Aggregator
CVE-2025-8747 | Google Keras up to 3.10.0 Model.load_model deserialization
New ‘Odyssey Stealer’ Malware Hijacks macOS, Steals Crypto with ClickFix
Researchers at Forcepoint X-Labs have identified a new malware campaign targeting macOS users. The attack employs an enhanced ClickFix technique—combining phishing with social engineering—to steal data from cryptocurrency wallets, browser accounts, and confidential files....
The post New ‘Odyssey Stealer’ Malware Hijacks macOS, Steals Crypto with ClickFix appeared first on Penetration Testing Tools.
New ‘Win-DDoS’ Attack Turns Windows Servers Into a Global Botnet
At DEF CON 33, researchers from SafeBreach unveiled a new attack technique dubbed Win-DDoS, capable of transforming thousands of publicly accessible domain controllers (DCs) worldwide into a powerful botnet for large-scale DDoS attacks. The...
The post New ‘Win-DDoS’ Attack Turns Windows Servers Into a Global Botnet appeared first on Penetration Testing Tools.
Your Webcam Can Be a Hacker’s Weapon: New ‘BadCam’ Attack Hijacks Lenovo Devices
Researchers at Eclypsium have uncovered critical vulnerabilities in the Lenovo 510 FHD and Lenovo Performance FHD webcams that allow them to be transformed into BadUSB-style attack devices. The issue, dubbed BadCam, was presented at...
The post Your Webcam Can Be a Hacker’s Weapon: New ‘BadCam’ Attack Hijacks Lenovo Devices appeared first on Penetration Testing Tools.
Smart Buses flaws expose vehicles to tracking, control, and spying
Минцифры представляет «детскую» SIM-карту, которая навсегда изменит доступ к интернету
Linus Torvalds Rejects ‘Garbage’ RISC-V Code, Delays It for Linux 6.17
Linus Torvalds delivered a sharp rebuke to the initial batch of RISC-V patches proposed for inclusion in Linux 6.17, citing both their untimely submission and the presence of what he called “garbage” changes unrelated...
The post Linus Torvalds Rejects ‘Garbage’ RISC-V Code, Delays It for Linux 6.17 appeared first on Penetration Testing Tools.
Debian 13 ‘trixie’ Is Here: What’s New in the Universal Operating System
After more than two years of development, the Debian Project has unveiled a new stable release of its operating system—Debian 13, codenamed trixie. It will receive updates and security fixes for five years, thanks...
The post Debian 13 ‘trixie’ Is Here: What’s New in the Universal Operating System appeared first on Penetration Testing Tools.
Record-Breaking Fraud: Older Americans Lost $700 Million to Scams in 2024
In 2024, Americans over the age of 60 lost an astronomical $700 million to online fraud—a record high in the entire history of monitoring by the U.S. Federal Trade Commission (FTC). The latest Consumer...
The post Record-Breaking Fraud: Older Americans Lost $700 Million to Scams in 2024 appeared first on Penetration Testing Tools.
GPT-5 Hacked in 24 Hours: Researchers Expose Critical Flaws in OpenAI’s New Model
After Grok-4 was compromised in just two days, GPT-5 fell within a mere 24 hours to the same group of researchers. Almost simultaneously, the SPLX testing team (formerly SplxAI) declared: “Out-of-the-box GPT-5 is practically...
The post GPT-5 Hacked in 24 Hours: Researchers Expose Critical Flaws in OpenAI’s New Model appeared first on Penetration Testing Tools.
Hackers Exploited a New WinRAR Flaw Before It Was Patched
A recently patched vulnerability in WinRAR, identified as CVE-2025-8088, was exploited in targeted phishing attacks even before a fix became available. The flaw, classified as a Directory Traversal vulnerability and addressed only in WinRAR...
The post Hackers Exploited a New WinRAR Flaw Before It Was Patched appeared first on Penetration Testing Tools.
情报每周回顾 2025-08-10
UK Red Teamers “Deeply Skeptical” of AI
Windows RPC Protocol Exploited to Launch Server Spoofing Attacks
A vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) protocol has been discovered that allows attackers to manipulate core system communications and launch sophisticated server spoofing attacks. The flaw, designated CVE-2025-49760, enables unprivileged users to masquerade as legitimate system services and potentially escalate privileges or steal sensitive credentials. Security researcher SafeBreach uncovered the vulnerability through […]
The post Windows RPC Protocol Exploited to Launch Server Spoofing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Connex Credit Union data breach impacts 172,000 members
INE Named to Training Industry’s 2025 Top 20 Online Learning Library List
Cary, United States, August 11th, 2025, CyberNewsWire Hands-on cybersecurity and IT training leader recognized for innovation in practical, work-ready education INE has been selected for Training Industry’s 2025 Top 20 Online Learning Library Companies list, recognizing the company’s leadership in cybersecurity training, cybersecurity certifications, and IT training that emphasizes hands-on, practical learning experiences. Training Industry evaluated […]
The post INE Named to Training Industry’s 2025 Top 20 Online Learning Library List appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Chaos-as-a-Service: Inside the Telegram Power Play of Scattered Spider, Lapsus$, and ShinyHunters
You must login to view this content
INE Named to Training Industry’s 2025 Top 20 Online Learning Library List
Cary, United States, August 11th, 2025, CyberNewsWire Hands-on cybersecurity and IT training leader recognized for innovation in practical, work-ready education INE has been selected for Training Industry’s 2025 Top 20 Online Learning Library Companies list, recognizing the company’s leadership in cybersecurity training, cybersecurity certifications, and IT training that emphasizes hands-on, practical learning experiences. Training Industry evaluated […]
The post INE Named to Training Industry’s 2025 Top 20 Online Learning Library List appeared first on Cyber Security News.