noname 🥸

@n3rd

109 Following

19 Followers

noname 🥸 pfp

👀 Hackers are mining crypto in the cloud—on your dime. Microsoft uncovered Storm-1977 targeting education sector cloud accounts via password spraying. They used AzureChecker.exe, hijacked guest accounts, spun up 200+ containers, and ran illicit crypto mining. ⚠️ Time to lock it down. 👉 Learn more: https://thehackernews.com/2025/04/storm-1977-hits-education-clouds-with.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

Baltimore City Public Schools data breach affects over 31,000 people Source: BleepingComputer https://search.app/d9sXC

0 reply

0 recast

0 reaction

noname 🥸 pfp

Craft CMS RCE exploit chain used in zero-day attacks to steal data Source: BleepingComputer https://search.app/1HZaT

0 reply

0 recast

0 reaction

noname 🥸 pfp

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion Source: The Hacker News https://search.app/pvLmg

0 reply

0 recast

0 reaction

noname 🥸 pfp

Lazarus hackers breach six companies in watering hole attacks Source: BleepingComputer https://search.app/NMg8D

0 reply

0 recast

0 reaction

noname 🥸 pfp

Donate to @n3rd's crowdfund "Travel cost to attend DEF CON 33"

0 reply

0 recast

0 reaction

noname 🥸 pfp

🔥 Fake jobs, real danger. North Korean hackers are posing as crypto firms to lure devs into malware traps. 🔹3 fronts: BlockNovas, Angeloper, SoftGlide 🔹3 Malware: BeaverTail, InvisibleFerret, OtterCookie 🔹3 Target: Your wallet, data & trust. Read: https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

👀 New Linux Rootkit Exploits io_uring, Evades Detection ARMO’s Curing rootkit uses io_uring to bypass system call monitoring—Falco, Tetragon, and even Microsoft Defender can’t see it. Attackers can run commands without triggering system calls. Read → https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🔒 WhatsApp rolls out Advanced Chat Privacy! 🔸 Blocks chat exports, auto-downloads, & AI use in sensitive convos. 🔸 Still allows screenshots & manual media saves. 🔸 Available now for all users on the latest update. Update to try it 👉 https://thehackernews.com/2025/04/whatsapp-adds-advanced-chat-privacy-to.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

⚠️ Target: Russian Military! Android.Spy.1292.origin spyware steals data via fake Alpine Quest apps. — Spread via fake Telegram & Rus. app stores — Steals loc., contacts, files — Sends data to Telegram bot, runs hidden malware Doctor Web says it mimics Alpine Quest Pro, widely used in military zones. Read: https://thehackernews.com/2025/04/android-spyware-disguised-as-alpine.html 👀 Kaspersky found a Windows backdoor in fake ViPNet updates targeting Russian government, finance, and industry.

0 reply

0 recast

0 reaction

noname 🥸 pfp

🚨 New Tactics from Russian Hackers! Since March 2025, Russian threat groups UTA0352 & UTA0355 are targeting Ukraine-linked orgs via Microsoft 365 OAuth abuse. No fake sites—just official Microsoft URLs, real Signal/WhatsApp invites, and compromised Ukrainian Gov accounts. 🔗 Learn more: https://thehackernews.com/2025/04/russian-hackers-exploit-microsoft-oauth.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🔥 Google pulls the plug on third-party cookie prompts in Chrome. No more new pop-ups — just Incognito upgrades & IP protection by Q3 2025. While Firefox & Safari banned 3rd-party cookies in 2020, Google stalls—caught between privacy & profit. Read — https://thehackernews.com/2025/04/google-drops-cookie-prompt-in-chrome.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🚨 Crypto Devs, Watch Out! Ripple's xrpl.js library was backdoored to steal private keys! Over 2.9M downloads, 135K devs at risk. 🗓️ Malicious versions: 4.2.1–4.2.4, 2.14.2 🛡️ Safe versions: 4.2.5, 2.14.3 👤 Hacker hijacked a Ripple dev's npm account on April 21, 2025. 🔗 Learn more: https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🛑 New Malware Targets Docker — but it’s not about crypto mining anymore. Hackers are hijacking Docker to run fake nodes on a Web3 network called Teneo. Instead of mining, they farm TENEO tokens by sending fake heartbeat signals. 🔹 325+ downloads from Docker Hub Read more ➝ https://thehackernews.com/2025/04/docker-malware-exploits-teneo-web3-node.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

💣 Lotus Panda, a China-linked APT, breached key sectors across Southeast Asia—govt, telecom, air traffic—from Aug 2024 to Feb 2025. New tools. Stolen Chrome data. Hijacked legit software. Read full report 👉 https://thehackernews.com/2025/04/lotus-panda-hacks-se-asian-governments.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🕵️‍♂️ Kimsuky is back—and digging deep. A new Larva-24005 campaign is exploiting old RDP bugs (BlueKeep, CVE-2019-0708) to breach systems in South Korea, Japan & beyond—with targets across energy, finance & tech. Learn more: https://thehackernews.com/2025/04/kimsuky-exploits-bluekeep-rdp.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🚨 Surge in cyberattacks tied to Russian bulletproof host Proton66 since Jan 8, 2025. New research links it to brute-force, malware, ransomware—even traffic routed via Kaspersky Lab’s network path. Attackers exploit 2024–25 zero-days, deploy SuperBlack & WeaXor ransomware, and run phishing via hacked WordPress sites. Learn more: https://thehackernews.com/2025/04/hackers-abuse-russian-bulletproof-host.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🚨 Malware Alert for Developers! 3 npm packages are mimicking a popular Telegram bot library—but secretly install SSH backdoors & exfiltrate your data. They replicate the look of node-telegram-bot-api (100K+ weekly users), use starjacking to fake credibility, and target Linux systems. Removal ≠ protection—SSH keys stay behind. Learn more: https://thehackernews.com/2025/04/rogue-npm-packages-mimic-telegram-bot.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

🚨 Russia’s APT29 hits EU diplomats with new malware disguised as wine-tasting invites. 🍷 GRAPELOADER is a stealthy first-stage loader hidden in “wine-zip” 🎯 Targets: European Ministries of Foreign Affairs 🔄 Launches WINELOADER for deep system access 🔗 Full report: https://thehackernews.com/2025/04/apt29-deploys-grapeloader-malware.html

0 reply

0 recast

0 reaction

noname 🥸 pfp

👀 Attackers are now using multi-stage payloads that slip past detection—via simple tricks, not complex code. One phishing email = 3 malware strains: • Agent Tesla • Remcos RAT • XLoader 🔐 Plus: a new MysterySnail variant is targeting Mongolia & Russia—40+ commands, remote access, and evasion built-in. ➡️ See the full analysis: https://thehackernews.com/2025/04/multi-stage-malware-attack-uses-jse-and.html

0 reply

0 recast

0 reaction