hacking Archives

Tech Optimizer

May 16, 2026

Chamber Perk: O’Brien Technologies Emphasizes Education and Protection

O’Brien Technologies has launched a program called “Educate and Protect” to improve cybersecurity for businesses by addressing the human factor in breaches. They highlight that many cyber threats arise from human errors, such as clicking phishing links or misunderstanding data storage protocols. The company points out that cloud services do not automatically protect files without robust backup systems and that small businesses are often more vulnerable due to a lack of comprehensive security measures. They stress the inadequacy of relying solely on outdated tools like firewalls and antivirus software and advocate for a multi-layered cybersecurity approach. O’Brien Technologies recommends regular employee training, staying informed about threats, and ongoing commitment to cybersecurity. They offer tailored guidance for businesses looking to enhance their cybersecurity. Interested parties can contact them at 661-432-1301 or visit obrienmsp.com.

Winsage

May 14, 2026

Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026

On the inaugural day of Pwn2Own Berlin 2026, a total of ,000 was awarded to security researchers for exploiting 24 unique zero-day vulnerabilities. Orange Tsai earned ,000 for chaining four logic bugs to achieve a sandbox escape on Microsoft Edge. Windows 11 was targeted by Angelboy, TwinkleStar03, Marcin Wiązowski, and Kentaro Kawane, each earning ,000 for demonstrating new privilege escalation zero-days. Valentina Palmiotti earned ,000 for rooting Red Hat Linux for Workstations and an additional ,000 for a zero-day in the NVIDIA Container Toolkit. Other notable exploits included k3vg3n earning ,000 for taking down LiteLLM, Satoki Tsuji and haehae earning ,000 for exploiting NVIDIA Megatron Bridge zero-days, Compass Security and maitai earning ,000 each for hacking OpenAI's Codex, haehae earning ,000 for a Chroma zero-day, and STARLabs SG earning ,000 for exploiting a LM Studio zero-day. The DEVCORE Research Team leads the competition with ,000 in earnings, followed by Valentina Palmiotti with ,000. The contest is held at the OffensiveCon conference from May 14 to May 16, with over ,000,000 in cash and prizes available. Participants must target fully patched products and demonstrate arbitrary code execution. Vendors have a 90-day window to release security fixes after zero-day flaws are disclosed. Last year, the TrendMicro Zero Day Initiative awarded ,078,750 for 29 zero-day vulnerabilities.

AppWizard

May 14, 2026

5 Android App Permissions You Should Never Allow

Users should be cautious when granting permissions to applications on Android devices, as extensive access can lead to security vulnerabilities. Apps with accessibility permissions can perform actions like hacking passwords and altering device settings without user consent. Overlay permissions allow apps to display content over others, which can be exploited by malicious apps to trick users into providing sensitive information. Installing apps from unknown sources poses risks to device security and privacy. Usage data access enables apps to monitor user activity, which can be sold to advertisers. Granting access to contacts and SMS can lead to privacy concerns, as this information can be exploited by malicious entities. Users are advised to regularly review and manage app permissions to mitigate potential threats.

BetaBeacon

May 6, 2026

North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware

North Korean hackers targeted ethnic Koreans in China with a malware disguised as a popular Android mobile game called BirdCall, allowing them to steal personal data from victims.

BetaBeacon

May 5, 2026

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft compromised a video game platform in a supply chain attack, trojanizing its components with a backdoor called BirdCall to target ethnic Koreans residing in China. The attack enabled the threat actors to target both Windows and Android devices, turning it into a multi-platform threat. The campaign targeted sqgame[.]net, a gaming platform used by ethnic Koreans in China, known as a transit point for North Korean defectors. BirdCall has features like screenshot capture, keystroke logging, and data gathering, and relies on legitimate cloud services for command-and-control. The Android variant collects various data and has seen active development.

