#whatsapp-dng-exploit
#whatsapp-dng-exploit

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.

DevOps

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.

Apple issues warning to iPhone users over stealthy attack: Act NOW

Apple has released critical iOS updates to protect against the DarkSword cyberattack method targeting vulnerable devices.

Cryptocurrency

fromnews.bitcoin.com

11 hours ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

#whatsapp

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

fromwww.businessinsider.com

WhatsApp's former security chief is 'not done fighting' after his lawsuit got dismissed

A lawsuit by WhatsApp's former chief of security was dismissed for lack of evidence, but plans to refile are underway.

Italian surveillance firm SIO built fake WhatsApp app with government spyware, Meta says - Silicon Canals

WhatsApp notified 200 users in Italy about a fake app containing spyware linked to surveillance firm SIO.

fromTNW | Apple

WhatsApp notifies 200 users who installed fake app built by Italian spyware maker SIO

WhatsApp alerted 200 users in Italy about a counterfeit app that was actually government spyware developed by SIO.

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp alerted 200 users about a fake iOS app infected with spyware, primarily targeting users in Italy.

fromwww.businessinsider.com

WhatsApp's former security chief is 'not done fighting' after his lawsuit got dismissed

A lawsuit by WhatsApp's former chief of security was dismissed for lack of evidence, but plans to refile are underway.

Italian surveillance firm SIO built fake WhatsApp app with government spyware, Meta says - Silicon Canals

WhatsApp notified 200 users in Italy about a fake app containing spyware linked to surveillance firm SIO.

fromTNW | Apple

WhatsApp notifies 200 users who installed fake app built by Italian spyware maker SIO

WhatsApp alerted 200 users in Italy about a counterfeit app that was actually government spyware developed by SIO.

Don't open that WhatsApp message, Microsoft warns

WhatsApp messages are being exploited to deliver malicious files that allow attackers to control victims' machines and access their data.

Ireland is testing out a digital wallet that conducts age verification for social media users

Ireland is trialing a Government Digital Wallet to verify user age for social media access, aiming for user-friendly design before its 2026 EU deadline.

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

T-Mobile Sets the Record Straight on Latest Data Breach Filing

T-Mobile confirmed a data breach was caused by an insider incident affecting only one account with limited information exposed.

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

Privacy technologies

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

T-Mobile Sets the Record Straight on Latest Data Breach Filing

T-Mobile confirmed a data breach was caused by an insider incident affecting only one account with limited information exposed.

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

PREMIUM Is Your Phone Spying on You? Nah. It Doesn't Have To.

Apps collect extensive data about users, allowing them to predict needs without eavesdropping.

US politics

fromwww.npr.org

As DOJ prepares to share state voter data with DHS, a key privacy officer resigns

The DOJ is acquiring sensitive voter registration data, raising privacy concerns, as a key privacy officer resigns amid ongoing legal challenges.

Roam Research

New Rowhammer attacks give complete control of machines running Nvidia GPUs

Rowhammer attacks on Nvidia GPUs can compromise CPU memory, allowing full control of host machines.

Wearables

fromMakeUseOf

fromHarvard Business Review

Your phone's Bluetooth is broadcasting more than you think - here's how to limit it

Bluetooth remains active and broadcasts data even when not connected, potentially allowing for tracking without user consent.

Artificial intelligence

5 days ago

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.

12 hours ago

EU data protection

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

10 hours ago

Information security

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

fromBusiness Matters

5 IT Mistakes That Still Catch Small Businesses Off Guard

Cybersecurity is a critical concern for SMEs, yet many underestimate the risks and only seek help after incidents occur.

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.

EU data protection

12 hours ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.

10 hours ago

After fighting malware for decades, this cybersecurity veteran is now hacking drones | TechCrunch

Mikko Hyppönen emphasizes the invisible nature of cybersecurity work, comparing it to Tetris where successes vanish and failures accumulate.

