Tag: TOOL

OpenAI says Deep Research is coming to ChatGPT free “very soon”
Summary: OpenAI’s “Deep Research,” an advanced AI agent, is set to become available for free users shortly, after currently being exclusive to Plus and Enterprise customers. The feature allows users to prompt the AI for in-depth information and analysis on various topics. Detailed rollout timelines and accessibility for free users are still pending confirmation from OpenAI.…
Read More
Latest gambit for Gamaredon: Fake Ukraine troop movement documents with malicious links
Summary: A long-running Russian hacking group, Gamaredon, is reportedly behind a campaign aimed at installing a surveillance tool on Ukrainian computers through phishing emails. This campaign has been active since at least November 2024 and leverages themes related to the Ukraine invasion to lure victims. The malicious tool deployed, Remcos, allows unauthorized access and data collection from infected systems.…
Read More
Critical Flaw Discovered in WordPress Plugin with 90,000+ Active Installs
Summary: A critical security vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting all versions up to 2.5.1. This flaw allows unauthenticated attackers to execute arbitrary PHP code on servers, posing significant risks to affected websites. Users are urged to update to version 2.5.2 or later to mitigate this threat.…
Read More
French regulator fines Apple 2 million for anticompetitive use of privacy tool
Summary: Apple has been fined €150 million by French regulators for anticompetitive practices related to its App Tracking Transparency (ATT) tool. The French Competition Authority found that Apple’s implementation of ATT created an unfair market advantage, harming smaller app publishers dependent on third-party data collection. Despite the fine, which is minor compared to Apple’s revenues, the regulation did not require Apple to make changes to the tool.…
Read More
⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
Summary: This week’s cybersecurity insights highlight vulnerabilities in widely used systems like Chrome and Kubernetes, as well as emerging threats from phishing-as-a-service operations. The coverage includes data leaks, ransomware trends, and the importance of vigilance against common oversights that can lead to security breaches. Additionally, the impact of recent legal cases and developments in AI-driven cyber threats are discussed.…
Read More
The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
The cyberespionage group Earth Alux, linked to China, employs sophisticated techniques to target critical sectors in the Asia-Pacific (APAC) and Latin America. Their primary backdoor, VARGEIT, facilitates stealthy data exfiltration, affecting vital industries including government, technology, and logistics. To mitigate the risks of such cyber threats, organizations should adopt proactive security measures.…
Read More
Red Team Perspective: Known Attack Surface and Potential Risks of GitLab – Security KER – Security Information Platform
This article discusses various known attack surfaces and potential risks associated with GitLab, highlighting a range of vulnerabilities, including Remote Code Execution (RCE), SSRF, XSS, and permission escalation issues. The information covers the history of vulnerabilities, their impact, and famous cases, emphasizing the importance of security measures for self-managed GitLab instances.…
Read More
RST TI Report Digest: 31 Mar 2025
This week’s threat intelligence report reveals an analysis of multiple cyber threat reports. Key highlights include espionage tactics from APT groups, sophisticated malware deployments, and various Indicators of Compromise (IoCs) detected across platforms. The ongoing evolution of cyber threats emphasizes adaptive techniques utilized by attackers to infiltrate critical sectors.…
Read More
Exposed Jupyter Notebooks Targeted to Deliver Cryptominer
Cado Security Labs uncovered a new cryptomining campaign that exploits misconfigured Jupyter Notebooks across Windows and Linux systems. This campaign employs a series of executables, scripts, and binary downloads to install cryptominers targeting various cryptocurrencies. Affected: Jupyter Notebooks, Windows systems, Linux systems, cloud environments

Keypoints :

A cryptomining campaign utilizes Jupyter Notebooks, targeting Windows and Linux.…
Read More
SVG Phishing Malware Being Distributed with Analysis Obstruction Feature
A recent investigation by AhnLab Security Intelligence Center (ASEC) has uncovered a phishing malware distributed in Scalable Vector Graphics (SVG) format. This malware embeds malicious scripts encoded in Base64, effectively using SVG’s capabilities to evade detection. It exploits users by redirecting them to counterfeit CAPTCHA pages which are designed to hinder analysis and capture sensitive information.…
Read More
Gamaredon Exploits Troop Movement Lures to Spread Remcos via DLL Sideloading
Summary: A targeted malware campaign by the Russian state-aligned group Gamaredon is exploiting Windows shortcut files to disseminate the Remcos backdoor, primarily targeting users in Ukraine. By masquerading as sensitive military documents, this operation takes advantage of the ongoing geopolitical strife, using sophisticated techniques for stealth and access retention.…
Read More

Summary: The video discusses the risks associated with uploading sensitive files, specifically blueprints of cold fusion reactors, to online conversion tools. It highlights concerns about data scraping and potential malware or ransomware infections that may occur upon downloading results from such services.

Keypoints:

Introduction of a free tool for converting blueprints into PDF format.…
Read More
Samsung Tickets Data Leak: Infostealers Strike Again in Massive Free Dump
This article discusses a massive data breach impacting Samsung Germany, where a hacker known as “GHNA” leaked approximately 270,000 customer tickets due to credentials stolen by infostealer malware back in 2021. The breach highlights the dangers of unmonitored and unrotated credentials, leading to potential exploitation and privacy violations for thousands of customers.…
Read More
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed the presence of a new malware, RESURGE, targeting vulnerabilities in Ivanti Connect Secure appliances. This malware exploits a recently patched security flaw (CVE-2025-0282) and has capabilities enhancing its evasion and operational effectiveness. It is linked to espionage activities potentially conducted by state-sponsored threat actors.…
Read More

Summary: The video discusses the latest developments in cybersecurity, including the case of Matt Weiss, a former Michigan quarterback coach facing serious federal charges for hacking student accounts. Additionally, it covers the ongoing issues around data breaches, scam-busting initiatives, and the introduction of new AI technologies aimed at thwarting data scraping.…
Read More
CISA has reported on three malicious files acquired from an Ivanti Connect Secure device compromised through CVE-2025-0282. The files exhibit functionalities similar to known malware, including command and control capabilities and log tampering. RESURGE, the primary file, can modify files and create a web shell. Another file, a variant of SPAWNSLOTH, tampered with logs, while the third one included a shell script that extracts kernel images.…
Read More