2025-08-25 | Hacker Trends

08/24

08/25

08/26

10 Posts

CVE-2025-5419/exploit.js at main · mistymntncop/CVE-2025-5419 · GitHub

https://github.com/mistymntncop/CVE-2025-5419/blob/main/exploit.js

CVE-2025-5419/exploit.js at main · mistymntncop/CVE-2025-5419 · GitHub

5 Posts

Critical Docker Desktop flaw lets attackers hijack Windows hosts

https://www.bleepingcomputer.com/news/security/critical-docker-desktop-flaw-lets-attackers-hijack-windows-hosts/

Critical Docker Desktop flaw lets attackers hijack Windows hosts

4 Posts

Malicious Android apps with 19M installs removed from Google Play

https://www.bleepingcomputer.com/news/security/malicious-android-apps-with-19m-installs-removed-from-google-play/

Malicious Android apps with 19M installs removed from Google Play

4 Posts

Phishing Emails Are Now Aimed at Users and AI Defenses – Malware Analysis, Phishing, and Email Scams

https://malwr-analysis.com/2025/08/24/phishing-emails-are-now-aimed-at-users-and-ai-defenses/

Phishing Emails Are Now Aimed at Users and AI Defenses – Malware Analysis, Phishing, and Email Scams

3 Posts

A Full-Chain Exploit of an Unfused Qualcomm Device

https://hhj4ck.github.io/qualcomm/2025/08/06/secboot-off-qcm2150.html

A Full-Chain Exploit of an Unfused Qualcomm Device

3 Posts

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

https://thehackernews.com/2025/08/phishing-campaign-uses-upcrypter-in.html

Phishing Campaign Uses UpCrypter in Fake Voicemail Emails to Deliver RAT Payloads

3 Posts

Auchan retailer data breach impacts hundreds of thousands of customers

https://www.bleepingcomputer.com/news/security/auchan-retailer-data-breach-impacts-hundreds-of-thousands-of-customers/

Auchan retailer data breach impacts hundreds of thousands of customers

3 Posts

https://wrongbaud.github.io/replicant-slides/

https://wrongbaud.github.io/replicant-slides/

3 Posts

Replicant: Reproducing a Fault Injection Attack on the Trezor One - VoidStar Security Blog

https://voidstarsec.com/blog/replicant-part-1

Replicant: Reproducing a Fault Injection Attack on the Trezor One - VoidStar Security Blog

3 Posts

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

https://securityaffairs.com/181513/apt/pakistan-linked-apt36-abuses-linux-desktop-files-to-drop-custom-malware-in-new-campaign.html

Pakistan-linked APT36 abuses Linux .desktop files to drop custom malware in new campaign

3 Posts

GitHub - msuiche/elegant-bouncer: ELEGANTBOUNCER is a detection tool for file-based mobile exploits.

https://github.com/msuiche/elegant-bouncer

GitHub - msuiche/elegant-bouncer: ELEGANTBOUNCER is a detection tool for file-based mobile exploits.

3 Posts

Sean Metcalf on X: "A critical part of Active Directory security is regularly reviewing your AD admins. The simplest way to do this is to recursively enumerate the membership of the domain Administrators group (that group's members and all member group members). PowerShell code shown below. Check https://t.co/R7Mxn49jZk" / X

https://x.com/PyroTek3/status/1958185786764845516

Sean Metcalf on X: "A critical part of Active Directory security is regularly reviewing your AD admins. The simplest way to do this is to recursively enumerate the membership of the domain Administrators group (that group's members and all member group members). PowerShell code shown below. Check https://t.co/R7Mxn49jZk" / X