Member
Rating
Created At
🔰 Discover top-notch protection against malware, phishing, and spyware with our practical tips and clear guides. Stay secure and confident online with the latest news and expert resources to keep you ahead of digital threats.
No related blogs yet
NetExec (nxc) is a modern post-exploitation tool, successor to CrackMapExec, designed for automating credential collection in Windows and Active Directory setups. It's essential for Red Team operations, penetration testing, or simulating real attackers, enabling privilege escalation, attack surface expansion, and persistence through harvested credentials.
NetExec streamlines credential gathering with efficient modules for dumping hashes, tickets, and secrets from AD. It supports multi-threaded scans, RID brute-forcing, and integration with tools like BloodHound for graph analysis. Ethical use is critical—deploy only in authorized environments to avoid legal issues.
This tool excels in identifying weak points in AD, such as misconfigured accounts or exposed DCs. Use it to map permissions, extract SAM dumps, or perform Kerberoasting, providing insights for hardening defenses.
Install with:
pip install netexec
nxc smb target -u user -p pass --local-auth
OpenAI dropped Atlas, their new web browser with ChatGPT baked right in, back on October 15, 2025. It's pitched as this "super assistant" for devs, letting you offload coding tasks straight from your browser. Premium folks get an advanced agent that can handle complex stuff autonomously, like digging through code or navigating screens remotely. Sounds handy, right? But honestly, as someone who's seen AI tools go wrong too many times, I'd hold off—it's got some glaring issues that could spell trouble, especially if you're dealing with crypto wallets.
The main headache is prompt injection, where sneaky commands hidden in webpages can hijack the AI to spill sensitive info. For crypto users, this is a nightmare—imagine the agent getting tricked into revealing wallet keys or transaction details. Experts from Brave and others have called it out as a "Trojan horse," with demos showing how malicious prompts slip past safeguards. OpenAI claims limits like no code execution or file downloads, but critics say the core risks linger, turning Atlas into a data exposure machine.
Beyond injections, Atlas is fragile—slow, prone to breaking on site updates, and burning through resources, which could lead to crashes exposing data. There's architectural debt from mimicking human behavior unnecessarily, making it vulnerable to model poisoning or hallucinations that inject flaws into your code. Privacy-wise, constant server pings mean your browsing habits could be profiled, and without full audits, who knows what backdoors lurk? Enterprises are warned off by analysts, citing prompt hijacking as a dealbreaker—add in potential for ransomware vectors or espionage, and it's a no-go for secure environments.
If you're in crypto, Atlas is especially dicey: AI handling sensitive ops could amplify phishing or lead to fund thefts via manipulated prompts. With 2025 seeing a 30% spike in AI exploits, this browser feels like bait. I wouldn't install it—stick to vetted tools until these kinks are ironed out.
#OpenAI #Atlas #ChatGPT #AI #Crypto #Vulnerability #Cybersecurity
@PrivacyNotACrime
Beelzebub is an advanced honeypot framework designed to create a secure environment for detecting and analyzing cyberattacks. It emphasizes low-code configuration (YAML), multi-protocol support (SSH, HTTP, TCP, MCP), and LLM/AI integration for realistic simulation, making it a sophisticated tool for cybersecurity research and defense.
Beelzebub offers robust features for effective deployment:
This framework excels in simulating realistic environments to trap attackers, with AI making interactions convincing. Use the repository's examples in /configurations/services/ to customize honeypots for specific scenarios.
Through Docker Compose:
git clone https://github.com/mariocandela/beelzebub.git
cd beelzebub
docker-compose build docker-compose up -d
go mod download
go build
./beelzebub --confCore ./configurations/beelzebub.yaml --confServices ./configurations/services/
helm install beelzebub ./beelzebub-chart
# update
helm upgrade beelzebub ./beelzebub-chart
Special services have gained permission to arrest people based on metadata, turning everyday communications into surveillance tools. The U.S. Immigration and Customs Enforcement (ICE) uses WhatsApp as a monitoring instrument, analyzing metadata to track and "sort" migrants, enabling arrests without content access.
