Imagine a processor that, instead of executing a fixed set of instructions, reconfigures itself for each program and turns the algorithm directly into hardware. That’s exactly how FPGAs work! In this article, I’ll explain how that’s possible…
CONTINUE READING 🡒 
F6 researchers analyzed Kinsing group attacks against Russian companies
In the second quarter of 2025, researchers observed a wave of attacks against Russian companies in the finance, logistics, and telecom sectors. Behind these attacks was the Kinsing hacking group (aka H2Miner and Resourceful Wolf), whose goal…
CONTINUE READING 🡒 
Turkish crypto exchange BtcTurk suspends operations over suspected $49 million…
The popular Turkish cryptocurrency platform BtcTurk has temporarily suspended deposits and withdrawals after cybersecurity specialists from several different companies detected suspicious outflows totaling $49 million.
CONTINUE READING 🡒 
Windows 10 Hardening Guide: Secure, Private, and Optimized Setup for…
Over the years, Windows has evolved from a graphical shell on top of MS-DOS into a client front end for Microsoft’s cloud services. Turning it into a fully self-sufficient OS is probably unrealistic, but with some deep…
CONTINUE READING 🡒 
Gemini may have exposed user data via Google Calendar
Google developers have fixed a bug that allowed malicious Google Calendar invitations to remotely take control of Gemini agents running on a victim’s device and steal user data.
CONTINUE READING 🡒 
Fortress assault: Bypassing authentication in FortiOS and FortiProxy
This article narrates my searches for the CVE-2024-55591 vulnerability in FortiOS and FortiProxy disclosed by Fortinet. This security hole makes it possible to bypass authentication using an alternate path or channel (CWE-288) and enables a remote attacker to gain administrator privileges and execute arbitrary commands.
CONTINUE READING 🡒 
How to Encrypt XMPP (Jabber) Chats: Step-by-Step Guide
I don’t think I need to explain why someone might want a reliable, secure communication channel. Sure, you can encrypt messages and send them by email, but the very fact that you’re sending something can be telling.…
CONTINUE READING 🡒 
Microsoft patched over 100 vulnerabilities
As part of the August Patch Tuesday, Microsoft fixed 107 vulnerabilities in its products. Among them was one zero-day vulnerability in Windows Kerberos.
CONTINUE READING 🡒 
Magic Mouse steals 650,000 bank card details every month
After the shutdown of the Darcula phishing platform and the Magic Cat software used by scammers, the Magic Mouse solution has gained popularity among criminals. According to experts at Mnemonic, Magic Mouse is already helping steal the…
CONTINUE READING 🡒 
Phrack publishes article on breaching a North Korean hacker’s systems
Hackers going by the handles Saber and cyb0rg published an article in the latest issue of Phrack (the legendary e-zine that has been published since 1985). The anniversary issue marking Phrack’s 40th year was distributed at the…
CONTINUE READING 🡒 
Best Privacy-Focused Linux Distros for Bypassing Censorship and Protecting Against…
Maybe you’ve already used the Tails distribution—or even run it daily. But it’s not the only OS that can mask your presence online and help you bypass regional restrictions. In this article, we’ll look at five Tails…
CONTINUE READING 🡒 
Lenovo webcams could be used in BadUSB attacks
Experts from Eclypsium demonstrated at DEF CON 33 an attack codenamed BadCam, which exploits vulnerabilities in certain Lenovo webcam models, turning them into tools for remote BadUSB-style attacks.
CONTINUE READING 🡒 
Dozens of Docker Hub images remain infected with the XZ…
Analysts at Binarly have discovered at least 35 images on Docker Hub that are still infected with the backdoor that infiltrated xz Utils last year. The researchers warned that this potentially puts users, organizations, and their data…
CONTINUE READING 🡒 
MikroTik Router Firewall Configuration: Step-by-Step Guide
The firewall is the first—and, unfortunately, in many cases the last—line of defense for a network. The internet is full of advice on how to configure it, but blindly copying someone else’s rules can do more harm…
CONTINUE READING 🡒 
More than 29,000 Exchange servers are vulnerable to a serious…
29,000 Exchange servers are vulnerable to CVE-2025-53786, which allows attackers to move within Microsoft cloud environments, potentially leading to full domain compromise.
CONTINUE READING 🡒 
Security researcher awarded $250,000 for Chrome sandbox escape vulnerability
A security researcher going by the handle Micky received a record payout from Google. The specialist discovered a bug in Chrome that allows bypassing the browser’s sandbox and earned $250,000 through the bug bounty program.
CONTINUE READING 🡒 
How to Choose and Configure an Ad Blocker to Stop…
The web is awash with ads, and the delivery tactics are getting more aggressive. Animated GIFs and Flash, iframes and pop-ups—that’s just the tip of the iceberg. Phishing redirects, trojans, and stealthy cryptojacking scripts that start mining…
CONTINUE READING 🡒 
0-day WinRAR vulnerability used in phishing attacks
ESET specialists reported that a recently patched vulnerability in WinRAR (CVE-2025-8088) was used as a 0-day in phishing attacks and was leveraged to install RomCom malware.
CONTINUE READING 🡒 
Google Ads Customer Data Leaked in Google Hack
Google representatives have confirmed that a recent data breach linked to the Salesforce hack affected Google Ads customer data.
CONTINUE READING 🡒 
Exploring the Darknet: What You Can Find on the I2P…
I2P, the Invisible Internet Project, is arguably the most anonymous network available today. It lets you browse sites and use services without exposing a single byte of your information to third parties. Although I2P launched back in…
CONTINUE READING 🡒