lemmydev2

The "Russian Market" cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. [...]

Significant vulnerabilities were uncovered in pre-installed applications on Ulefone and Krüger&Matz Android smartphones that expose users to significant risks, including unauthorized factory resets, PIN code theft, and malicious command injection.  These flaws, published on May 30, 2025, demonstrate how Improper Export of Android Application Components (CWE-926) can compromise device security at the system level. Factory […] The post Vulnerabilities in Preinstalled Android Apps Expose PIN Codes and Allow Command Injection appeared first on Cyber Security News.

Joseph Cox / 404 Media: Thomas White, who served five years for administering Silk Road 2.0 and possessing images of CSAM, claims to have co-founded activism organization DDoSecrets  —  A co-founder of transparency activism organization Distributed Denial of Secrets (DDoSecrets) was a dark web drug kingpin who ran …

Recent research reveals an alarming revelation that exposes the fragile state of modern cybersecurity: 98.6% of organizations harbor concerning misconfigurations in their cloud environments that create critical risks to data and infrastructure.  As businesses continue their rapid migration to cloud platforms, these seemingly minor configuration errors have emerged as the leading cause of devastating data […] The post Cloud Misconfigurations The Silent Threat to Data Security appeared first on Cyber Security News.

A growing crisis is emerging in corporate cybersecurity operations, where organizational silos between IT and security teams are creating dangerous blind spots and slowing critical threat response times. New research reveals that 72% of organizations report that their security and IT operational data remain siloed, contributing to corporate misalignment and elevated security risks that could […] The post Breaking Down Silos Aligning IT and Security Teams appeared first on Cyber Security News.

32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are more realistic, noting they feel uncertain about achieving this near impossible outcome. Software compliance adoption varies across organizations While Software Bill of Material (SBOM) regulations and guidelines continue to increase, organizations vary in their level of adoption. Notably, some organizations do not have enough visibility, while others struggle with insufficient tools and processes. … More → The post 48% of security pros are falling behind compliance requirements appeared first on Help Net Security.

Comments

An AI-powered system could soon take responsibility for evaluating the potential harms and privacy risks of up to 90% of updates made to Meta apps like Instagram and WhatsApp, according to internal documents reportedly viewed by NPR. NPR says a 2012 agreement between Facebook (now Meta) and the Federal Trade Commission requires the company to […]

The Federal Criminal Police Office of Germany (Bundeskriminalamt or BKA) claims that Stern, the leader of the Trickbot and Conti cybercrime gangs, is a 36-year-old Russian named Vitaly Nikolaevich Kovalev. [...]

28-year-old alleged to have made multiple drops to folks who turned out to be undercover FBI agents A Defense Intelligence Agency (DIA) IT specialist is scheduled to appear in court today after being caught by the FBI trying to surreptitiously drop top secret information to a foreign government in a public park.…

While hunting, I found an interesting picture. It's a PNG file that was concatenated with two interesting payloads. There are file formats that are good candidates to have data added at the end of the file. PNG is the case because the file format specifications says:

The glitch lasted a few hours but caused traffic jams on alternate routes.