Fake TikTok Downloaders on Chrome and Edge Spying on 130,000 Users

Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data...

The n8n n8mare: How threat actors are misusing AI workflow automation

Cisco Talos research has uncovered agentic AI workflow automation platform abuse in emails. Recently, we identified an increase in the number of emails that abuse n8n, one of these platforms, from as early as October 2025 through March 2026. In this blog, Talos provides concrete examples of how...

Criminals are renting virtual phones to bypass bank security

Researchers at Group-IB warn about criminals using virtual Android devices to bypass modern security solutions. Cloud phones are virtual Android devices that can fully mimic real device fingerprints model, hardware, IP, timezone, sensor data, behavior. This allows them to undermine banks’...

CONTEX-T: Contextual Privacy Exploitation Via Transformer Spectral Analysis for IoT Device Fingerprinting

The rapid expansion of internet of things IoT devices have created a pervasive ecosystem where encrypted wireless communications serve as the primary privacy and security protection mechanism. While encryption effectively protects message content, packet metadata and statistics inadvertently expo...

EUVD-2019-3419

Malware in sbrugna...

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

The threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. "Rhadamanthys was...

Transformers for Secure Hardware Systems: Applications, Challenges, and Outlook

The rise of hardware-level security threats, such as side-channel attacks, hardware Trojans, and firmware vulnerabilities, demands advanced detection mechanisms that are more intelligent and adaptive. Traditional methods often fall short in addressing the complexity and evasiveness of modern...

Experts Flag Security, Privacy Risks in DeepSeek AI App

New mobile apps from the Chinese artificial intelligence AI company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek's design choices -- such as using hard-coded encryption keys,...

Google Is Allowing Device Fingerprinting

Lukasz Olejnik writes about device fingerprinting, and why Google's policy change to allow it in 2025 is a major privacy setback. EDITED TO ADD 1/12: Shashdot thread...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant

Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-patched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-see...

The 4 most common bad bot attack methods targeting financial services

Organizations in the financial services sector are high-value targets for cybercriminals. In recent years, more sophisticated botnets and other bad bot attack methods have enabled malicious hackers to ratchet up the speed of attacks on this sector. The four most common ways hackers deploy botnets...

CVE-2019-11749

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

Design/Logic Flaw

A vulnerability exists in WebRTC where malicious web content can use probing techniques on the getUserMedia API using constraints to reveal device properties of cameras on the system without triggering a user prompt or notification. This allows for the potential fingerprinting of users. This...

Black Hat 2019: 5G Security Flaw Allows MiTM, Targeted Attacks

LAS VEGAS — 5G commercial networks are starting to roll out, promising exciting new use cases like automated cars, and smart sensor networks where the nodes have 10-year battery lives. To go along with these possibilities are new security requirements; notably, improvements in device...

Calibration Attack Drills Down on iPhone, Pixel Users

A proof-of-concept for a new type of privacy attack, dubbed “calibration fingerprinting,” uses data from Apple iPhone sensors to construct a globally unique fingerprint for any given mobile user. Researchers said that this provides an unusually effective means to track people as they browse acros...

SAS 2019: Genesis Marketplace Peddles 60K Stolen Digital Identities

SINGAPORE – A newly-discovered underground marketplace, dubbed Genesis, is peddling tens of thousands of stolen digital “masks” — i.e., identities — which equip cybercriminals with the tools they need to get away with online fraud. Researchers at Kaspersky Lab’s Security Analyst Summit 2019, whic...

Google Partially Patches Flaw in Chrome for Android 3 Years After Disclosure

Google has finally patched a privacy vulnerability in its Chrome web browser for Android that exposes users' device model and firmware version, eventually enabling remote attackers to identify unpatched devices and exploit known vulnerabilities. The vulnerability, which has not yet given any CVE...

Chrome in Android Leaks Device Fingerprinting Info

Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS “working as intended.” The issue – which still doesn’t have a CVE designation despite being partially addressed as a problem – has to do with how...

KNX Home Automation Security Auditing: KNXmap

KNX Home Automation Security Auditing A tool for scanning and auditing KNXnet/IP gateways on IP driven networks. KNXnet/IP defines Ethernet as physical communication media for KNX EN 50090, ISO/IEC 14543. KNXmap also allows to scan for devices on the KNX bus via KNXnet/IP gateways. In addition to...