In January 2021, Google released a new version of its Chrome browser. In total, 16 vulnerabilities have been fixed in it. Using one of them as an example, let’s find out how such bugs occur and examine their exploitation techniques enabling hackers to attack computers…
CONTINUE READING 🡒 
Chrome Enhanced Protection mode is now powered by AI
The Enhanced Protection mode in Google Chrome has been updated. Now it uses AI to protect users from dangerous sites, downloads, and extensions in real time.
CONTINUE READING 🡒 
Dutch police seize 127 servers belonging to Zservers hosting provider
Following the introduction of international sanctions against Zservers, Russian ‘bulletproof’ hosting services provider, the Dutch National Police (Politie) shut down and seized 127 servers belonging to Zservers/XHost.
CONTINUE READING 🡒 
Advanced cyberphone. Charge your mobile phone with hacker power!
In the hands of a hacker, an ordinary Android smartphone can become a formidable weapon – either on its own or in combination with other devices. But hardware is only one component of hacker’s success: to transform a phone into a hacker tool, special software is required.
CONTINUE READING 🡒 
12,000 Kerio Control firewalls remain vulnerable to RCE
Security experts report that more than 12,000 GFI Kerio Control firewall instances remain vulnerable to the critical RCE vulnerability CVE-2024-52875, which was fixed back in December 2024.
CONTINUE READING 🡒 
2.8 million IP addresses used to brute-force network devices
The Shadowserver Foundation warns of a massive web login brute-forcing attacks targeting nearly 2.8 million IP addresses per day. Unknown attackers are seeking credentials for a wide range of network devices belonging to such companies as Palo Alto Networks, Ivanti, and SonicWall.
CONTINUE READING 🡒 
Failed attempt to block phishing link results in massive Cloudflare…
According to the incident report released by Cloudflare, an attempt to block a phishing URL on the R2 platform accidentally caused a massive outage; as a result, many Cloudflare services were unavailable for almost an hour.
CONTINUE READING 🡒 
Safe Python: Secure coding techniques
This article discusses an important matter every cool hacker programmer should care about: secure code. Perhaps, you think it’s boring and difficult? Not at all! Today I will share with you some of my experience and show how to write Python code you…
CONTINUE READING 🡒 
Abandoned AWS S3 buckets could be used in attacks targeting…
watchTowr discovered plenty of abandoned Amazon S3 buckets that could be used by attackers to deliver malware and backdoors to government agencies and large corporations.
CONTINUE READING 🡒 
Hackers exploit RCE vulnerability in Microsoft Outlook
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Federal Civilian Executive Branch (FCEB) Agencies that they have to secure their systems from ongoing attacks exploiting a critical vulnerability in Microsoft Outlook by February 27, 2025.
CONTINUE READING 🡒 
768 vulnerabilities were exploited by hackers in 2024
According to VulnCheck, 768 CVEs were registered as exploited in real-life attacks in 2024. This is 20% greater compared to 2023 when hackers exploited 639 vulnerabilities.
CONTINUE READING 🡒 
Let’s Encrypt to stop sending expiration notification emails
The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision is that providing expiration notifications costs Let’s Encrypt tens of thousands of dollars per year.
CONTINUE READING 🡒 
Penguin’s secretes: Evidence collection in Linux
Hey, bro, are you aware that Windows is dead? Everyone is switching to free software nowadays. You’re a hacker security guy, right? So, your job is to ensure security. And here’s an interesting case to be investigated: a Linux computer and an incident that occurred with it.…
CONTINUE READING 🡒 
Google patches Android zero-day vulnerability exploited by hackers
Google released the February set of patches for Android. In total, they fix 48 bugs, including a kernel zero-day vulnerability actively exploited by hackers.
CONTINUE READING 🡒 
Dissecting Viber. How to analyze Android apps
Once, while being on a job search, I received an interesting test assignment: analyze Viber for Android, find vulnerabilities in it, and exploit them. Using this episode as an example, I will demonstrate you an efficient approach that can be used to analyze real apps…
CONTINUE READING 🡒 
PyPI introduces a project archival system to combat malicious updates
The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it’s not expected to be updated any time soon.
CONTINUE READING 🡒 
Critical RCE vulnerability fixed in Cacti
A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code.
CONTINUE READING 🡒 
Hackers use vulnerabilities in SimpleHelp RMM to attack corporate networks
Experts believe that recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) were used by attackers to gain initial access to corporate networks.
CONTINUE READING 🡒 
Google to disable Sync in older Chrome versions
Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years.
CONTINUE READING 🡒 
J-magic backdoor attacked Juniper Networks devices using ‘magic packets’
A massive backdoor attack targeting Juniper routers often used as VPN gateways has been uncovered. The devices were attacked by the J-magic malware that starts a reverse shell only after detecting a ‘magic packet’ in network traffic.
CONTINUE READING 🡒