Search results for Google Maps security vulnerability | Breaking Cybersecurity News | The Hacker News

Welcome to this week's Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. ⚡ Threat of the Week Russian Threat Actors Leverage Device Code Phishing to Hack Microsoft Accounts — Microsoft and Volexity have revealed that threat actors with ties to Russia are leveraging a technique known as device code phishing to gain unauthorized access to victim accounts, and use that access to get hold of sensitive data and enable persistent access to the victim environment. At least three different Russia-linked clusters have been identified abusing the technique to date. The attacks entail sending phishing emails that masquerade as Microsoft Teams meeting invitations, which, when clicked, urge the message recipients to authenticate using a threat actor-generated dev...

Google on Wednesday announced the  0.1 Beta version  of  GUAC  (short for Graph for Understanding Artifact Composition) for organizations to secure their software supply chains. To that end, the search giant is  making available  the open source framework as an API for developers to integrate their own tools and policy engines. GUAC  aims to aggregate software security metadata from different sources into a graph database that maps out relationships between software, helping organizations determine how one piece of software affects another. "Graph for Understanding Artifact Composition ( GUAC ) gives you organized and actionable insights into your software supply chain security position," Google  says  in its documentation. "GUAC ingests software security metadata, like SBOMs, and maps out the relationship between software so that you can fully understand your software security position." In other words, it's designed to bring togethe...

Android devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users' knowledge pixel-by-pixel. The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University of Washington, University of California (San Diego), and Carnegie Mellon University. Pixnapping, at its core, is a pixel-stealing framework aimed at Android devices in a manner that bypasses browser mitigations and even siphons data from non-browser apps like Google Authenticator by taking advantage of Android APIs and a hardware side-channel, allowing a malicious app to weaponize the technique to capture 2FA codes in under 30 seconds. "Our key observation is that Android APIs enable an attacker to create an analog to [Paul] Stone-style attacks outside of the browser," the researchers...

A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn't the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined the chaos, running ad fraud at scale behind innocent-looking icons. Meanwhile, ransomware gangs are getting smarter—using stolen drivers to shut down defenses—and threat groups are quietly shifting from activism to profit. Even browser extensions are changing hands, turning trusted tools into silent threats. AI is adding fuel to the fire—used by both attackers and defenders—while critical bugs, cloud loopholes, and privacy shakeups are keeping teams on edge. Let's dive into the threats making noise behind the scenes. ⚡ Threat of the Week Coinbase the Initial Target of GitHub Action Supply Chain Breach — The supply chain compromise...

It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn't just patching fast, but watching smarter and staying alert for what you don't expect. Here's a quick look at this week's top threats, new tactics, and security stories shaping the landscape. ⚡ Threat of the Week F5 Exposed to Nation-State Breach — F5 disclosed that unidentified threat actors broke into its systems and stole files containing some of BIG-IP's source code and information related to undisclosed vulnerabilities in the product. The company said it learned of the incident on August 9, 2025, although it's believed that the attackers were in its network for at least 12 months. The attackers are said to have used a malware family called BRICKSTORM, which is attributed to a China-nexus espionage group dubbed UNC5221. GreyNoise said it observed elevat...

This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It's not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it's a business. And in some cases, they're using the same apps and services that businesses rely on — flipping the script without anyone noticing at first. The scary part? Some threats weren't even bugs — just clever use of features we all take for granted. And by the time people figured it out, the damage was done. Let's look at what really happened, why it matters, and what we should all be thinking about now. ⚡ Threat of the Week Silently Patched Fortinet Flaw Comes Under Attack — A vulnerability that was patched by Fortinet in FortiWeb Web Application Firewall (WAF) has been exploited in the wild since early October 2025 by threat actors to c...

This Post reviews the newly released ANTI3 version. We've received a platinum account of ANTI3, before its official release, and this is our review: Recently White-Hat Hacker, Itzhak "Zuk" Avraham , the founder of zImperium unveiled its new app in Blackhat / Defcon19, introducing a new concept where both home users and local IT can have the same tools to, at the push of a button, check for their security faults. The new zImperium product, named Android Network Toolkit (or in short - ANTI), allows professional penetration testers, ethical hackers, IT and home users to scan for security issues in their network. In a few simple clicks ANTI covers the most advanced attack vectors in order to check for vulnerabilities, even those that up until now could only be performed by top-notch penetration testers. This means that while you might think that you're safe because you have a firewall on, with ANTI you can check and prove it (or add it to your penetration testing repor...

Qualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-43047 (CVSS score: 7.8), has been described as a user-after-free bug in the Digital Signal Processor (DSP) Service that could lead to "memory corruption while maintaining memory maps of HLOS memory." Qualcomm credited Google Project Zero researcher Seth Jenkins and Conghui Wang for reporting the flaw, and Amnesty International Security Lab for confirming in-the-wild activity. "There are indications from Google Threat Analysis Group that CVE-2024-43047 may be under limited, targeted exploitation," the chipmaker said in an advisory. "Patches for the issue affecting FASTRPC driver have been made available to OEMs together with a strong recommendation to deploy the update on affected devices as soon as possible." ...

Book Review : Defense against the Black Arts How Hackers Do What They Do and How to Protect against It Ben Rothke  write a review of a   new book on hacking " Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It ". Authors are Jesse Varsalone, Matthew Mcfadden, Michael Schearer and Sean Morrissey. " If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book. Even if one uses the definition in The New Hackers Dictionary of 'a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area', that really does not describe this book. The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, but rather aether to describe. With that, the book does a good job of providing the reader with the information ne...

The Military Units that rely on very small aperture terminals (VSATs) for satellite communications in remote areas are vulnerable to cyber attack . Researchers from cyber intelligence company IntelCrawler recently identified nearly 3 million VSATs, many of them in the United States, and found that about 10,000 of them could be easily accessed because of configuration weaknesses. " We have scanned the whole IPv4 address space since 2010 and update the results in our Big Data intelligence database, including details about the satellite operator's network ranges, such as INMARSAT, Asia Broadcast Satellite, VSAT internet iDirect, Satellite HUB Pool, and can see some vulnerabilities, " Researchers have warned that terminals having data transmission rate 4kbps to 16 Mbps used in narrow and broadband data transmission are vulnerable to cyber attack. VSATs are most commonly used to transmit narrowband data such as credit card, polling or RFID data or broadband data for VoIP or ...

Samsung which is currently believed to the highest Smartphones Seller in the World is now providing a Remote tracking solution in all its smartphones to Track the lost phone with the name " Samsung Dive ". The Service is based on the Architecture which primarily acquires precise location of the smart phone using it GPS and other subsidiary location acquisition techniques. The Service is basically meant to be used by the users to track their phone in case of theft or lost phone. Security Researcher Jiten Jain discovered that this GPS based location tracking service provided by manufacturer (Samsung) is also vulnerable to Theft and Malwares. To use this inbuilt tracking Service, User has to simply create an account with Samsung (www.samsungdive.com). Users than have to enable remote services to track device and wipe data remotely. The permission can be disabled or modified only by the Samsung account holder after logging in and cannot be disabled by anyone else...

A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy , according to a new report published by Amnesty International. "NoviSpy allows for capturing sensitive personal data from a target's phone after infection and provides the ability to turn on the phone's microphone or camera remotely," the company said in an 87-page technical report. An analysis of forensic evidence points to the spyware installation occurring when the phone belonging to independent journalist Slaviša Milanov was in the hands of the Serbian police during his detention in early 2024. Some of the other targets included youth activist Nikola Ristić, environmental activist Ivan Milosavljević Buki, and an unnamed activist from Krokodil, a Belgrade-based organization promoting dialogue and reconciliation in the Western Balkans. The development marks one of the first known instances where two dispara...

In today's world, data plays a crucial role in the success of any organization, but if left unprotected, it could be a cybercriminal's dream come true. Poorly protected MongoDB, CouchDB, and Elasticsearch databases recently got a lot more attention from cybersecurity firms and media lately. More than half of the known cases of massive data breaches over the past year originated from unsecured database servers that were accessible to anyone without any password. Since the database of an organization contains its most valuable and easily exploitable data, cybercriminals have also started paying closer attention to find other insecure entry points. Though the problems with unprotected databases are no news and are widely discussed on the Internet, I want cybersecurity community and industry experts to pay some attention to thousands of unsafe Kibana instances that are exposed on the Internet, posing a huge risk to many companies. Kibana is an open-source analytics and visualiz...