Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

Police Bust GXC Team, One of the Most Active Cybercrime Networks

Spanish Guardia Civil and Group-IB arrest 'GoogleXcoder,' the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil.

HackRead
Open in Source
#web#android#google#git#intel#auth#ssl
What AI Reveals About Web Applications— and Why It Matters

Before an attacker ever sends a payload, they’ve already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your systems behave. AI is significantly accelerating reconnaissance and enabling attackers to map your

Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns. The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains. "TA585 is notable because it

Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data

With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted.

GHSA-3p6w-gv5g-xjw9: MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string

When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5.

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing." A significant chunk of

GHSA-47m2-4cr7-mhcw: quic-go: Panic occurs when queuing undecryptable packets after handshake completion

## Summary A misbehaving or malicious server can trigger an assertion in a quic-go client (and crash the process) by sending a premature HANDSHAKE_DONE frame during the handshake. ## Impact A misbehaving or malicious server can cause a denial-of-service (DoS) attack on the quic-go client by triggering an assertion failure, leading to a process crash. This requires no authentication and can be exploited during the handshake phase. Observed in the wild with certain server implementations (e.g. Solana's Firedancer QUIC). ## Affected Versions - All versions prior to v0.49.1 (for the 0.49 branch) - Versions v0.50.0 to v0.54.0 (inclusive) - Fixed in v0.49.1, v0.54.1, and v0.55.0 onward Users are recommended to upgrade to the latest patched version in their respective maintenance branch or to v0.55.0 or later. ## Details For a regular 1-RTT handshake, QUIC uses three sets of keys to encrypt / decrypt QUIC packets: - Initial keys (derived from a static key and the connection ID) - Han...