HackMag – Page 25 – Tech magazine for cybersecurity specialists

Critical Bug in CrushFTP Allows for Administrative Access

📟 News

Date: 22/07/2025

Author: HackMag

The developers of CrushFTP warn about a zero-day vulnerability (CVE-2025-54309), which hackers are already exploiting. This issue allows for administrative access to vulnerable servers through the web interface.

Read full article →

Mastering Kerberos: Capturing Active Directory on a HackTheBox Virtual Machine

Date: 22/07/2025

Author: snovvcrash

In this article, I will demonstrate how to go from zero to a fully-fledged Active Directory domain controller administrator, with the help of one of the virtual machines available for hacking on the CTF platform HackTheBox. While it may not be the most challenging machine, mastering AD skills is crucial if you’re planning to pentest corporate networks.

Read full article →

Trojan Chaos RAT Discovered in Arch User Repository

📟 News

Date: 22/07/2025

Author: HackMag

Developers of Arch Linux discovered three malicious packages in the Arch User Repository (AUR). These packages were used to install the Chaos remote access trojan (RAT) on Linux devices.

Read full article →

Microsoft Releases Emergency Patch: 0-Day Vulnerabilities in SharePoint Exploited in RCE Attacks

📟 News

Date: 22/07/2025

Author: HackMag

Critical zero-day vulnerabilities in Microsoft SharePoint (CVE-2025-53770 and CVE-2025-53771) have been actively exploited since the end of last week, compromising at least 85 servers worldwide.

Read full article →

Introduction to Hacking: Authentication Testing and Basic Security Exploits

Date: 22/07/2025

Author: Yury "Yurembo" Yazev

Have you ever wondered how software crackers bypass password checks or remove license restrictions from applications? At the heart of this process lies a skill called reverse engineering — and one of its most accessible tools is the debugger. In this article, we’ll take a beginner-friendly look at how to analyze and modify a simple password-protected program using a debugger, revealing the logic behind its checks and even altering its behavior.

Read full article →

Google Sues Operators of BadBox 2.0 Botnet Infecting Over 10 Million Devices

📟 News

Date: 21/07/2025

Author: HackMag

Google has filed a lawsuit against the anonymous operators of the Android botnet BadBox 2.0, accusing them of orchestrating a global fraud scheme targeting the company’s advertising platforms.

Read full article →

Malware LameHug Utilizes LLM to Generate Commands on Infected Machines

📟 News

Date: 21/07/2025

Author: HackMag

The new malware family LameHug utilizes LLM (Large Language Model) to generate commands that are executed on compromised systems running Windows.

Read full article →