ICE's HSI division leverages tools like PenLink to extract contacts and metadata from WhatsApp accounts, identifying individuals linked to crimes like fake ID dealing. This allows for efficient targeting in immigration enforcement, with over 1,700 fraud cases in Austria and similar in other regions, causing millions in losses.
This approach raises privacy concerns, as metadata reveals patterns like locations and networks, facilitating mass surveillance. It's part of a trend where agencies amp up social media monitoring, potentially extending to political dissidents.
Risks include wrongful targeting and data misuse. To protect, use encrypted apps like Signal, SimpleX or Matrix, enable 2FA, avoid sharing sensitive info, and report suspicious activity.
Migrate to privacy-focused messengers and review app permissions. Stay vigilant against phishing.
#HSI #ICE #Penlink #WhatsApp #Metadata #Migrants #Surveillance #USA
@PrivacyNotACrime
Codiga is a platform for automated code analysis that helps developers spot vulnerabilities, errors, and style violations in real time during coding. It integrates seamlessly with popular IDEs like VS Code, JetBrains, and Visual Studio, as well as CI/CD systems such as GitHub, GitLab, and Bitbucket, making it a versatile tool for secure development workflows.
Codiga supports 15+ languages (e.g., JavaScript, Python, Java) with over 1800 rules for thorough scanning. Key strengths include instant checks with fix suggestions, custom rule creation via Codiga Hub, automated code reviews in pull requests, and compliance with security standards like OWASP Top 10 and CWE.
Use Codiga to catch issues early in development cycles, reducing security risks. For example, set up in VS Code for live feedback or GitHub for PR automation.
Visit the official site:
https://www.codiga.io/
Sign up for free to test on public repos, or upgrade for private projects.
#Codiga #CodeAnalysis #Vulnerability #Security #Tools
@PrivacyNotACrime
www.codiga.io
Codiga: Analyze and Fix your Code!Customizable Real-Time Static Code Analysis engine. Works anywhere you write code.
Anthropic has launched the web version of Claude Code, its rapidly growing AI coding assistant, on October 20, 2025. This update allows users to delegate coding tasks directly from the browser, with a reported tenfold growth in usage and $500 million in funding fueling its self-improving capabilities—where the AI essentially "wrote itself" under human oversight.
The web interface, now in beta, features parallel task execution and advanced sandboxing for safer code runs. New bash tools reduce permission prompts, enabling autonomous coding while minimizing risks. Claude Code integrates seamlessly with platforms like VS Code, boosting productivity for developers.
While empowering, this evolution raises privacy concerns: AI agents handling code could inadvertently expose sensitive data if not sandboxed properly. Anthropic's focus on security audits helps, but users should verify outputs to avoid vulnerabilities.
With funding from investors like Jack Dorsey, Claude Code's growth signals AI's role in automating programming, potentially disrupting traditional tools. However, ethical use is key to prevent misuse in cyber threats.
https://claude.ai/
#Anthropic #Claude #ClaudeCode #AI #Programming #Development #Cybersecurity
@PrivacyNotACrime
claude.aiTalk with Claude, an AI assistant from Anthropic
Web-check is an open-source tool for comprehensive website analysis, enabling users to gather detailed OSINT data on any web resource. It's perfect for security pros, researchers, and privacy advocates seeking to uncover hidden details about sites without invasive methods.
Web-check dives deep into site structures, revealing:
IP Info: Network details and hosting info.
SSL Certificate Chain: Validity and issuer data.
DNS Records and TXT Entries: Domain configurations.
Cookies and Crawl Rules: Potential tracking mechanisms.
HTTP Headers and Server Status: Response insights.
Server Location and Associated Hosts: Geographic mapping.
Redirect Chain: Follows URL jumps.
Open Ports and Traceroute: Network probing.
Carbon Footprint: Environmental impact estimation.
Whois Info and DNS Security: Ownership and protection checks.
Site Features and Social Tags: Metadata extraction.
Email Config and Firewall: Setup vulnerabilities.
HTTP Security and TLS Certs: Encryption strength.
Site Archive History: Historical snapshots.
Malware and Phishing Detection: Threat scans.
Screenshots and More: Visual and additional intel.
This all-in-one scanner streamlines reconnaissance with fast, accurate results.
