Researchers discovered a vulnerability in Google’s Gemini CLI AI Assistant that allowed the stealth execution of malicious commands and the theft of data from developers’ computers using programs from an approved list.
CONTINUE READING 🡒 
Manjaro vs Arch Linux: Why Stick with Arch for Advanced…
The world of Linux desktop systems is incredibly diverse. As of now, Distrowatch.com lists 288 different distributions, each with its own philosophy and area of application. Throughout the history of the rankings, hundreds of distributions have come…
CONTINUE READING 🡒 
Harness the woolly beast! Identifying critical data in code with…
This article discusses three topics: (1) why should AppSec engineers closely monitor sensitive data contained in their products; (2) how to extract the structure of transmitted data from the service code; and (3) how to assess severity for particular fields in found objects in accordance with…
CONTINUE READING 🡒 
Common Attack Scenarios on Corporate Networks: Analyzing Hacker Strategies
Pentesters at Positive Technologies conduct dozens of penetration tests every year. This article is a collection of typical attack scenarios used during these pentests that allowed them to gain control over the client's network in 80% of…
CONTINUE READING 🡒 
Wazuh Guide: Perimeter Security and Protection Strategies
Today, I'm going to talk about my experience working with Wazuh—an open-source platform that combines the features of SIEM and XDR. This is a flexible system that easily adapts to various tasks, from safeguarding Active Directory and…
CONTINUE READING 🡒 
Building a Pwnagotchi: Creating an AI-Powered Hacking Device
Readers of "Хакер" have likely wondered at least once: is it possible to build an inexpensive device that can hack something with the push of a button? Or even without a button, on its own, automatically? Yes,…
CONTINUE READING 🡒 
Hacker’s Toolkit: Essential Tools for Windows and Linux
Live and learn, always collecting useful tools along the way! Following this principle, I've gathered an extensive collection of utilities, and I'd like to share the best with you. Perhaps you'll find something that will be helpful…
CONTINUE READING 🡒 
Ransomware Attackers Increasingly Threaten Victims with Physical Harm
A ransomware negotiation specialist revealed that hackers are increasingly threatening physical harm to employees of targeted companies and their families in order to force the victimized organizations to pay the ransom.
CONTINUE READING 🡒 
Vulnerability in SAP NetWeaver Exploited to Deploy Auto-Color Linux Malware
Experts at Darktrace warned that hackers exploited a critical vulnerability in SAP NetWeaver (CVE-2025-31324) to deploy Linux malware Auto-Color into the network of an unnamed American chemical company.
CONTINUE READING 🡒 
Building a Hacker’s Toolkit: Essential Utilities for Easier Cybersecurity Operations
Not sure what to do during the holidays? Not basking in the sun while gardening? Not belting out songs in a tipsy haze? No problem! Let me tell you about some fantastic programs that will surely entertain…
CONTINUE READING 🡒 
Checklist: Essential Steps After Purchasing a Virtual Linux Server
A virtual server is suitable for handling a wide range of tasks, especially since renting one is quite affordable. If you're using a VDS, make sure to review this quick checklist after purchasing a virtual server. Ignoring…
CONTINUE READING 🡒 
Microsoft: Secret Blizzard Attacks Russian Diplomatic Missions, Disguising as Kaspersky…
Microsoft reported that the hacker group Secret Blizzard (also known as Turla, Waterbug, and Venomous Bear) is targeting staff at foreign embassies in Moscow. The report states that the hackers allegedly use a MitM (Man-in-the-Middle) position within…
CONTINUE READING 🡒 
Lixiang Car Owners Face Master Account Hacks
The head of “Avilon Electro,” Sergey Melyukh, told the media that fraudsters are hacking the accounts of Li Auto (Lixiang brand) car owners in Russia and then demanding ransom.
CONTINUE READING 🡒 
National Guard Addresses Aftermath of Cyberattack in Minnesota
Minnesota Governor Tim Walz has enlisted the National Guard to address the aftermath of a cyberattack that struck the state capital, the city of Saint Paul, last week.
CONTINUE READING 🡒 
Hackers Embedded Raspberry Pi in Banking Network in Attempted Heist
Group-IB reported that the hacker group UNC2891 (also known as LightBasin) used a Raspberry Pi with 4G support to infiltrate a bank’s network and bypass its security systems. The single-board computer was connected to the same network…
CONTINUE READING 🡒 
Cobalt Strike Used Against Russian Organizations, Malware Hosted on GitHub…
Experts from Kaspersky Lab have discovered new attacks targeting Russian organizations using Cobalt Strike Beacons. To evade detection and execute the malware, attackers are hosting encrypted code in profiles on legitimate services, including GitHub and social media.
CONTINUE READING 🡒 
Lovense Adult Toys Leak Users’ Email Addresses
The Lovense smart sex toys platform has been found vulnerable to a bug that allows anyone to discover a user’s email address if their username is known.
CONTINUE READING 🡒 
French Telecom Giant Orange Hit by Cyberattack
The French telecommunications company Orange, one of the largest telecom operators in the world, reports the discovery of a compromised system within its network.
CONTINUE READING 🡒 
Why Learning Assembly Language Still Matters
Are you thinking about learning assembly language but want to understand what benefits it will bring you as a programmer? Is it worthwhile to dive into the world of programming through assembly, or is it better to…
CONTINUE READING 🡒 
Setting Up a Free and Simple Monitoring System with Netdata
You might have a server, router, or some other device that needs monitoring. How can you set up a monitoring system that doesn't demand attention or resources on its own? In these cases, I recommend using a…
CONTINUE READING 🡒