Dark Reading

Swipe, Plug-in, Pwned: Researchers Find New Ways to Hack Vehicles

Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers in the latest ...
Cybernews

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...

This new LinkedIn phishing scam is targeting executives

Here's what to look out for ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...

Chainalysis bets on automation to scale onchain investigations beyond developers

Chainalysis has launched Workflows, a no-code feature that lets non-technical users automate advanced onchain investigations ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
The Hacker News

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, using phishing links ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
High Times

Fuck 12/12: Inside the Supercycle Crew Breaking the Cannabis Flowering Rule

For more than half a century, cannabis cultivation has relied on a simple, widely accepted convention: the 12–12 light cycle, which means 12 hours of light followed by 12 hours of darkness to trigger ...
Forbes

2FA Code Attacks Surge As Russian Hackers Target Microsoft Users

Microsoft 365 is under attack, China and Russia afflited hackers suspected. Updated December 23 with advice from a mobile security solutions expert regarding the Russian device code attacks targeting ...
Bleeping Computer

Zeroday Cloud hacking event awards $320,0000 for 11 zero days

The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. The first ...