HackMag – Page 4 – Tech magazine for cybersecurity specialists

More than 100 dual-function Chrome extensions hijack sessions and steal user credentials

📟 News

Date: 22/05/2025

Author: HackMag

According to DomainTools Intelligence (DTI), more than 100 malicious Chrome browser extensions disguised as VPN services, AI assistants, crypto utilities, etc. are used to steal cookies and covertly execute remote scripts.

Read full article →

IP cameras in pentesting. Improper use of security cameras

Date: 21/05/2025

Author: DrieVlad

In the course of a pentesting audit, you can capture an image from a security camera and attach it to your report – just to please the customer. No doubt, such pictures are impressive, but what can be the real impact of attacks targeting cameras? Today I will show how to run a shell on a camera, gain a foothold on it, and use it for proxying.

Read full article →

Defendnot utility disables Microsoft Defender in Windows

📟 News

Date: 20/05/2025

Author: HackMag

A new tool called Defendnot can disable Microsoft Defender protection on Windows devices even if no real antiviruses are installed in the system.

Read full article →

Malware contained in NPM hides itself using Unicode-based steganography

📟 News

Date: 19/05/2025

Author: HackMag

A malicious package discovered in npm (node package manager) hides its code using invisible Unicode characters and uses Google Calendar links for communication with its C&C servers.

Read full article →

Customer support agents of Coinbase cryptocurrency exchange sold stolen user data to hackers

📟 News

Date: 16/05/2025

Author: HackMag

Coinbase, Inc., a cryptocurrency exchange with over 100 million users, announced that some rogue customer support agents sold customer data to cybercriminals. The extortionists demanded a 20 million USD ransom for nondisclosure of the stolen information.

Read full article →

Agent Tesla: Reversing combat malware in Ghidra

Date: 15/05/2025

Author: Nik Zerof

Recently I encountered an interesting piece of malware called Agent Tesla. It’s still widespread and actively used by cybercriminals (the analyzed sample was dated 2023). Let’s dissect this remote access trojan and find out what’s hidden inside it.

Read full article →

Chrome employs AI to stop scammers

📟 News

Date: 14/05/2025

Author: HackMag

Google introduces a new security feature to Chrome. The new protection system uses the on-device Gemini Nano large language model (LLM) to detect and block scams while users are browsing the web.

Read full article →