CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
Bleeping Computer

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of ...
TechCrunch

Russians caught stealing personal data from Ukrainians with new advanced iPhone hacking tools

A group of hackers suspected of working at least in part for the Russian government targeted iPhone users in Ukraine with a new set of hacking tools designed to steal their personal data, as well as ...
GitHub

A Python-based penetration testing toolkit that includes a port scanner to detect open ports and a brute force password simulator. The project demonstrates basic ethical ...

Penetration testing is an important part of cybersecurity that involves identifying vulnerabilities in systems, networks, and applications before attackers can exploit them. Ethical hackers and ...
TechCrunch

US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools

U.S. and European law enforcement have seized the database from LeakBase, which prosecutors have touted as “one of the world’s largest online forums for cybercriminals” for sharing stolen passwords ...
GitHub

jad-fahmi/py-recon

py-recon/ ├── recon/ │ ├── osint.py # WHOIS, DNS, subdomain enumeration │ ├── network.py # Port scanner, banner grabbing, ping sweep │ ├── automation.py # Chains modules, manages output │ └── utils.py ...
Infosecurity-magazine.com

Over 80% of Ethical Hackers Now Use AI

The vast majority (82%) of ethical hackers now use AI in their workflows, enabling companies to benefit from faster findings, more assessments, broader security coverage and higher quality reporting, ...
Nasdaq

Instagram Rejects Hack Claims After Wave Of Password Reset Emails Alarms Users

(RTTNews) - Instagram (META) has insisted its systems were not breached after large numbers of users received unexpected emails asking them to reset their passwords. The company said it had fixed an ...
NBC Chicago

Instagram addresses security concerns after users receive password reset emails

Despite rumors of a potential security breach after many Instagram users received unexpected password reset emails recently, the social media platform said there was no hack. According to a statement ...
Android

Instagram 'Suspicious' Password Emails Were a Glitch, Not a Hack

Last Friday, a report from Malwarebytes claimed that data from nearly 17.5 million Instagram accounts is being sold on the dark web. The report cited multiple user reports claiming suspicious password ...
Forbes

Hack Your Own Password — Windows Users Urged To Take Action Now

When you think of cyberattacks that compromise your account security, maybe you envisage Microsoft zero-day vulnerabilities being exploited in your software, or perhaps a hacker using ...