March 28, 2023 at 07:14AM

■■■□□ United States: White House says 50 US officials are targeted with spyware as it rolls out a new ban of hacking tools. https://amp.cnn.com/cnn/2023/03/27/politics/us-government-bans-spyware/index.html https://t.me/cKure/12264

March 27, 2023 at 11:34PM

● An Android app from China executed a zero-day exploit on millions of devices. Fast-growing e-commerce app Pinduoduo had an EvilParcel stow-away. https://github-com.translate.goog/davinci1010/pinduoduo_backdoor https://mp-weixin-qq-com.translate.goog/s/P_EYQxOEupqdU0BJMRqWsw Google flags apps made by popular Chinese e-commerce giant as malware https://arstechnica.com/information-technology/2023/03/android-app-from-china-executed-0-day-exploit-on-millions-of-devices/ https://t.me/cKure/12260

March 27, 2023 at 09:58PM

■■■■□ Hackers earn $1,035,000 for 27 zero-days exploited at Pwn2Own Vancouver. https://www.bleepingcomputer.com/news/security/hackers-earn-1-035-000-for-27-zero-days-exploited-at-pwn2own-vancouver/ https://t.me/cKure/12259

March 26, 2023 at 09:38PM

Technical summary of breaking into Breach-Forums by FBI. Apparently, Conor was using his personal internet connection to operate the darknet platform and apparently did not use TOR/VPN once in 2022 due to connection failure or forgetfulness. This IP led FBI to him. It also seems that the FBI had access to the logs of the…

March 26, 2023 at 06:22PM

■■■■■ Quarkslab participated in Pwn2own Toronto 2022 in the router category. This blog post series describes how we selected our targets, performed our vulnerability research, and goes over our findings on the Netgear RAX30 router. The first blog post focuses on our vulnerability research on the RAX30 WAN interface, while the second part will detail…

March 26, 2023 at 02:10AM

■□□□□ A bug in AI chatbot ChatGPT has allowed some users to see the titles of other users’ conversations, sparking privacy concerns. OpenAI CEO Sam Altman acknowledged the issue, saying the company feels “awful” about it. He assured customers that the “significant” error has now been fixed. https://t.me/cKure/12253