Deploy Web-check for OSINT tasks like mapping a site's infrastructure, identifying weak encryption, or spotting phishing risks. It supports free API integration for automated workflows and is easy to self-host on your server for privacy.
Run locally with docker run -p 3000:3000 webcheck/web-check or deploy via npm.
#OSINT #WebAnalysis #Cybersecurity #Tools #Linux
@PrivacyNotACrime
In pentesting, making traffic undetectable and hard to analyze is crucial for evading firewalls and IPS. Modern methods blend attacks into legitimate flows, using encryption and randomization to mimic normal activity.
Obfs4 hides Tor usage by making traffic look random, complicating filtering:
tor --RunObfs4Proxy
stunnel myconfig.conf
tor -f /etc/tor/torrc
sudo apt install stunnel4
sudo nano /etc/stunnel/stunnel.conf
sudo systemctl restart stunnel4
proxychains4 nmap target
Google Project Zero experts have discovered a vulnerability in the Dolby DDPlus decoder used on Android devices. Attackers can execute malicious code through a specially crafted audio file without user interaction, posing a severe risk to privacy and security.
The issue stems from an error in memory size calculation during sound processing. The system allocates too little memory, allowing malicious data to overflow and corrupt critical structures, enabling arbitrary code execution. This buffer overflow can be triggered remotely via messengers.
Android automatically processes incoming audio messages for transcription, even if unopened. Researchers successfully attacked a Pixel 9 via a messenger, and vulnerable code was found on Samsung, iPhone, and MacBook devices, expanding the threat beyond Android.
This zero-click exploit allows silent data theft or device compromise, affecting billions. With no user action needed, it's ideal for targeted espionage or mass surveillance. Update immediately to mitigate, as patches are rolling out.
Disable auto-download of audios in messengers like Telegram (Settings > Data and Storage > Automatic media download) or WhatsApp (Settings > Storage and Data > Media auto-download). Install latest OS updates (Android October 2025 patch fixes it). Use antivirus apps that scan media files, like Kaspersky, and avoid suspicious messages.
#Android #Vulnerability #Dolby #Security
@PrivacyNotACrime
Logs are a key source for incident investigation and security monitoring. In Linux, tools like grep, sed, and awk help quickly find and process the data you need. Here's how to use them effectively.
Find lines with "error" in the system log:
grep "error" /var/log/syslog
grep -i "error" /var/log/syslog
grep -n "error" /var/log/syslog
grep "Accepted password" /var/log/auth.log | awk '{print $11}'grep "Accepted password" /var/log/auth.log | awk '{print $11}' | sort | uniq -c | sort -nrsed -E -i 's/([0-9]{1,3}\.){3}[0-9]{1,3}/REDACTED/g' /var/log/auth.loggrep "error" /var/log/syslog | awk '{print $1, $2, $3, $5, $6, $7}'grep "Accepted password" /var/log/auth.log | awk '{print $11}' | sort | uniq -c | sort -nr
#Cybersecurity #TechNews #Privacy #Hacking #AI
@PrivacyNotACrime
🆕 EXCLUSIVE: New setback for Cybersecurity: SimpleX is a honeypot😈 Unmasking the hidden agenda of SimpleX After an extensive investigation by the Privacy Not A Crime 🗽 team, SimpleX, promoted as a privacy-focused messenger, raises suspicions of being a…
The point weak of SimpleX lies in its servers, potentially manipulated by shadowy forces to undermine privacy. The SimpleX protocol stands out for its security, as confirmed by a 2024 cryptographic design review from Trail of Bits, which identified only three medium and one low-severity issues (mostly in edge cases). It employs quantum-resistant double-ratchet encryption and avoids user IDs, making it resistant to metadata leaks in core messaging. This rigor, per sources like Privacy Guides and SimpleX's docs, positions it as a strong base for privacy-focused communication.
Default servers, while functional, are unreliable due to potential centralization risks and possible covert monitoring—though no breaches are confirmed. As a decentralized app, SimpleX relies on these for initial connections, but they could expose metadata if controlled by hidden entities. The weak point is their shared nature, per community discussions, which might harbor vulnerabilities in high-stakes scenarios.
