The Next Web

A new Android trojan called Rokarolla targets 217 banking apps and can steal your PIN, SMS codes, and crypto wallet funds

Zimperium's zLabs found Rokarolla, an Android banking trojan with 137 commands that steals PINs, intercepts SMS, hijacks crypto payments, and kills Play Protect.

New Google Chrome 149 Update Patches Exploited Zero-Day

Following the largest-ever Google Chrome security fix, a new update is now available, and one vulnerability stands out: a ...

Google patches new Chrome zero-day flaw exploited in the wild

Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the ...
GitHub

JavaScript captcha solver (Node.js): Bypass reCAPTCHA, Cloudflare, GeeTest and more

Use the JavaScript captcha solver to automatically bypass any captcha - including reCAPTCHA v2, Invisible, v3, Enterprise, Cloudflare Turnstile, GeeTest sliders, Amazon WAF, FunCaptcha, and both image ...
The Hacker News

⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More

Your weekly cybersecurity recap: a GitHub supply chain worm, an exploited Android flaw, Instagram account takeovers, and a ...
The Hacker News

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious ...
GitHub

mParticle Web SDK

Hello! This is the public repo of the mParticle Web SDK. We've built the mParticle platform to take a new approach to web and mobile app data and the platform has grown to support 300+ integrations ...
theregister

Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

A new infostealer variant targets macOS users by spoofing Apple, Microsoft, and Google and then then gets to work searching for victims’ password managers so it can steal all of their credentials and ...