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.

fromBusiness Matters

5 IT Mistakes That Still Catch Small Businesses Off Guard

Cybersecurity is a critical concern for SMEs, yet many underestimate the risks and only seek help after incidents occur.

more#cybersecurity

fromNextgov.com

Suspected Chinese breach of FBI system exposed surveillance targets' phone numbers

A breach linked to China exposed phone numbers of FBI surveillance targets, raising concerns about counterintelligence risks.

Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to 'DarkSword' Exploit

Apple is issuing a rare security patch for iOS 18 to combat the DarkSword hacking tool, breaking from its usual upgrade policy.

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.

Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks | TechCrunch

Apple released security updates for older iPhones and iPads to protect against the DarkSword hacking toolkit that steals user data.

fromZDNET

Still running iOS 18? Install this critical update ASAP

Apple has released a security patch for iPhones running iOS 18 to protect against the DarkSword exploit.

Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to 'DarkSword' Exploit

Apple is issuing a rare security patch for iOS 18 to combat the DarkSword hacking tool, breaking from its usual upgrade policy.

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.

Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks | TechCrunch

Apple released security updates for older iPhones and iPads to protect against the DarkSword hacking toolkit that steals user data.

fromZDNET

Still running iOS 18? Install this critical update ASAP

Apple has released a security patch for iPhones running iOS 18 to protect against the DarkSword exploit.

Drift Protocol Hack 2026: What Happened, Who Lost Money, and What's Next

A Solana-based perpetual futures exchange lost $286 million in 12 minutes due to a sophisticated attack involving fake collateral and social engineering.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

Cryptocurrency

fromnews.bitcoin.com

Drift Protocol Hack 2026: What Happened, Who Lost Money, and What's Next

A Solana-based perpetual futures exchange lost $286 million in 12 minutes due to a sophisticated attack involving fake collateral and social engineering.

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK

Drift decentralized exchange lost $285 million due to a sophisticated attack involving unauthorized access and social engineering.

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

Dangerzone is a free tool that safely opens potentially harmful documents by converting them into secure image-based PDFs.

DevOps

fromInfoQ

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.

fromBleepingComputer

56 minutes ago

Axios npm hack used fake Teams error fix to hijack maintainer account

A social engineering attack linked to North Korean hackers compromised Axios maintainers, leading to a supply chain attack with malicious npm package versions.

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.

Privacy technologies

fromZDNET

5 telltale signs that your phone has been compromised (and how to combat them)

Phone hacking can be detected through signs like battery drain, slow performance, unfamiliar logins, and reduced storage space.

fromWIRED

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The public Quizlet set contained information about alleged codes for specific facility entrances. 'Checkpoint doors code?' asked one card, with a specific four-digit combination listed in response.

Privacy professionals

Privacy technologies

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won't Patch

A researcher discovered a fourth method to bypass WhatsApp's View Once feature using a modified client, which Meta will not patch because it falls outside their security model.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

FBI Warns of Data Security Risks From China-Made Mobile Apps

Foreign-developed mobile applications pose significant data security risks, particularly those from China, according to an FBI alert.

fromJezebel

Your iPhone Has Probably Never Been More Vulnerable to Spyware and Hacking

Apple iOS devices face increased cybersecurity threats from malware like Darksword and Coruna that exploit vulnerabilities to steal data and cryptocurrency from millions of users.

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Information security

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Information security

Fake Claude Code source downloads actually delivered malware

Information security

Sophisticated CrystalX RAT Emerges

Information security

New DeepLoad Malware Dropped in ClickFix Attacks

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.

more#malware

fromnews.bitcoin.com

15 hours ago

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Guy Zyskind emphasized that the whitepaper reframes the conversation around quantum threats, stating that the traditional 10-year migration window now seems dangerously optimistic given Google's findings.

Information security

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical vulnerabilities in ShareFile could allow unauthenticated remote code execution through improper access to configuration pages.