To bypass defaults, self-host your SMP server for full control. Requirements include a VPS with Ubuntu, a domain with A/AAAA records, and open ports (80, 443, 5223/tcp).
Select systemd setup, configure firewall, and initialize with:su smp -c 'smp-server init --yes --store-log --no-password --control-port --socks-proxy --source-code --fqdn=yourdomain.com'
For Tor integration, install Tor and edit configs for onion addresses.
Costs: a few euros/month on VPS. In the app, add your server address (smp://fingerprint@host) under Settings > Network & Servers.
Alternatively, use trusted user-run servers from directories like asriyan.me, an unofficial site for discovering community SMP/XFTP servers. It works by allowing anonymous additions; browse listings, verify via community feedback (e.g., Reddit r/SimpleXChat), and add to your app. This decentralizes trust, reducing reliance on defaults.
Self-hosting or community servers minimize risks by giving you control over data relays. Test configurations and monitor for anomalies.
#SimpleX #Privacy #Cybersecurity #SelfHosting
@PrivacyNotACrime
On October 10, 2025, Europol, in collaboration with Latvian authorities, Estonia, Finland, Austria, and Eurojust, executed Operation SIMCARTEL, dismantling a sophisticated cybercrime-as-a-service network that rented anonymous phone numbers for fraud. The operation resulted in seven arrests (five Latvian nationals, including the alleged organizer, and two additional suspects), the seizure of five servers, 1,200 SIM box devices, and 40,000 active SIM cards. This infrastructure, operating through seized websites gogetsms.com and apisim.com, enabled over 3,200 fraud cases worldwide, causing losses exceeding €5 million (€4.5 million in Austria alone, plus €420,000 in Latvia).
SIM boxes are devices that bypass telecom operators by routing calls and SMS through VoIP, allowing criminals to spoof numbers from 80+ countries for anonymity. The Latvian-based group provided this service to scammers for phishing, investment fraud, impersonation, extortion, migrant smuggling, and even distribution of child sexual abuse material. They created 49 million fake online accounts on platforms like social media and messaging apps, obscuring identities and locations. The network's polished websites and global logistics for SIM procurement made it scalable and hard to trace, with advanced technical setups for high-volume operations.
Investigators linked the ring to 1,700 fraud cases in Austria and 1,500 in Latvia, highlighting its role in enabling telecom crimes that would be impossible without number masking. The raids spanned 26 searches in Latvia, seizing luxury vehicles, freezing €431,000 in bank accounts and €266,000 in cryptocurrency, and displaying seizure banners on the sites. Europol provided analytical support, OSINT mapping, and forensic aid, while Eurojust handled legal coordination. The operation, supported by the Shadowserver Foundation and CERT.LV, marks a significant blow to cybercrime-as-a-service, but experts warn similar networks persist.
This bust underscores the growing threat of SIM farms, which fuel scams like "daughter-son" WhatsApp extortion and fake broker investments. With fraud losses in the billions annually, it highlights the need for better telecom regulations and international cooperation. Users should beware of unsolicited calls/SMS and verify numbers.
#Europol #SIMBox #CyberFraud #Privacy #Cybersecurity
@PrivacyNotACrime
Community threads further warn that the app's metadata protection claims fall short, potentially exposing IP addresses to server operators and failing to shield users from advanced attackers running multiple servers. Such vulnerabilities could amplify risks for high-profile users, turning a supposed safe haven into a trap.
Question unverified services and demand transparency. Your data is your power—don't hand it over unknowingly. Consider migrating to Matrix, a decentralized messaging platform with public audits and a proven focus on security, ideal for those seeking a reliable environment. Use two-factor authentication (2FA) and regularly review your privacy settings to minimize risks. Despite SimpleX's own security audits by firms like Trail of Bits, ongoing debates in privacy communities question their comprehensiveness, urging users to verify independently before trusting any platform.
Follow us and support us to continue investigating and defending everyone's right to privacy!
