#git

Kaspersky researchers uncovered Operation ForumTroll, an attack campaign utilising the new 'Dante' spyware developed by Memento Labs, the rebranded Hacking Team. The attacks used a Chrome zero-day vulnerability (CVE-2025-2783) and COM hijacking for persistence, confirming the continued deployment of advanced surveillance tools by the controversial Italian firm.

A lack of server-side validation for note length in MantisBT allows attackers to permanently corrupt issue activity logs by submitting extremely long notes (tested with 4,788,761 characters). Once such a note is added: ### Impact - The entire activity stream becomes unviewable (UI fails to render). - New notes cannot be displayed, effectively breaking all future collaboration on the issue. ### Patches Fixed in 2.27.2. ### Workarounds None ### Credits Thanks to Mazen Mahmoud (@TheAmazeng) for reporting the vulnerability.

Due to an incorrect use of loose (`==`) instead of strict (`===`) comparison in the [authentication code][1], PHP type juggling will cause interpretation of certain MD5 hashes as numbers, specifically those matching scientific notation. [1]: https://github.com/mantisbt/mantisbt/blob/0fb502dd613991e892ed2224ac5ea3e40ba632bc/core/authentication_api.php#L782 ### Impact On MantisBT instances configured to use the *MD5* login method, user accounts having a password hash evaluating to zero (i.e. matching regex `^0+[Ee][0-9]+$`) are vulnerable, allowing an attacker knowing the victim's username to login without knowledge of their actual password, using any other password having a hash evaluating to zero, for example `comito5` (0e579603064547166083907005281618). No password bruteforcing for individual users is needed, thus $g_max_failed_login_count does not protect against the attack. ### Patches Fixed in 2.27.2. ### Workarounds Check the database for vulnerable accounts, and change tho...

App stores are overflowing with AI lookalikes—some harmless copies, others hiding adware or even spyware.

Malwarebytes earned three PCMag wins and achieved 100% protection in AVLab Cybersecurity Foundation’s latest malware test.

Bad actors are increasingly training their sights on trucking and logistics companies with an aim to infect them with remote monitoring and management (RMM) software for financial gain and ultimately steal cargo freight. The threat cluster, believed to be active since at least June 2025 according to Proofpoint, is said to be collaborating with organized crime groups to break into entities in the

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky phishing, the attacks came from all sides. Even encrypted backups and secure areas were put to the test.

North Korean hackers from the Famous Chollima group used AI deepfakes and stolen identities in fake job interviews to infiltrate crypto and Web3 companies.

About Remote Code Execution – XWiki Platform (CVE-2025-24893) vulnerability. XWiki is a free and open-source wiki platform written in Java, with a strong focus on extensibility. It supports WYSIWYG visual editing, importing and exporting documents in OpenDocument format, adding annotations and tags, as well as flexible access rights management. The vulnerability allows an attacker with […]

Cybersecurity researchers have shed light on two different Android trojans called BankBot-YNRK and DeliveryRAT that are capable of harvesting sensitive data from compromised devices. According to CYFIRMA, which analyzed three different samples of BankBot-YNRK, the malware incorporates features to sidestep analysis efforts by first checking its running within a virtualized or emulated environment