since 2017, which, installed as an APK, secretly collects extensive user data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location, and network activity.  Because the data is sent to a command-and-control server, there is a possibility that it could […]

The post New Chinese Surveillance Tool Attack Android Users Since 2017 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

How and where to start from scratch?.

《信创安全能力建设技术指南（2024年）》报告发布（附报告下载二维码）

Учёные раскрывают потенциал биоматериалов для борьбы с самыми коварными заболеваниями.

ChatGPT突发全球宕机，OpenAI紧急抢修；公安部公布打击整治“网络水军”违法犯罪10大典型案例 | 牛览

How can I find the ip/general area someone is in based only off like phone number/ig/full name (this is for a nice thing don’t worry lol)

Updates to Knowle Consultants RTL-SDR Android Apps

How to create an Evil Twin without internet?