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

fromNextgov.com

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

North Korea-aligned hackers compromised the Axios JavaScript library, risking many developers' systems through a sophisticated supply chain attack.

fromFortune

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.

fromNextgov.com

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

North Korea-aligned hackers compromised the Axios JavaScript library, risking many developers' systems through a sophisticated supply chain attack.

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Information security

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google's Chrome 146 update addresses 21 vulnerabilities, including a zero-day exploit tracked as CVE-2026-5281.

more#chrome

fromComputerworld

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors exploit HTTP cookies for PHP web shells on Linux servers, enabling remote code execution with stealthy control mechanisms.

fromComputerworld

Jamf warns of massive app insecurities

Mac and iOS users face significant security threats, with many devices vulnerable to attacks and outdated systems.

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code's source has exposed a vulnerability that compromises its security.

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.

Claude Code's source reveals extent of system access

Claude Code has significant control over devices, raising concerns about data retention and potential misuse in sensitive environments.

Claude Code is still vulnerable to an attack Anthropic has already fixed

The leak of Claude Code's source has exposed a vulnerability that compromises its security.

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.

Claude Code's source reveals extent of system access

Claude Code has significant control over devices, raising concerns about data retention and potential misuse in sensitive environments.

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation exploits the React2Shell vulnerability to steal sensitive data from compromised hosts across multiple regions.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

"Use-after-free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."

Information security

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.

Mercor Hit by LiteLLM Supply Chain Attack

Mercor was impacted by a supply chain attack involving LiteLLM, resulting in the theft of 4 terabytes of data.

fromInfoQ

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.

Mercor Hit by LiteLLM Supply Chain Attack

Mercor was impacted by a supply chain attack involving LiteLLM, resulting in the theft of 4 terabytes of data.

fromInfoQ

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.

more#supply-chain-attack

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

CrewAI Vulnerabilities Expose Devices to Hacking

Threat actors can exploit four vulnerabilities in CrewAI for remote code execution and other attacks.

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

A high-severity vulnerability in TrueConf software has been exploited, allowing attackers to execute arbitrary code via tampered updates.

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

New 'DarkSword' Leak Puts Millions of iPhones at Risk After Initial Attack

The leaked DarkSword exploit kit poses a significant threat to outdated iPhones, making attacks easier for less experienced hackers.

fromComputerworld

Chrome encryption bypass discovered: New malware steals passwords and cookies

The bypass requires neither privilege escalation nor code injection, making it a stealthier approach compared to alternative ABE bypass methods.

Information security

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.

fromWIRED

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A sophisticated iPhone hacking technique called DarkSword enables attackers to silently compromise iOS devices through infected websites, affecting hundreds of millions of users running older iOS versions.

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

fromWIRED

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword, a new iOS exploit kit targeting iPhones running iOS 18.4-18.7, has been deployed by multiple threat actors since November 2025 to steal credentials and cryptocurrency wallet data.

Snoops plant info-stealing malware on iPhones, Google warns

DarkSword exploit kit targets iOS 18.4-18.7, exploiting six vulnerabilities to deploy backdoors stealing messages, location data, cryptocurrency wallets, and account credentials from iPhone users.

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword, a new iOS exploit kit targeting iPhones running iOS 18.4-18.7, has been deployed by multiple threat actors since November 2025 to steal credentials and cryptocurrency wallet data.

Snoops plant info-stealing malware on iPhones, Google warns

DarkSword exploit kit targets iOS 18.4-18.7, exploiting six vulnerabilities to deploy backdoors stealing messages, location data, cryptocurrency wallets, and account credentials from iPhone users.

more#ios-security

fromComputerWeekly.com

1 month ago

Zero-day in Android phone chips under active attack | Computer Weekly

A zero-day memory corruption vulnerability in Qualcomm chipsets affecting over 200 Android devices is actively exploited in the wild, requiring immediate security updates.