Aggregator

A Threat Actor Claims to be Selling 1,150 Credit Cards From Multiple Countries

ShodanX ShodanX ⚡ is a versatile information gathering tool that harnesses the power of Shodan’s extensive database. it offers multiple modes and flexible queries to extract valuable insights for security assessments, reconnaissance, and threat...

The post ShodanX: A tool to gather information of targets using shodan dorks appeared first on Penetration Testing Tools.

AuthLogParser AuthLogParser is a powerful Digital Forensics and Incident Response tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log. This tool serves as an invaluable asset for Incident Responders, streamlining the...

The post AuthLogParser: analyzing Linux authentication logs appeared first on Penetration Testing Tools.

SecuSphere Welcome to SecuSphere, your one-stop solution for all DevSecOps needs. Our centralized platform is expertly designed to manage and optimize your vulnerability management, CI/CD pipeline integration, security assessments, and DevSecOps practices. SecuSphere is...

The post SecuSphere: comprehensive DevSecOps platform appeared first on Penetration Testing Tools.

Poland, Israel, Nvidia and Oracle Question Need for Restrictions
A decision by the Biden administration to limit international access to American-made advanced artificial intelligence chips is facing backlash from countries whose purchasing power the rule affects. New export controls seeks to choke the supply of advanced chips to China.

Also: Bringing AML and Fraud Programs Together; the Global AI Arms Race
In this week's update, ISMG editors discussed a U.K. proposal to mandate ransomware payment reporting, tackling financial crime by bringing together fraud and AML teams, and the global AI arms race as countries compete to lead innovation while balancing regulation and ethics.

Department of Treasury Imposes Sanctions
The U.S. federal government said Friday it's traced the source of Chinese hacker intrusions into telecom networks to a government contractor located in hacking hotbed Sichuan. The Department of Treasury imposed sanctions on the firm, Sichuan Juxinhe Network Technology.

Experts Say Biden's Cyber, Tech and AI Legacy Faces Uncertain Future Under Trump
President Biden’s tenure has been marked by significant efforts to tackle cybersecurity challenges, from the SolarWinds attack to Salt Typhoon, but experts say his legacy remains uncertain as the new administration faces tough decisions on upholding his initiatives.

Poland, Israel, Nvidia and Oracle Question Need for Restrictions
A decision by the Biden administration to limit international access to American-made advanced artificial intelligence chips is facing backlash from countries whose purchasing power the rule affects. New export controls seeks to choke the supply of advanced chips to China.

Enzo Biochem Previously Paid Three States $4.5M in Fines for Same Breach
Biotech firm Enzo Biochem has agreed to pay $7.5 million to settle a consolidated proposed class action lawsuit involving a 2023 ransomware attack affecting 2.5 million people. The company has already paid $4.5 million in fines to three state attorneys general for the same incident.

Also: Bringing AML and Fraud Programs Together; the Global AI Arms Race
In this week's update, ISMG editors discussed a U.K. proposal to mandate ransomware payment reporting, tackling financial crime by bringing together fraud and AML teams, and the global AI arms race as countries compete to lead innovation while balancing regulation and ethics.

Department of Treasury Imposes Sanctions
The U.S. federal government said Friday it's traced the source of Chinese hacker intrusions into telecom networks to a government contractor located in hacking hotbed Sichuan. The Department of Treasury imposed sanctions on the firm, Sichuan Juxinhe Network Technology.

Experts Say Biden's Cyber, Tech and AI Legacy Faces Uncertain Future Under Trump
President Biden’s tenure has been marked by significant efforts to tackle cybersecurity challenges, from the SolarWinds attack to Salt Typhoon, but experts say his legacy remains uncertain as the new administration faces tough decisions on upholding his initiatives.

noyb files complaints against TikTok, AliExpress, and other Chinese companies for illegal EU user data transfers to China, violating data protection laws. Austrian privacy non-profit group None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully […]

Genshin Impact developer Cognosphere (aka Hoyoverse) has agreed to a $20 million settlement with the U.S. Federal Trade Commission (FTC) over its gacha loot box monetization and is now banned from selling them to teens under the age of sixteen without parental consent. [...]

The Supreme Court has affirmed TikTok's ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns.

A vulnerability was found in OtCMS up to 7.46. It has been rated as critical. This issue affects some unknown processing of the file /admin/read.php. The manipulation leads to server-side request forgery. The identification of this vulnerability is CVE-2024-57252. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Jupyter nbgrader 0.9.4. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to exposure of resource. This vulnerability was named CVE-2025-23205. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in devycreates Bible-Module up to 0.0.2. It has been classified as critical. This affects the function FetchVerse/FetchPassage. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2025-23202. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.