Representatives from Mozilla warn extension developers about an active phishing campaign aimed at hacking accounts on the official AMO platform (addons.mozilla.org).
CONTINUE READING 🡒 Category: News
Google Tool Allowed Removal of Pages from Search Results
Journalists discovered that the Refresh Outdated Content tool allowed anyone to remove specific pages from Google search results. As a result, negative articles about the CEO of a major tech company in San Francisco disappeared from the…
CONTINUE READING 🡒 
Microsoft Offers Up to $40,000 for .NET Vulnerabilities
Microsoft expands its bug bounty program for .NET and raises the maximum reward to $40,000 for certain bugs in .NET and ASP.NET Core.
CONTINUE READING 🡒 
Pi-hole Data Leak Caused by Vulnerability in WordPress Plugin
The developers of the popular ad blocker Pi-hole warned that the names and email addresses of everyone who donated to the project were exposed due to a bug in the GiveWP plugin for WordPress.
CONTINUE READING 🡒 
Kali Linux Can Now Run in Containers on macOS
The developers of Kali Linux report that Kali can now be run in a virtualized container on macOS Sequoia using Apple’s new containerization system.
CONTINUE READING 🡒 ![Some Shortened goo[.]gl Links Will Continue to Work](https://hackmag.com/wp-content/uploads/2025/08/thumbnail-20-620x280.webp)
Some Shortened goo[.]gl Links Will Continue to Work
Previously, Google developers promised that in 2025 the link shortening service goo[.]gl would cease operations entirely, and all shortened links would stop functioning. However, the company revised this decision following numerous requests from users.
CONTINUE READING 🡒 
Vulnerability in Gemini CLI AI Assistant Allowed Arbitrary Code Execution
Researchers discovered a vulnerability in Google’s Gemini CLI AI Assistant that allowed the stealth execution of malicious commands and the theft of data from developers’ computers using programs from an approved list.
CONTINUE READING 🡒 
Ransomware Attackers Increasingly Threaten Victims with Physical Harm
A ransomware negotiation specialist revealed that hackers are increasingly threatening physical harm to employees of targeted companies and their families in order to force the victimized organizations to pay the ransom.
CONTINUE READING 🡒 
Vulnerability in SAP NetWeaver Exploited to Deploy Auto-Color Linux Malware
Experts at Darktrace warned that hackers exploited a critical vulnerability in SAP NetWeaver (CVE-2025-31324) to deploy Linux malware Auto-Color into the network of an unnamed American chemical company.
CONTINUE READING 🡒 
Microsoft: Secret Blizzard Attacks Russian Diplomatic Missions, Disguising as Kaspersky…
Microsoft reported that the hacker group Secret Blizzard (also known as Turla, Waterbug, and Venomous Bear) is targeting staff at foreign embassies in Moscow. The report states that the hackers allegedly use a MitM (Man-in-the-Middle) position within…
CONTINUE READING 🡒 
Lixiang Car Owners Face Master Account Hacks
The head of “Avilon Electro,” Sergey Melyukh, told the media that fraudsters are hacking the accounts of Li Auto (Lixiang brand) car owners in Russia and then demanding ransom.
CONTINUE READING 🡒 
National Guard Addresses Aftermath of Cyberattack in Minnesota
Minnesota Governor Tim Walz has enlisted the National Guard to address the aftermath of a cyberattack that struck the state capital, the city of Saint Paul, last week.
CONTINUE READING 🡒 
Hackers Embedded Raspberry Pi in Banking Network in Attempted Heist
Group-IB reported that the hacker group UNC2891 (also known as LightBasin) used a Raspberry Pi with 4G support to infiltrate a bank’s network and bypass its security systems. The single-board computer was connected to the same network…
CONTINUE READING 🡒 
Cobalt Strike Used Against Russian Organizations, Malware Hosted on GitHub…
Experts from Kaspersky Lab have discovered new attacks targeting Russian organizations using Cobalt Strike Beacons. To evade detection and execute the malware, attackers are hosting encrypted code in profiles on legitimate services, including GitHub and social media.
CONTINUE READING 🡒 
Lovense Adult Toys Leak Users’ Email Addresses
The Lovense smart sex toys platform has been found vulnerable to a bug that allows anyone to discover a user’s email address if their username is known.
CONTINUE READING 🡒 
French Telecom Giant Orange Hit by Cyberattack
The French telecommunications company Orange, one of the largest telecom operators in the world, reports the discovery of a compromised system within its network.
CONTINUE READING 🡒 
PyPI Warns Developers About Phishing Attacks
The maintainers of the Python Package Index (PyPI) have issued a warning about a phishing campaign targeting users. Attackers aim to redirect victims to fake websites disguised as PyPI with the intent to steal credentials.
CONTINUE READING 🡒 
Tea App Suffered a Data Leak Exposing Users’ Personal Information…
The Tea platform suffered from two major data leaks. First, an unprotected Firebase database containing users’ personal information was discovered on 4chan, and then a second database was found containing 1.1 million personal messages exchanged by users.
CONTINUE READING 🡒 
Popular npm Packages Hacked to Distribute Malware
In recent weeks, a number of open-source developers have fallen victim to phishing attacks. As a result, malware infiltrated packages, some of which receive 30 million downloads per week.
CONTINUE READING 🡒 
Malware Discovered in Official Endgame Gear Mouse Software
The gaming peripherals manufacturer Endgame Gear has reported that malware was embedded in the tool for configuring the OP1w 4k v2 mouse on the company’s official website from June 26 to July 9, 2025.
CONTINUE READING 🡒