ICE Has Spyware Now

Plus: An AI chatbot system is linked to a widespread hack, details emerge of a US plan to plant a spy device in North Korea, your job’s security training isn’t working, and more...

Linux Distros Unpatched Vulnerability : CVE-2020-5213

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code...

TransUnion Data Breach: 4.4 Million US Consumers’ Data Stolen

A TransUnion data breach exposed 4.4 million US consumers' Social Security numbers via a Salesforce hack. The attack…...

MAL-2025-41711 Malicious code in nofex-hack (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in nofex-hack (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Russia Is Cracking Down on End-to-End Encrypted Calls

Plus: ICE agents accidentally add a random person to a sensitive group chat, Norwegian intelligence blames the Kremlin for hacking a dam, and new facial recognition vans roam the UK...

MAL-2025-20017 Malicious code in evony-resources-hack844 (npm)

The package evony-resources-hack844 was found to contain malicious code...

Malicious code in snapchat-score-hack441 (npm)

The package snapchat-score-hack441 was found to contain malicious code...

Malicious code in evony-resources-hack124 (npm)

The package evony-resources-hack124 was found to contain malicious code...

The “Incriminating Video” Scam

A few years ago, scammers invented a new phishing email. They would claim to have hacked your computer, turned your webcam on, and videoed you watching porn or having sex. BuzzFeed has an article talking about a "shockingly realistic" variant, which includes photos of you and your house--more...

Linux Distros Unpatched Vulnerability : CVE-2021-47229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: aardvark: Fix kernel panic during PIO transfer Trying to start a new PIO transfer by writing value 0 in PIOSTART register when previous transfer has not ye...

The US Court Records System Has Been Hacked

Plus: Instagram sparks a privacy backlash over its new map feature, hackers steal data from Google's customer support system, and the true scope of the Columbia University hack comes into focus...

Man Gets Suspended Sentence for Hate-Fueled UK Train Stations WiFi Hack

British citizen John Wik sentenced for Islamophobic WiFi hack at UK train stations in Sept 2024. Learn about…...

AT&T to pay compensation to data breach victims. Here’s how to check if you were affected

AT&T is set to pay $177 million to customers affected by two significant data breaches. These breaches exposed sensitive personal information of millions of current and former AT&T customers. For those that have missed the story so far: Back in 2021, an entity named Shiny Hunters a known hacking...

Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist

Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports. It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per...

CVE-2023-41893

Home assistant is an open source home automation. The audit team’s analyses confirmed that the redirecturi and clientid are alterable when logging in. Consequently, the code parameter utilized to fetch the accesstoken post-authentication will be sent to the URL specified in the aforementioned...

CVE-2010-1339

Cross-site scripting XSS vulnerability in tsother.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a modboard action, which is not properly handled in a forced SQL error message...

CVE-2008-5283

Google Hack Honeypot GHH File Upload Manager 1.3 allows remote attackers to delete uploaded files via unknown vectors related to the delall action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. CVE analysis suggests...

Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack

Eric Council Jr. sentenced for 2024 SIM swap that led to fake Bitcoin ETF tweet from SEC’s X account, briefly impacting crypto markets...

AutoPentest: Enhancing Vulnerability Management with Autonomous LLM Agents

A recent area of increasing research is the use of Large Language Models LLMs in penetration testing, which promises to reduce costs and thus allow for higher frequency. We conduct a review of related work, identifying best practices and common evaluation issues. We then present AutoPentest, an...