ETiT3's avatar
ETiT3
npub1u5sy...wrkt
ETiT3's avatar
ETiT3 2 weeks ago
#malicious #Go #Crypto Module Steals #passwords, Deploys #Rekoobe #backdoor #Cybersecurity #researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via #SSH, and deliver a #Linux backdoor named Rekoobe. The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" #codebase, but injects malicious #code that's responsible for #exfiltrating #secrets entered via #terminal password -- info@thehackernews.com (The Hacker News) (Fri Feb 27 16:33:00 GMT+01:00 2026)
The Hacker News
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the Rekoobe Linux backdoor.
ETiT3's avatar
ETiT3 2 weeks ago
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access A newly disclosed #maximum-severity #security flaw in #Cisco #Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of #malicious #activity that dates back to #2023. The #vulnerability, tracked as #CVE-2026-20127 (CVSS score: 10.0), allows an #unauthenticated #remote attacker to #bypass #authentication and obtain -- info@thehackernews.com (The Hacker News) (Thu Feb 26 07:13:00 GMT+01:00 2026) https://thehackernews.com/2026/02/cisco-sd-wan-zero-day-cve-2026-20127.html
ETiT3's avatar
ETiT3 2 weeks ago
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries #Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus #cyber #espionage group tracked as #UNC2814 that breached at least 53 #organizations across 42 #countries. "This prolific, elusive actor has a long history of targeting #international #governments and global #telecommunications organizations across #Africa, #Asia, and the #Americas," -- info@thehackernews.com (The Hacker News) (Wed Feb 25 18:46:00 GMT+01:00 2026)
The Hacker News
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
Google disrupts China-linked UNC2814 after 53 breaches in 42 countries using GRIDTIDE via Google Sheets API.
ETiT3's avatar
ETiT3 2 weeks ago
In August 2025, Google announced ↗ that as of September 2026, it will no longer be possible to develop apps for the Android platform without first registering centrally with Google. This registration will involve: - Paying a fee to Google - Agreeing to Google’s Terms and Conditions - Providing government identification - Uploading evidence of the developer’s private signing key - Listing all current and future application identifiers
Keep Android Open
Advocating for Android as a free, open platform for everyone to build apps on.
ETiT3's avatar
ETiT3 3 weeks ago
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That's according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026. "No exploitation of FortiGate -- info@thehackernews.com (The Hacker News) (Sat Feb 21 15:49:00 GMT+01:00 2026)
The Hacker News
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
AI-augmented actor breached 600+ FortiGate devices in 55 countries using weak credentials and exposed ports, Amazon reports.
ETiT3's avatar
ETiT3 3 weeks ago
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spyware -- info@thehackernews.com (The Hacker News) (Mon Feb 16 11:24:00 GMT+01:00 2026)
The Hacker News
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
ZeroDayRAT is a cross-platform mobile spyware sold on Telegram that enables live surveillance, OTP theft, and financial data theft on infected devices
ETiT3's avatar
ETiT3 3 weeks ago
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks range in severity from integrity violations to the complete compromise of all vaults in an organization," researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson said. -- info@thehackernews.com (The Hacker News) (Mon Feb 16 19:06:00 GMT+01:00 2026)
The Hacker News
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers
Academic study finds 25 attack methods in major cloud password managers exposing vault, recovery, and encryption design risks.
ETiT3's avatar
ETiT3 3 weeks ago
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok -- info@thehackernews.com (The Hacker News) (Tue Feb 17 19:08:00 GMT+01:00 2026)
The Hacker News
Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies
Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack automation.
ETiT3's avatar
ETiT3 3 weeks ago
From Exposure to Exploitation: How AI Collapses Your Response Window We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts you’d eventually pay down during a slower cycle. In 2026, “Eventually” is Now But today, within minutes, AI-powered -- info@thehackernews.com (The Hacker News) (Thu Feb 19 12:55:00 GMT+01:00 2026)
The Hacker News
From Exposure to Exploitation: How AI Collapses Your Response Window
AI compresses cyberattack timelines—32% of flaws exploited day-zero, phishing up 1,265%, forcing shift to CTEM defense models.
ETiT3's avatar
ETiT3 3 weeks ago
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries. The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment -- info@thehackernews.com (The Hacker News) (Thu Feb 19 18:50:00 GMT+01:00 2026)
The Hacker News
INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
INTERPOL-led Red Card 2.0 arrests 651, seizes $4.3M, dismantles scam networks across 16 African nations.
ETiT3's avatar
ETiT3 3 weeks ago
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence. The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots, -- info@thehackernews.com (The Hacker News) (Thu Feb 19 18:52:00 GMT+01:00 2026)
The Hacker News
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
PromptSpy Android malware abuses Google Gemini to analyze screens, automate persistence, block removal, and enable VNC-based remote device control.
ETiT3's avatar
ETiT3 3 weeks ago
Former Google Engineers Indicted Over Trade Secret Transfers to Iran Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran. Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor Ghandali, 32, have been accused -- info@thehackernews.com (The Hacker News) (Fri Feb 20 06:27:00 GMT+01:00 2026)
The Hacker News
Former Google Engineers Indicted Over Trade Secret Transfers to Iran
DOJ indicts two ex-Google engineers and a spouse for allegedly stealing Tensor trade secrets, sending hundreds of files to Iran, and obstructing justi
ETiT3's avatar
ETiT3 3 weeks ago
Si la chouette hulule, c'est qu'il y a quelqu'un qui ne dors pas image