#SimpleX #Honeypot #Privacy #Cybersecurity #Surveillance
@PrivacyNotACrime
GitHub
The Matrix.org FoundationA new basis for open, interoperable, decentralised real-time communication - The Matrix.org Foundation
After an extensive investigation by the Privacy Not A Crime 🗽 team, SimpleX, promoted as a privacy-focused messenger, raises suspicions of being a honeypot. A honeypot is a computer security system designed as a virtual decoy to attract and trap cybercriminals, diverting them from real targets and allowing the study of their methods. Although it boasts decentralized servers and no user IDs, rumors in security circles point to a more sinister purpose: trapping users in a network of false security where data is silently collected. Online forums echo these concerns, with users speculating that the app's rapid rise could be engineered to lure privacy-conscious individuals into a monitored environment. Some even describe it as feeling like "a giant honeypot or an accident waiting to happen," highlighting doubts about its true intentions amid its growing popularity.
Hosted on Hetzner, a provider frequently used by law enforcement for monitoring, SimpleX's infrastructure could facilitate backdoor access for intelligence agencies. Its distributed design could hide centralized logs, and its sudden popularity in 2025 suggests promotion by hidden hands. Key evidence: SimpleX servers use passive DNS, identified as suspicious or malicious by security platforms like Cisco Umbrella or AlienVault due to unusual traffic patterns. Passive DNS is a data collection method that records domain name resolutions passively, without active queries, capturing historical information on how domains resolve to IPs. In cybersecurity, it serves to detect malicious activities like domain hijacking or botnets, but it also allows tracking connections, IPs, and visited domains without direct intervention, which could be used to monitor metadata such as connection times, approximate locations, and frequent contacts, contradicting SimpleX's privacy promises. The absence of independent audits and opaque funding fuel suspicions of governmental ties, potentially enabling data collection or key compromises under the guise of privacy. Further indications include community discussions questioning the app's traffic routing and server dependencies, with some noting reliance on single providers like Linode (owned by Akamai), which could centralize control and enable easier surveillance despite decentralization claims. Reports of unresolved trust issues in GitHub discussions add to the skepticism, where users express inability to fully trust the platform's privacy assertions due to potential third-party access to encrypted data.
Speculations about hidden funding point to anonymous cryptocurrency donations or covert backing from agencies, enabling surveillance while presenting itself as a privacy tool. There is no concrete proof, but similarities with platforms monitored by security forces raise serious doubts. Adding to this, SimpleX has publicly disclosed investments from figures like Jack Dorsey and venture firms such as Asymmetric Capital Partners and Village Global, totaling around $1.3 million. While these sources are transparent on the surface, critics scrutinize the VC involvement, questioning whether such funding could mask ulterior motives, especially given the app's emphasis on privacy yet acceptance of traditional investment models that might demand data insights or compliance.
If it is a honeypot, SimpleX endangers activists and ordinary users by creating a false sense of security, leading to sharing sensitive information without caution. The risks include data interception, building detailed profiles from metadata—such as connection times, approximate locations, and frequent contacts—that can be exploited for mass surveillance and silent tracking. This could erode trust in privacy tools globally.
GitHub
The Matrix.org FoundationA new basis for open, interoperable, decentralised real-time communication - The Matrix.org Foundation
The darknet fuels a booming market for stolen passports, credit cards, and personal data, traded for mere dollars. Leaks from phishing, malware, vulnerabilities, remote access, and breaches feed this global threat, sold for $10-100 and passports up to $3,800.
Freeze credit, avoid suspicious links, use 2FA, and secure documents. Monitor and report leaks.
Follow us to stay informed about the latest threats and protect yourself.
#Darknet #IdentityTheft #Privacy #Cybersecurity
@PrivacyNotACrime
Apidector is an efficient tool for quickly scanning domains and subdomains for exposed Swagger points. It supports multithreading and flexible input/output configuration, making it ideal for API security testing. This scanner helps uncover vulnerabilities and risks tied to leaked API documentation, bolstering corporate app protection.
Apidector excels in rapid reconnaissance:
Perfect for pentesting and bug bounty hunters, it simulates real-world exposure risks without invasive probes.
Use Apidector to map API surfaces early in assessments, revealing undocumented features or misconfigurations. Pair it with tools like Burp Suite for deeper exploits. Its lightweight design fits into automated pipelines for ongoing monitoring.
Install and run with python apidector.py -d domain.com.
Follow us to stay informed about the latest threats and protect yourself.
