Threat-Intelligence on HackingPassion.com : root@HackingPassion.com-[~]

Google Catches the First AI Built Zero-Day and Stops a Mass Attack Before It Starts

Sun, 17 May 2026 13:18:03 +0200

Google caught a criminal group that used AI to find a zero-day in a popular web admin tool and had a working exploit ready for a mass attack against thousands of systems. Google has never named the tool. The attack never launched. What gave them away was a CVSS severity score inside the code for a vulnerability that has never been officially rated. The AI made up a number that does not exist.

DesckVB RAT Uses Windows' Own Tools to Stay Hidden and Leaves Almost Nothing Behind

Sat, 11 Apr 2026 12:52:30 +0200

A Remote Access Trojan called DesckVB has been actively hitting systems throughout 2026, running almost entirely inside memory with barely anything written to disk, hiding its final payload inside a process it names Microsoft.exe, and attempting to switch off the camera LED before streaming video back to the attacker. A cracked version of the builder is already circulating freely, meaning attackers with minimal skills can deploy this today without writing a single line of code. Forensics teams sweep these machines afterward and find very little. The system looks completely clean. 😏

Hackers Are Hijacking NGINX Servers Without Installing Malware

Thu, 05 Feb 2026 13:58:06 +0100

Hackers are hijacking NGINX web servers and rerouting live traffic through their own infrastructure. No malware installed, no vulnerability exploited. Just a few lines changed in a configuration file, and every visitor’s data flows through attacker-controlled servers without anyone noticing. 🧐

NGINX is the most popular web server on the planet. It powers over 5 million websites and handles roughly one in three web connections worldwide. Banks, governments, and universities all depend on it. And right now, a campaign is silently turning these servers into traffic relays.