This combination enabled malicious actors to disseminate exploits via WhatsApp, resulting in potential data exfiltration from the user's Apple device.The attack sequence involved:
All occurring without user engagement.https://techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
https://blog.quarkslab.com/patch-analysis-of-Apple-iOS-CVE-2025-43300.html
Please open Telegram to view this post
VIEW IN TELEGRAM
TechCrunch
WhatsApp fixes 'zero-click' bug used to hack Apple users with spyware | TechCrunch
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs.
🔥2
https://cybersecuritynews.com/nothing-phone-code-execution-vulnerability/
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - R0rt1z2/fenrir: Let's control MediaTek's bootchain
Let's control MediaTek's bootchain. Contribute to R0rt1z2/fenrir development by creating an account on GitHub.
👍2🔥1
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains.
https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding/
EtherHiding, a novel technique where the attackers embed malicious payloads (like JADESNOW and INVISIBLEFERRET malware) within smart contracts on public blockchains (like BNB Smart Chain and Ethereum).
https://cloud.google.com/blog/topics/threat-intelligence/dprk-adopts-etherhiding/
Google Cloud Blog
DPRK Adopts EtherHiding: Nation-State Malware Hiding on Blockchains | Google Cloud Blog
North Korea threat actor UNC5342 is leveraging the EtherHiding technique in espionage and financially motivated operations.
🔥5✍1
Please open Telegram to view this post
VIEW IN TELEGRAM
YouTube
This Secret Tech Tracked World Leaders, a Vatican Enemy, and Maybe You
► For more, visit Mother Jones: https://www.motherjones.com/politics/2025/10/firstwap-altamides-phone-tracking-surveillance-secrets-assad-erik-prince-jared-leto-anne-wojcicki/
Operating from their base in Jakarta, where permissive export laws have allowed…
Operating from their base in Jakarta, where permissive export laws have allowed…
This media is not supported in your browser
VIEW IN TELEGRAM
■■■■□ Illegal cell tower location tracking en-masse as FARA disclosure of yet another Jew act emerges.
Credits: Ian Caroll
🤔1😱1😐1
This media is not supported in your browser
VIEW IN TELEGRAM
Major coordinated operation leads to the arrest of 7 suspects behind a large-scale SMS spoofing and SIM-boxing network.
Operation highlights:
🔍 26 searches conducted
👥 5 main operators apprehended
📦 1,200 SIM-boxes running 40,000 SIM cards seized
💳 Hundreds of thousands of additional SIM cards confiscated
🌐 5 servers hosting the illegal service dismantled
💻 2 domains — gogetsms.com & apisim.com — seized and replaced with law enforcement splash pages
💶 €431,000 frozen in bank accounts
💰 $333,000 in crypto seized
🚗 4 luxury cars confiscated
💡 Credits:@smspoolnet(𝕏)
🔗 More: https://x.com/DarkWebInformer/status/1978603403354792430
#CyberSecurity #Takedown #OSINT #CyberCrime #LEA
Please open Telegram to view this post
VIEW IN TELEGRAM
👍2❤1🔥1🤣1
https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/
Please open Telegram to view this post
VIEW IN TELEGRAM
Eclypsium | Supply Chain Security for the Modern Enterprise
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices
Eclypsium researchers have discovered UEFI shells, authorized via Secure Boot, on Framework laptops. The UEFI shells contain capabilities that allow attackers to bypass Secure Boot on roughly 200,000 affected Framework laptops and desktops.
🔥2
Pwn²Own Day 2: Hackers exploit 56 zero-days for $790,000.
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/
BleepingComputer
Pwn2Own Day 2: Hackers exploit 22 zero-days for $267,500
Security researchers collected $267,500 in cash after exploiting 22 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition.
🔥1
https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/
Please open Telegram to view this post
VIEW IN TELEGRAM
Securelist
Mem3nt0 mori – The Hacking Team is back!
Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.
🔥1
Media is too big
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2😱1
https://openai.com/index/introducing-aardvark/
Please open Telegram to view this post
VIEW IN TELEGRAM
Openai
Introducing Aardvark: OpenAI’s agentic security researcher
Now in private beta: an AI agent that thinks like a security researcher and scales to meet the demands of modern software.
❤1🤔1
Juan Sacco
https://www.exploitpack.com/blogs/news/0-day-msr-kernel-exploit-for-windows-11-25h2
Please open Telegram to view this post
VIEW IN TELEGRAM
Exploit Pack
0-Day MSR Kernel Exploit for Windows 11 25H2
New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs control where the CPU jumps for privileged transitions, they are a sensitive part of system state. Operating systems carefully them…
👍1🔥1👏1
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets.
https://www.wired.com/story/major-leak-spills-chinese-hacking-contractor-tools-targets/
https://www.wired.com/story/major-leak-spills-chinese-hacking-contractor-tools-targets/
WIRED
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
Plus: State-sponsored AI hacking is here, Google hosts a CBP face recognition app, and more of the week’s top security news.
🙉2
https://cybersecuritynews.com/7-zip-rce-vulnerability-exploited/
Please open Telegram to view this post
VIEW IN TELEGRAM
Cyber Security News
Hackers Actively Exploiting 7-Zip RCE Vulnerability in the Wild
Hackers have begun actively exploiting a critical remote code execution (RCE) vulnerability in the popular file archiver 7-Zip, putting millions of users at risk of malware infection and system compromise.
❤🔥1👍1🔥1
https://cybersecuritynews.com/critical-windows-graphics-vulnerability/
Please open Telegram to view this post
VIEW IN TELEGRAM
Cyber Security News
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft's Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images.
☃2👍1👌1
cKure Red
The zionist entity (Israel) has “Iron” in the name of many 🪖 technologies (defense-related):
Iron Beam – Israel. High-energy laser air-defense system.
Iron Fist – Israel. Active protection system for vehicles.
Iron Curtain – US. APS for close-range RPG/missile interception.
Iron Wolf – Lithuania. Mechanized infantry brigade (NATO).
Iron Dome – Missile Defense system of Israel.
Iron Sting – Israel. Precision 120mm mortar-guided munition.
Iron Vision – Elbit helmet-mounted 360° situational awareness for tanks.
Please open Telegram to view this post
VIEW IN TELEGRAM
🤯3🤮2🤔1
https://securelist.com/tomiris-new-tools/118143/
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥1
https://github.com/mmathivanan17/CVE-2024-21413
https://cybersecuritynews.com/outlook-remote-code-execution-vulnerability-2/
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mmathivanan17/CVE-2024-21413: Outlook exploitation
Outlook exploitation. Contribute to mmathivanan17/CVE-2024-21413 development by creating an account on GitHub.
🔥5🆒1
https://github.com/hackersatyamrastogi/react2shell-ultimate
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3👌1