HackingPassion.comSecurity News
105 posts
GhostLock locks every shared file on any Windows network in minutes using nothing but a standard login, and every security tool watching stays completely …
A backdoor called PamDOORa targets Linux systems through PAM and steals SSH credentials from every user who logs in. It leaves no trace in process lists, …
A new Linux zero-day called Dirty Frag gives any local user full root access on every major Linux distribution, and right now no distribution has a patched …
Twelve critical vulnerabilities were just published for vm2, a Node.js security library that sits inside millions of applications. Three of them score a perfect …
Google Chrome installed a 4 GB AI model on your machine without asking. The pitch is that it runs locally, keeping your data off Google’s servers. The AI …
Microsoft Edge loads every saved password into memory the moment the browser opens. They sit there in plain readable text for the entire session, even for sites …
Microsoft Defender deleted DigiCert root certificates from Windows machines worldwide and flagged them as Trojan:Win32/Cerdigent.A!dha. Those certificates tell …
Hashcat v7.1.2 has three unpatched vulnerabilities, all rated 9.8 out of 10. The tool that security professionals use to crack passwords can be used to crack …
For 64 days, attackers had root access to cPanel servers managing over 70 million websites, and nobody had to know a single password to get in. A crafted HTTP …
Since 2017, every major Linux distribution has been shipping a flaw that hands root access to any local user. The exploit is a 732-byte Python script that uses …
GitHub RCE CVE. A semicolon broke GitHub. One character in a push option field, and a security researcher was running code on the backend servers that store …
Last week at Black Hat Asia in Singapore, a Kaspersky researcher publicly demonstrated PhantomRPC: five separate ways to take any standard Windows service …
For 21 years, a cyberweapon called fast16 sat completely undetected. This one did not destroy machines or blow things up. It corrupted the math. Scientists …
Bing had a CVSS 10.0 vulnerability in its backend infrastructure, the same infrastructure that powers Edge, Windows Search, and Copilot integrations across …
Bitwarden’s CLI was backdoored and pushed to npm on April 22, 2026. It was live for 93 minutes. Every developer who installed it during that window has to …
A group of attackers has been quietly poisoning Python packages for five weeks straight. They have exfiltrated data from over 500,000 infected machines, hit …
The security fix Microsoft shipped in 2010 to stop attackers from decrypting ASP.NET traffic and forging authentication cookies just got quietly broken by a …
The Windows Snipping Tool can hand your Windows password hash to an attacker through a single click on a crafted link, and what the victim sees is the familiar …
Two unpatched Windows Defender zero-days have been actively exploited since April 16th, and both of them work on fully patched Windows 10, Windows 11, and …
iTerm2, the terminal emulator that ends up on almost every Mac developer’s machine, is vulnerable to a remote code execution attack that occurs when …
Microsoft 365 mailbox rules are being weaponized as a core technique behind $2.77 billion in annual Business Email Compromise losses, and attackers are creating …
A critical vulnerability in nginx-ui has been actively exploited since March 2026, and it gives any attacker on the network full control over the nginx server …
PHP Composer Has Two Flaws That Run Arbitrary Commands on Developer Machines PHP Composer, the package manager that almost every PHP developer uses to build …
MSBuild.exe is a LOLBin, a legitimate Windows tool being abused to run malware on fully patched machines without dropping a single file on disk, and Windows …
Docker’s Security Layer Has Been Broken Since 2016, And The Fix Doesn’t Finish the Job. One padded HTTP request. That is all it takes to silently …
A Remote Access Trojan called DesckVB has been actively hitting systems throughout 2026, running almost entirely inside memory with barely anything written to …
Windows Defender, the built-in antivirus running on every Windows machine, has a zero-day exploit with full source code sitting on GitHub. No patch, no CVE, and …
Fiber optic cables running through your walls can be turned into hidden microphones that record every word spoken in the room. This is not a theory anymore. …
NVIDIA GPUs with GDDR6 memory can be used to take full control of a system, including a root shell, bypassing hardware defenses that were supposed to stop …
Axios, the JavaScript library with over 100 million weekly downloads, was compromised on March 31st. For roughly three hours, every fresh install of those two …