Kali Linux

Researchers at the Citizen Lab and Princeton evaluated the network security of Android apps & found that a large portion of popular Chinese apps use broken proprietary network protocols instead of TLS. Read the paper here https://www.computer.org/csdl/proceedings-article/sp/2025/223600d916/26hiVQjbZqE @kalilinux

PSA: Older Tor Browsers (13.5.11) Breaking, Update Now! The expiration, happening on March 14 2025, of a root certificate used by Mozilla for add-ons verification on Firefox 115.12 and below, can suddenly disable extensions, including the built-in NoScript, and cause functionality such as the Security Slider to break on Tor Browser versions older than 13.5.11 legacy. We hope the vast majority of Tor Browser users are already up-to-date with the latest available version for their OS, currently 14.0.7 stable or 13.5.13 legacy, which also provide the newest security fixes. The few who are not yet, should update immediately from the Tor Browser download page in order to prevent the aforementioned functionality breakage and other security risks. https://telegra.ph/Older-Tor-Browsers-Breaking-Update-Now-03-13

https://blog.mozilla.org/en/mozilla/internet-policy/proposed-remedies-browsers @kalilinux

https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/ @kalilinux

EvilLoader - Yesterday was published PoC for unpatched vulnerability affecting Telegram for Android. It works as the previous similar vulnerability, EvilVideo; in which a file with an ".htm" extension is disguised as a video and sent via the Telegram API, and while the user expects a video, the JavaScript code inside the HTML is actually executed. https://www.mobile-hacker.com/2025/03/05/evilloader-unpatched-telegram-for-android-vulnerability-disclosed/ @kalilinux

More than three million Google Chrome users have been issued a warning about 16 browser extensions that have been compromised by hackers. Cybersecurity experts urged users to delete them now after finding criminals injected malicious codes into the software. This allows hackers to steal user data and commit 'search engine fraud' - the scam of driving clicks to hacker-controlled websites for ad revenue. The list includes Blipshot, Emojis, Color Changer for YouTube, Video Effects for YouTube and Audio Enhancer, Themes for Chrome and YouTube Picture in Picture and Mike Adblock für Chrome, Super Dark Mode and Emoji Keyboard Emojis for Chrome. Source @kalilinux

https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/ @kalilinux

Privacy is a battle-ground and there needs to be people willing to fight in order to win the fight. It's a constant fight until you win. We don't have to find the fully military-grade secured search engine of all time, just try a slightly more secure one. Let them know that you value your privacy, but don't let perfect be the enemy of the good. Beware the all-or-nothing mindset. https://www.privacyguides.org/articles/2025/02/17/privacy-is-not-dead/ @kalilinux

https://www.ifixit.com/News/108371/right-to-repair-laws-have-now-been-introduced-in-all-50-us-states @kalilinux

Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists. Source @kalilinux

Once fully integrated, USDt will operate seamlessly on Bitcoin’s base layer and its layer 2 Lightning Network. This will enable high-speed, low-cost transactions while combining Bitcoin’s robust security and scalability. With USDt— the world’s largest stablecoin, serving over 350 million users—developers and users will enjoy Bitcoin’s unparalleled reliability alongside the efficiency and versatility of Lightning-enabled payments. Source @kalilinux

The Tor Project X account has been compromised. @kalilinux

ChatGPT crawler can be triggered to DDoS a victim website via HTTP request to unrelated ChatGPT API. This defect in OpenAI software will spawn a DDoS attack on unsuspecting victim website, utilizing multiple Microsoft Azure IP address ranges on which ChatGPT crawler is running. @kalilinux Source

In case you're looking for a reliable, certified, and straightforward course on Ai agents Enroll Here @kalilinux

if you visit a website or use an app, that app probably knows your #IP address. But a bug in Cloudflare (and just by the nature of how services like #Cloudflare work) could allow an attacker to get the broad location of #Discord, #Signal , or #Twitter/X users by sending them an image. In some cases this doesn't require any interaction by the target. It shows the importance of thinking not just about your message security, but your network #security too. TL;DR :

To do the attack, the attacker would send the target an image through the messaging apps. He would then use Burp suite to grab the URL of the uploaded image. Then, he would use a tool he made called "Cloudflare Teleport" to send a request to every Cloudflare data center to see which data center cached the request. These queries would return the results “HIT” or “MISS”. With a hit, he now knows which data center the target was likely closest too, revealing their potential location. @kalilinux Source

garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. If you know nmap or msf / Metasploit Framework, garak does somewhat similar things to them, but for LLMs source01 source02 @kalilinux

A fully-remote (0-click) bug on the Samsung S24 The write-up warns. “If Google Messages is configured for RCS (the default configuration on this device), as the transcription service decodes incoming audio before a user interacts with the message for transcription purposes” the device can be attacked. but if you have installed December’s security release, then your device is secure against this threat. Source @Kalilinux