12/09

Cybercrime gang arrested after turning Airbnbs into fraud centers

https://www.bleepingcomputer.com/news/security/cybercrime-gang-arrested-after-turning-airbnbs-into-fraud-centers/
Cybercrime gang arrested after turning Airbnbs into fraud centers

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

https://thehackernews.com/2024/12/black-basta-ransomware-evolves-with.html
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

Eight Suspected Phishers Arrested in Belgium, Netherlands - SecurityWeek

https://www.securityweek.com/eight-suspected-phishers-arrested-in-belgium-netherlands/
Eight Suspected Phishers Arrested in Belgium, Netherlands - SecurityWeek

Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection - Flatt Security Research

https://flatt.tech/research/posts/compromising-openwrt-supply-chain-sha256-collision/
Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection - Flatt Security Research

Broken authentication: 7 Advanced ways of bypassing insecure 2-FA implementations

https://blog.intigriti.com/hacking-tools/broken-authentication-7-advanced-ways-of-bypassing-insecure-2-fa-implementations
Broken authentication: 7 Advanced ways of bypassing insecure 2-FA implementations

Windows Zero-Day Vulnerability CVE-2024-38193 Exploited in the Wild: PoC Published

https://securityonline.info/windows-zero-day-vulnerability-cve-2024-38193-exploited-in-the-wild-poc-published/
Windows Zero-Day Vulnerability CVE-2024-38193 Exploited in the Wild: PoC Published

DDoSecrets Unveils Massive "Library of Leaks" Search Engine with Millions of Leaked Documents

https://securityonline.info/ddosecrets-unveils-massive-library-of-leaks-search-engine-with-millions-of-leaked-documents/
DDoSecrets Unveils Massive "Library of Leaks" Search Engine with Millions of Leaked Documents

Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI

https://thehackernews.com/2024/12/researchers-uncover-prompt-injection.html
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI

From XSS Vulnerability to Full Admin Access – haymiz@kali:~/blog$

https://haymiz.dev/security/2024/11/25/stored-xss-takeover/
From XSS Vulnerability to Full Admin Access – haymiz@kali:~/blog$

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices

https://thehackernews.com/2024/12/socks5systemz-botnet-powers-illegal.html
Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices

The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek

https://www.securityweek.com/the-eu-makes-an-urgent-tiktok-inquiry-on-russias-role-in-romanian-election-turmoil/
The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek

QR codes bypass browser isolation for malicious C2 communication

https://www.bleepingcomputer.com/news/security/qr-codes-bypass-browser-isolation-for-malicious-c2-communication/
QR codes bypass browser isolation for malicious C2 communication