New Android banking trojan Datzbro targets seniors via fake Facebook groups, enabling device takeover and financial fraud.
Category: cybercrime/malcode – Page 60
CISA warns of critical Linux Sudo flaw exploited in attacks
Hackers are actively exploiting a critical vulnerability (CVE-2025–32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, describing it as “an inclusion of functionality from untrusted control sphere.”
CISA has given federal agencies until October 20 to apply the official mitigations or discontinue the use of sudo.
New MatrixPDF toolkit turns PDFs into phishing and malware lures
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads.
The new tool was spotted by Varonis researchers, who told BleepingComputer that MatrixPDF was first spotted on a cybercrime forum. The seller also uses Telegram as an additional means of interacting with buyers.
The developer of MatrixPDF promotes the tool as a phishing simulation and blackteaming tool. However, Varonis researcher Daniel Kelley told BleepingComputer that it was first seen being offered on cybercrime forums.
The Dark Side of AI Hacking — Could Online Images Hijack Your Computer?
Explore how malicious images and pixel manipulation can hack AI agents, hijack systems, and bypass security. Learn risks, real-world cases, and protection strategies. AI hacking, malicious images, pixel manipulation attack, AI security, Trojan images, adversarial AI attacks, AI vulnerabilities, AI cybersecurity, image-based hacking, hijacking AI agents
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2025–32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1. It was disclosed by Stratascale researcher Rich Mirch back in July 2025.
“Sudo contains an inclusion of functionality from an untrusted control sphere vulnerability,” CISA said. “This vulnerability could allow a local attacker to leverage sudo’s-R (—chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.”
GitHub notifications abused to impersonate Y Combinator for crypto theft
A massive phishing campaign targeted GitHub users with cryptocurrency drainers, delivered via fake invitations to the Y Combinator (YC) W2026 program.
Y Combinator is a startup accelerator that funds and mentors projects in their early stages, and connects founders with a network of alumni and venture capital firms.
The attacker abused GitHub’s notification system to deliver the fraudulent messages, by creating issues across multiple repositories and tagging targeted users.