AppWizard

May 5, 2026

North Koreans Spy on Defectors Via Android Game Apps

A North Korean hacking group has targeted a digital gaming platform popular among the Korean ethnic enclave in China, using a sophisticated strategy to infiltrate Android applications. Researchers from Eset discovered that an app on the platform contained a backdoor known as BirdCall, linked to North Korea. The official website for the gaming platform hosted the same suspicious APK file. A second Android file associated with another game on the same site was also found to contain the BirdCall backdoor. This supply-chain attack was attributed to the threat actor ScarCruft (APT37), active in Asia and extending into Europe and the Middle East since late 2024. The hackers likely compromised the web server to recompile original APKs with the backdoor, which can collect sensitive information such as contacts, SMS messages, call logs, documents, media files, and private keys, and can take screenshots and record audio. The malware disguises its command and control traffic among regular internet traffic, primarily using Zoho WorkDrive for operations.

Tech Optimizer

May 4, 2026

Wiz ZeroDay.Cloud Event Reveals 20-Year-Old PostgreSQL Vulnerabilities

Cybersecurity researchers at Wiz’s ZeroDay.Cloud event in London exploited two significant vulnerabilities in PostgreSQL, tracked as CVE-2026-2005 and CVE-2026-2006, which were disclosed on May 4, 2026. The vulnerabilities were found in the pgcrypto extension, affecting public-key decryption and symmetric decryption functions. CVE-2026-2005 allows privilege escalation via a buffer overflow during public-key decryption, while CVE-2026-2006 enables attackers to corrupt memory through inadequate checks in symmetric decryption. PostgreSQL has released patches for these vulnerabilities across versions 14.21 to 18.2, and MariaDB addressed a related issue in versions 11.4.10 and 11.8.6. Database administrators are advised to apply updates and audit logs for suspicious activity.

AppWizard

May 3, 2026

Who is YouTuber Marlow? Minecraft Crystal PvP star accused of hacking, catfishing, fake face reveal, and massive deception scandal

Marlow became a notable figure in Minecraft's Crystal PvP scene, known for her montage videos and distinctive blue and white-haired skin, attracting a large following. However, concerns arose about the authenticity of her content, leading to a scandal involving allegations of deception regarding her identity, with claims that she might be a man using the alias "Danger Mario." Accusations included cheating in ranked matches, staging PvP recreations, and using AI-generated voice tools to maintain her female persona. A report by Dexerto in May 2026 brought the controversy to wider attention, resulting in significant upheaval within MC Tiers, including staff resignations and credibility issues. Prominent players began distancing themselves from Marlow, raising questions about trust and integrity in the competitive Minecraft community.

AppWizard

May 2, 2026

Subnautica 2’s early access has chased a campervanning game about starting fires and hacking PCs into an earlier release

Square Glade Games has rescheduled the release of their game Outbound to May 11th, three days earlier than planned, to avoid competition with Subnautica 2, which launches on May 14th. The demo for Outbound will be taken offline on May 8th.

AppWizard

April 30, 2026

LofyStealer Targets Minecraft Players via Node.js Loader and Browser Injection

Minecraft players are being targeted by a deceptive hacking tool called “Slinky,” which is actually an infostealer known as LofyStealer linked to the Brazilian cybercrime group LofyGang. The malware uses a Node.js-based loader and a C++ payload to extract sensitive browser data, disguising itself as a Minecraft hack. It primarily targets younger players who may unknowingly execute it. The malware operates through a two-stage architecture, with a 53.5 MB loader binary that injects a smaller 1.4 MB payload into browser processes, bypassing detection methods. It collects sensitive information such as cookies, passwords, and credit card details, compressing and encoding the data for exfiltration. The command-and-control (C2) infrastructure is hosted in Brazil, and the malware's design reflects advanced compilation techniques. The campaign is attributed to LofyGang, which has evolved into a more professional entity, posing severe risks to players who download cheats and cracked tools. Indicators of compromise include a specific C2 IP address and associated endpoints.