#OSINT #Pentest #BugBounty #API #Cybersecurity
@PrivacyNotACrime
BlackWidow is a Python-based web application scanner designed to gather OSINT data and uncover potential OWASP vulnerabilities on target sites. It automatically parses subdomains, URLs, dynamic parameters, and extracts email addresses and phone numbers, offering a comprehensive view of a site’s footprint.
This tool shines with its integrated capabilities:
All data is saved to user-friendly text files, simplifying analysis and follow-up security testing. It’s ideal for rapid reconnaissance ahead of penetration testing.
BlackWidow empowers researchers to build a detailed site infrastructure profile, identifying weak points like exposed parameters or outdated endpoints. Pair it with manual validation for optimal results, making it a vital asset for security audits.
Install via pip install blackwidow, then run with blackwidow -u target.com to begin scanning.
#OSINT #Security #BlackWidow #Tools #Scanner
@PrivacyNotACrime
NExfil is a powerful OSINT tool designed to search for online profiles using a username. Written in Python, it scans over 350 websites in seconds, delivering fast results with minimal false positives. Ideal for security researchers, investigators, and privacy enthusiasts, it streamlines internet reconnaissance with efficiency and precision.
NExfil stands out with its robust functionality:
Perfect for uncovering profiles across popular platforms, it’s a go-to for digital footprint mapping and threat intelligence.
This tool excels in open-source intelligence gathering, helping identify social media presence, potential impersonations, or leaked accounts. Pair it with manual verification to enhance accuracy. Its speed makes it a valuable asset for quick reconnaissance missions.
Install with pip install nexfil, then run with nexfil -u username or upload a list.
Follow us to stay informed about the latest threats and protect yourself.
#OSINT #Reconnaissance #Analysis #Investigation #Cybersecurity
@PrivacyNotACrime
GitHub
GitHub - thewhiteh4t/nexfil: OSINT tool for finding profiles by usernameOSINT tool for finding profiles by username. Contribute to thewhiteh4t/nexfil development by creating an account on GitHub.
On October 14, 2025, Microsoft rolled out its Patch Tuesday update, tackling a staggering 173 vulnerabilities across Windows, Office, and other products. Among them are three zero-days actively exploited in the wild, plus 13 additional high-risk issues, making this one of the largest security releases of the year. With critical flaws in core components like drivers and remote access, immediate patching is essential to prevent privilege escalation and code execution attacks.
A headline change is the removal of the vulnerable ltmdm64.sys driver (Agere Systems modem driver), which shipped natively with supported Windows versions. This legacy component was exploited via CVE-2025-24990 (CVSS 7.8), a zero-day elevation-of-privilege (EoP) flaw allowing local attackers to gain SYSTEM-level access—even without using the modem. Microsoft opted for outright deletion rather than patching, as the driver is obsolete; affected hardware (e.g., old fax modems) will cease functioning post-update.
A related issue, CVE-2025-24052 (CVSS 7.8), is another EoP in the same driver, with a proof-of-concept (PoC) exploit publicly available, enabling attackers to bypass restrictions and run arbitrary code with elevated rights.
The update also patches CVE-2025-59230 (CVSS 7.8), an exploited EoP in the Windows Remote Access Connection Manager (RasMan) service, allowing unauthenticated local attackers to gain SYSTEM privileges through improper permission handling. This is the 22nd RasMan flaw since January 2022, with active targeting in the wild.
Additional standouts include:
Microsoft classifies exploitation as "Less Likely" for most, but the zero-days underscore urgency—patch immediately to block ongoing attacks.
This patch highlights persistent risks in legacy drivers and remote services, with 9 critical CVEs overall. The ltmdm64.sys removal is controversial: while it eliminates the threat, it breaks compatibility for rare hardware, forcing admins to migrate or isolate systems. For enterprises, prioritize Windows Server Update Services (WSUS) as CVE-2025-59287 (CVSS 9.8) allows remote code execution in WSUS, rated "Exploitation More Likely."
As of October 2025, this update reinforces the need for proactive patching—delays could expose systems to ransomware or espionage.
#Microsoft #Vulnerabilities #Windows #Cybersecurity
@PrivacyNotACrime
