Penetration Testing Tools

exifLooter: finds geolocation on all image urls and directories also integrates with OpenStreetMap finds geolocation on image

exifLooter: finds geolocation on all image urls and directories also integrates with OpenStreetMap

ddos August 21, 2025

exifLooter ExifLooter finds geolocation on all image urls and directories and also integrates with OpenStreetMap. Installation go...

BARK: BloodHound Attack Research Kit

ddos August 20, 2025

BloodHound Attack Research Kit BARK stands for BloodHound Attack Research Kit. It is a PowerShell script built...

AWSGoat: Damn Vulnerable AWS Infrastructure

ddos August 20, 2025

Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a...

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains PyPI Supply chain security Python 3.8

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains

ddos August 20, 2025

The developers of the Python Package Index (PyPI) have announced the introduction of a new email domain...

Beyond the Inbox: How a New Phishing Campaign Leverages Copyright Claims to Deliver Noodlophile Malware

ddos August 20, 2025

The Noodlophile malware campaign has entered a new phase, steadily expanding its reach across more countries. Morphisec...

The AI-Nuclear Alliance: Google and TVA Partner to Power Data Centers with Next-Gen Reactors AI, Nuclear Energy

The AI-Nuclear Alliance: Google and TVA Partner to Power Data Centers with Next-Gen Reactors

ddos August 20, 2025

Google, Kairos Power, and the Tennessee Valley Authority (TVA), a federal energy corporation, have entered into an...

A “15.8 Million” Account Leak? Hackers Claim New PayPal Data Dump, Company Denies Breach Chess.com third-party breach Data leak, PayPal AI Security Supply Chain Security xAI Security Qantas Data Breach Android Spyware

Chess.com third-party breach Data leak, PayPal AI Security Supply Chain Security xAI Security Qantas Data Breach Android Spyware

A “15.8 Million” Account Leak? Hackers Claim New PayPal Data Dump, Company Denies Breach

ddos August 20, 2025

On a well-known data leak forum, a post has surfaced advertising the sale of a database allegedly...

UK Government Drops Demand for iCloud Backdoor iOS 26 Apple Backdoor

UK Government Drops Demand for iCloud Backdoor

ddos August 20, 2025

Washington and London have at last managed to reach an accord on an issue that threatened to...

A Single Prompt Is All It Takes: Lenovo Chatbot Vulnerability Exposes Customers and Staff Salesforce TheTruthSpy spyware Matrix protocol Car Security Go Packages IoT Vulnerabilities Scattered Spider Smishing

Salesforce TheTruthSpy spyware Matrix protocol Car Security Go Packages IoT Vulnerabilities Scattered Spider Smishing

A Single Prompt Is All It Takes: Lenovo Chatbot Vulnerability Exposes Customers and Staff

ddos August 20, 2025

A serious incident was recently uncovered on Lenovo’s website involving its corporate chatbot, Lena, designed to assist...

Inside Kimsuky’s GitHub-Powered Cyber-Espionage Campaign Kimsuky

Inside Kimsuky’s GitHub-Powered Cyber-Espionage Campaign

ddos August 20, 2025

At the beginning of 2025, Trellix specialists uncovered a sweeping cyber-espionage campaign targeting diplomatic missions in Seoul....

Beyond the Lab: The Troubling Reality of Facial Recognition on Our Streets Facial Recognition SBOM generation CBP Digital Forensics

Beyond the Lab: The Troubling Reality of Facial Recognition on Our Streets

ddos August 20, 2025

Stories of mistaken arrests caused by facial recognition technology are no longer rare. In 2020, Detroit resident...

TikTok Shop Is Selling GPS Trackers and Audio Recorders for Stalking Partners Stalkerware

TikTok Shop Is Selling GPS Trackers and Audio Recorders for Stalking Partners

ddos August 20, 2025

TikTok has found itself at the center of a new scandal following an investigation by 404 Media:...

“Automated and Dangerous”: A New AI Framework Can Run 150+ Hacking Tools Autonomously

ddos August 20, 2025

The HexStrike AI repository has released HexStrike AI MCP Agents v6.0—a powerful framework for automating penetration tests....

“A True Nightmare”: Leaked Archive Reveals a Highly Sophisticated Linux Rootkit Jaguar Land Rover Linux rootkit Saint Paul cyberattack Exchange Malware Chinese cyber-espionage

Jaguar Land Rover Linux rootkit Saint Paul cyberattack Exchange Malware Chinese cyber-espionage

“A True Nightmare”: Leaked Archive Reveals a Highly Sophisticated Linux Rootkit

ddos August 20, 2025

In the latest issue of the hacker magazine Phrack, a vast archive has been published detailing the...

The Ultimate Betrayal: How Attackers Are Weaponizing Cisco’s Own Safe Links to Phish Users

ddos August 20, 2025

Cybercriminals have discovered a way to weaponize Cisco’s own security mechanisms against its users. Researchers at Raven...

DOJ Seizes $2.8 Million in Crypto from Suspected Zeppelin Ransomware Operator OAG ransomware Zeppelin ToolShell Chain Iran Cyber Threat UK Retail Cyberattack, CMC Financial Impact Indonesia spyware

OAG ransomware Zeppelin ToolShell Chain Iran Cyber Threat UK Retail Cyberattack, CMC Financial Impact Indonesia spyware

DOJ Seizes $2.8 Million in Crypto from Suspected Zeppelin Ransomware Operator

ddos August 19, 2025

The U.S. Department of Justice has announced the seizure of more than $2.8 million in cryptocurrency from...

exifLooter: finds geolocation on all image urls and directories also integrates with OpenStreetMap

BARK: BloodHound Attack Research Kit

AWSGoat: Damn Vulnerable AWS Infrastructure

PyPI Fights Back: New Security Feature Prevents Account Takeovers via Expired Domains

Beyond the Inbox: How a New Phishing Campaign Leverages Copyright Claims to Deliver Noodlophile Malware

The AI-Nuclear Alliance: Google and TVA Partner to Power Data Centers with Next-Gen Reactors

A “15.8 Million” Account Leak? Hackers Claim New PayPal Data Dump, Company Denies Breach

UK Government Drops Demand for iCloud Backdoor

A Single Prompt Is All It Takes: Lenovo Chatbot Vulnerability Exposes Customers and Staff

Inside Kimsuky’s GitHub-Powered Cyber-Espionage Campaign

Beyond the Lab: The Troubling Reality of Facial Recognition on Our Streets

“Automated and Dangerous”: A New AI Framework Can Run 150+ Hacking Tools Autonomously

“A True Nightmare”: Leaked Archive Reveals a Highly Sophisticated Linux Rootkit

DOJ Seizes $2.8 Million in Crypto from Suspected Zeppelin Ransomware Operator

You may have missed

A “Catastrophic” Flaw in Burger King’s Parent Company Exposed

Critical SAP S/4HANA Flaw Exposes Systems to Full Compromise

Apple Issues Urgent Patch for Zero-Click Image Flaw

CSS Injection Can Now Steal Data with Just One Line of Code