An infosec specialist has discovered that six of the most popular password managers, used by tens of millions of people, are vulnerable to clickjacking, enabling attackers to steal credentials, two-factor authentication codes, and bank card data.
CONTINUE READING 🡒 
DDoS Attack on Arch Linux Disrupts Project Website, Repository, and…
The Arch Linux team reports that it has been mitigating a prolonged DDoS attack for more than a week, affecting most of the project’s services. The attack began on August 16, and as a result the Arch…
CONTINUE READING 🡒 
Researchers Discover PromptLock, the First AI Ransomware
ESET specialists have discovered an unusual piece of malware dubbed PromptLock. The researchers describe it as the first known ransomware to use AI.
CONTINUE READING 🡒 
Relay again. Mastering relevant NTLM Relay attack techniques implemented via…
No doubt, you’ve heard many times that the NTLM Relay support is about to be disabled in Windows. I’ve heard it many times, too, but it’s mid-2025, and I still encounter NTLM Relay in almost every project. This article discusses relevant NTLM Relay…
CONTINUE READING 🡒 
Comparing 8 Home Firewalls: Which Has the Strongest Default Security?
You’d think picking a firewall for a home PC would be simple—just install it and go. But firewalls aren’t all the same, and choosing the right one can take time and effort. Today we’ll look at eight…
CONTINUE READING 🡒 
Hundreds of thousands of Auchan customers affected by data breach
The French retail chain Auchan has notified hundreds of thousands of customers that their personal data was stolen during a cyberattack.
CONTINUE READING 🡒 
Researchers hid malicious AI prompts inside tiny images
Experts at Trail of Bits have developed a new type of attack that enables the theft of user data by embedding malicious prompts into images, invisible to the human eye.
CONTINUE READING 🡒 
Android to ban installation of apps from unverified developers
Google representatives announced that starting in 2026, only apps from verified developers can be installed on certified Android devices. This measure is aimed at combating malware and financial fraud, and will apply to apps installed from third-party…
CONTINUE READING 🡒 
Critical vulnerability in Docker Desktop allowed attackers to compromise the…
A critical vulnerability in the desktop version of Docker for Windows and macOS made it possible to compromise the host system by running a malicious container, even when Enhanced Container Isolation (ECI) was enabled.
CONTINUE READING 🡒 
Google Play removes malware with over 19 million downloads
Researchers at Zscaler discovered that 77 malicious Android applications, with more than 19 million installs in total, were distributing various malware families on the official Google Play store.
CONTINUE READING 🡒 
AhMyth: Using a Simple Builder to Create an Android RAT
Thanks to Elon Musk’s efforts, you can drive a Tesla today without even knowing how to drive. And thanks to a developer who goes by the handle AhMyth (the same name he gave his tool), anyone can…
CONTINUE READING 🡒 
Life Without Antivirus: How to Remove Malware Manually and Harden…
When asked “What antivirus do you use on your Windows machine?” many security professionals (including people on our editorial team) answer: none. When massive outbreaks infect hundreds of thousands of computers despite all the latest defense tech,…
CONTINUE READING 🡒 
Developer sentenced to 4 years in prison for creating a…
55-year-old Davis Lu received four years in prison for sabotaging his former employer’s Windows network. Lu carried out his revenge using custom malware and a special “kill switch” that locked out all employees after his account was…
CONTINUE READING 🡒 
DeepNude Explained: How AI Undresses Women in Photos and Drives…
DeepNude, an app that can shamelessly undress women in photos, blew up online last June. The project runs on a hellish cocktail of neural networks, artificial intelligence, and raw sexual instinct.
CONTINUE READING 🡒 
Positive Technologies analyzed the Goffee APT group’s toolkit
Researchers at Positive Technologies reported the discovery of a previously unknown toolkit used by the Goffee hacker group (aka Paper Werewolf). It was employed in the later stages of attacks and allowed the attackers to remain undetected…
CONTINUE READING 🡒 
Flipper developers explain there is no “secret firmware” for hacking…
The topic of hacking and stealing cars using the Flipper Zero has once again made headlines in the global media. This time, hackers claim to be selling “secret firmware” for the gadget that supposedly can be used…
CONTINUE READING 🡒 
13 Essential Sysadmin Utilities Every System Administrator Should Know
A well-stocked toolbox is what sets a seasoned pro apart from a newbie. And in Linux administration, that toolbox is about as critical as it gets. In this article, we’re not going to cover things like Nagios,…
CONTINUE READING 🡒 
Why iPhone Performance Beats Android—Now and in the Future
Why is the iPhone 7 faster than the Samsung Galaxy S7, and the iPhone 8 faster than the Galaxy S8? What’s the “Apple magic”? Setting aside fanboy takes like “Android is better!”, let’s break down the factors…
CONTINUE READING 🡒 
Building a Password Stealer: How to Extract Chrome and Firefox…
You’ve probably heard of a class of malware known as infostealers. Their goal is to exfiltrate valuable data from a victim’s system—most notably passwords. In this article, I’ll explain how they do that using Chrome and Firefox…
CONTINUE READING 🡒 
Repurpose Your Old Tablet: Use It as a Second Monitor,…
Older Android devices can’t keep up with modern games and resource‑hungry apps anymore, but it’s a shame to give them away or toss them out—and nobody wants to buy them. Using the Nexus 7 as an example,…
CONTINUE READING 🡒