GreyNoise has observed a sharp and highly atypical surge in reconnaissance activity targeting Microsoft Remote Desktop Web Access and the RDP Web Client: 1,971 unique IP addresses were active simultaneously, whereas the company typically...
The post GreyNoise Detects Massive Surge in RDP Web Access Probing: Prelude to Password Attacks? appeared first on Penetration Testing Tools.
A new study by specialists at The Trail of Bits has revealed a previously unknown vulnerability in the Google Gemini ecosystem and its associated services, enabling the covert exfiltration of user data through images...
The post Invisible Prompts: A New Attack Uses Malicious Images to Hijack Gemini AI appeared first on Penetration Testing Tools.
Microsoft has issued a warning over the growing surge of large-scale ClickFix phishing attacks and has recommended that system administrators restrict the use of command-line tools and disable the Run dialog in Windows. This...
The post Microsoft Warns: ClickFix Phishing Attacks Are Bypassing EDR appeared first on Penetration Testing Tools.
An attack on Google Classroom has escalated into one of the largest phishing campaigns in recent months. According to Check Point, between August 6 and 12, attackers launched five coordinated waves of distribution, sending...
The post Beyond the Classroom: Phishing Campaign Exploits Google for Global Attack appeared first on Penetration Testing Tools.
CloudSEK researchers have uncovered a new attack vector, dubbed ClickFix, which exploits invisible prompt injection and the prompt overdose technique to compromise automated AI summarization systems. The essence of the method lies in concealing...
The post Ransomware in Your Summary? New Attack Weaponizes AI Assistants appeared first on Penetration Testing Tools.
With each passing year, the number of cryptocurrency-related attacks orchestrated by North Korean groups continues to grow. Their methods are becoming increasingly sophisticated—ranging from large-scale breaches to infiltrating companies through planted employees. Coinbase CEO...
The post Inside the War on Crypto: Coinbase CEO Details Fight Against North Korean Hackers appeared first on Penetration Testing Tools.
In early August 2025, specialists at Fortinet FortiGuard Labs detected a large-scale phishing campaign distributing the UpCrypter loader through counterfeit emails purporting to contain voicemail notifications or order confirmations. The attackers crafted highly convincing...
The post A Global Phishing Spree: The New Campaign Spreading RATs with Fake Voicemails appeared first on Penetration Testing Tools.
GhostBSD has unveiled an updated release, version 25.02-R14.3p2. Built upon FreeBSD 14.3, this iteration delivers bug fixes and refinements aimed at enhancing both stability and overall user experience. The most notable innovation is the...
The post A macOS-like Desktop for BSD? GhostBSD Unveils the Gershwin Environment appeared first on Penetration Testing Tools.
Authorities in the U.S. state of Maryland are investigating a cyberattack that has compromised information systems used to organize transportation services for people with disabilities. The Maryland Transit Administration (MTA) announced on social media...
The post Cyberattack on Maryland Transit Agency Disrupts Services for Persons with Disabilities appeared first on Penetration Testing Tools.
The Android mobile ecosystem has been struck by a new wave of threats driven by the evolution of the HOOK banking trojan. The latest iteration of this malicious program has gained an expanded arsenal...
The post Hook v3: The Banking Trojan That’s Evolving into a Hybrid Ransomware-Spyware Threat appeared first on Penetration Testing Tools.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The list includes two flaws in Citrix Session Recording and one in Git, all...
The post CISA Adds Three Vulnerabilities to Catalog, Urges Immediate Patching appeared first on Penetration Testing Tools.
The Chinese group UNC6384 has launched a series of attacks against diplomats in Southeast Asia and several other countries, acting in the interests of Beijing. The campaign, observed by Google Threat Intelligence Group in...
The post The Spy on the Network: How a Chinese APT Group Is Hijacking Wi-Fi to Target Diplomats appeared first on Penetration Testing Tools.
EByte-AMSI-ProxyInjector A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuffer calls. It suspends the target’s threads, patches the function to always return...
The post EByte-AMSI-ProxyInjector: A New Tool Exposes a Critical Bypass Technique appeared first on Penetration Testing Tools.
On August 21, the Nmap development team unveiled version 7.98 of their legendary tool. At first glance, it might appear to be just another update, yet this release carries particular significance for users of...
The post Nmap 7.98 Arrives with a Critical Security Fix and Major Upgrades appeared first on Penetration Testing Tools.
The Ministry of Justice of South Korea has announced the extradition of a suspected leader of a transnational hacking group — a 34-year-old Chinese national wanted for a series of high-profile thefts targeting wealthy...
The post BTS Hackers Nabbed: South Korea Extradites Alleged Leader of a Vishing Ring appeared first on Penetration Testing Tools.
Researchers at Zscaler ThreatLabz have released a new report on the evolution of the banking trojan Anatsa (also known as TeaBot), first discovered in 2020. This malware targets Android devices and is designed to...
The post Anatsa Android Trojan Expands Its Global Reach and Targets 831 Financial Apps appeared first on Penetration Testing Tools.
A new macOS trojan, emerging on the dark web under the name Mac.c, is rapidly gaining popularity and beginning to compete with one of the underground market’s most notorious threats, AMOS. Analysts at Moonlock...
The post A New Mac Trojan Is on the Prowl, and It’s Cheaper Than Its Top Competitor appeared first on Penetration Testing Tools.
A few days ago, the website DDoSecrets published a data dump allegedly originating from the workstation of an operator involved in a campaign against organizations in South Korea and Taiwan. The author of the...
The post A Rare Look Inside a Hacker’s Toolbox Reveals a Stealthy Chinese Proxy Service appeared first on Penetration Testing Tools.
A large-scale campaign compromising WordPress websites has been uncovered, tied to the evolution of the Help TDS system and the malicious plugin woocommerce_inputs. According to research from GoDaddy Security, between late 2024 and June...
The post Help TDS: How a Stealthy WordPress Malware Turned into a Global Scam Platform appeared first on Penetration Testing Tools.
Researchers from Ctrl-Alt-Int3l have published a detailed analysis of a large-scale operation targeting Vietnamese universities. Their investigation was made possible thanks to open directories where attackers, through a critical oversight, had left behind a...
The post Unmasked by a Blunder: Chinese Hackers Exposed in Massive Vietnam Espionage Campaign appeared first on Penetration Testing Tools.
