Penetration Testing Tools

AzureGoat: Damn Vulnerable Azure Infrastructure

• Open Source Tool

AzureGoat: Damn Vulnerable Azure Infrastructure

ddos August 24, 2025

AzureGoat: A Damn Vulnerable Azure Infrastructure Compromising an organization’s cloud infrastructure is like sitting on a gold...

Read More Read more about AzureGoat: Damn Vulnerable Azure Infrastructure

Fake Antivirus Targets Russian Businesses: Inside a New Android Espionage Campaign

• Malware

Fake Antivirus Targets Russian Businesses: Inside a New Android Espionage Campaign

ddos August 24, 2025

The malware Android.Backdoor.916.origin, uncovered by Doctor Web’s research laboratory, specifically targets the corporate sector in Russia and...

Read More Read more about Fake Antivirus Targets Russian Businesses: Inside a New Android Espionage Campaign

Lumma Unleashed: Inside the Vast Ecosystem Powering the World’s Top Infostealer

• Malware

Lumma Unleashed: Inside the Vast Ecosystem Powering the World’s Top Infostealer

ddos August 24, 2025

Experts from Insikt Group have presented the first comprehensive investigation into the activities of Lumma Stealer affiliates—one...

Read More Read more about Lumma Unleashed: Inside the Vast Ecosystem Powering the World’s Top Infostealer

Bidding War: A New Firm Is Offering a Record $20 Million for Zero-Day Exploits

• Vulnerability

Bidding War: A New Firm Is Offering a Record $20 Million for Zero-Day Exploits

ddos August 24, 2025

A new entrant from the United Arab Emirates has shaken up the tightly controlled vulnerability market. Advanced...

Read More Read more about Bidding War: A New Firm Is Offering a Record $20 Million for Zero-Day Exploits

Microsoft Restricts China’s Access to Vulnerability Data After Suspected Leaks

• Cybercriminals
• Microsoft

Microsoft Restricts China’s Access to Vulnerability Data After Suspected Leaks

ddos August 24, 2025

Microsoft has restricted Chinese companies’ access to early notifications about vulnerabilities in its products. The decision follows...

Read More Read more about Microsoft Restricts China’s Access to Vulnerability Data After Suspected Leaks

Alarming Report: The Simple Attack That’s Breaching Half of Corporate Networks

• Cybercriminals

Alarming Report: The Simple Attack That’s Breaching Half of Corporate Networks

ddos August 24, 2025

Amid the escalating wave of cyberthreats—particularly from advanced threat groups—one of the most dangerous yet persistently underestimated...

Read More Read more about Alarming Report: The Simple Attack That’s Breaching Half of Corporate Networks

From Nuggets to Breaches: A Hacker Exposes Critical Flaws in McDonald’s Systems

• Vulnerability

From Nuggets to Breaches: A Hacker Exposes Critical Flaws in McDonald’s Systems

ddos August 24, 2025

The story of an enthusiast hacker breaching McDonald’s digital infrastructure in pursuit of free chicken nuggets has...

Read More Read more about From Nuggets to Breaches: A Hacker Exposes Critical Flaws in McDonald’s Systems

Total Takeover: The Attack That Seizes Your Active Directory With Default Settings

• Vulnerability

Total Takeover: The Attack That Seizes Your Active Directory With Default Settings

ddos August 24, 2025

Researchers at Resecurity have drawn attention to an exceptionally dangerous attack that enables adversaries to seize full...

Read More Read more about Total Takeover: The Attack That Seizes Your Active Directory With Default Settings

Malicious Go Module Targets Solana Devs, Leaking Data to a “U.S.-Based” Server

• Cybercriminals

Malicious Go Module Targets Solana Devs, Leaking Data to a “U.S.-Based” Server

ddos August 24, 2025

Researchers have uncovered a new politically tinged campaign targeting the Solana blockchain ecosystem and, apparently, developers of...

Read More Read more about Malicious Go Module Targets Solana Devs, Leaking Data to a “U.S.-Based” Server

Danger: “Verified” Chrome VPN Extension Exposed as Screen-Capturing Spyware

• Data Leak

Danger: “Verified” Chrome VPN Extension Exposed as Screen-Capturing Spyware

ddos August 24, 2025

The popular Chrome extension FreeVPN.One, installed by more than 100,000 users and marked with a verification check,...

Read More Read more about Danger: “Verified” Chrome VPN Extension Exposed as Screen-Capturing Spyware

AI Bots Are Now Flooding the Web, Straining Servers and Skewing Analytics

• Malware

AI Bots Are Now Flooding the Web, Straining Servers and Skewing Analytics

ddos August 24, 2025

In its latest Fastly Threat Insights report, researchers analyzed more than 6.5 trillion monthly web requests to...

Read More Read more about AI Bots Are Now Flooding the Web, Straining Servers and Skewing Analytics

The Dark Side of Automation: How a Website Builder Became a Phishing Machine

• Cybercriminals

The Dark Side of Automation: How a Website Builder Became a Phishing Machine

ddos August 24, 2025

The website automation platform Lovable has found itself at the center of widespread abuse. Researchers from Proofpoint...

Read More Read more about The Dark Side of Automation: How a Website Builder Became a Phishing Machine

QuirkyLoader: The New A-List Malware Loader Hiding in Plain Sight

• Malware

QuirkyLoader: The New A-List Malware Loader Hiding in Plain Sight

ddos August 24, 2025

IBM X-Force specialists have reported the emergence of a new loader, QuirkyLoader, which since late 2024 has...

Read More Read more about QuirkyLoader: The New A-List Malware Loader Hiding in Plain Sight

UK Data Breach: Hackers Exploit SharePoint Flaws, Leaking Confidential Data

• Vulnerability

UK Data Breach: Hackers Exploit SharePoint Flaws, Leaking Confidential Data

ddos August 22, 2025

Hackers successfully exploited recently discovered vulnerabilities in local Microsoft SharePoint servers, resulting in the leakage of personal...

Read More Read more about UK Data Breach: Hackers Exploit SharePoint Flaws, Leaking Confidential Data

PromptFix: The AI Exploit That Tricks Your Browser into Phishing Scams

• Cybercriminals

PromptFix: The AI Exploit That Tricks Your Browser into Phishing Scams

ddos August 22, 2025

Experts at Guardio Labs have unveiled a novel method of deceiving artificial intelligence, dubbed PromptFix. This technique...

Read More Read more about PromptFix: The AI Exploit That Tricks Your Browser into Phishing Scams

Beyond Words: New Study Reveals AI’s Surprising Strengths (and Failures) in Spatial Reasoning

• Technology

Beyond Words: New Study Reveals AI’s Surprising Strengths (and Failures) in Spatial Reasoning

ddos August 22, 2025

Researchers from SenseTime Research and the S-Lab at Nanyang Technological University have presented a comprehensive technical report...

Read More Read more about Beyond Words: New Study Reveals AI’s Surprising Strengths (and Failures) in Spatial Reasoning