News | Black Hat Ethical Hacking

New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale

Dec 15, 2025 | News

New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale Post Views: 7 Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes A Growing Ecosystem of Modular Phishing Kits BlackForce,...

Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers

Dec 9, 2025 | News

Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers Post Views: 20 Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes Two malicious Visual Studio Code extensions uploaded to...

React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution

Dec 4, 2025 | News

React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution Post Views: 95 Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes A critical, maximum-severity vulnerability...

Researchers Infiltrate Lazarus Group’s “Famous Chollima” Job-Fraud Network Using Fake Developer Laptops

Dec 3, 2025 | News

Researchers Infiltrate Lazarus Group’s “Famous Chollima” Job-Fraud Network Using Fake Developer Laptops Post Views: 26 Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes Overview A joint investigation by BCA LTD,...

Matrix Push C2 Emerges as Browser-Based C2 Platform Using Fake Notifications for Cross-Platform Attacks

Nov 25, 2025 | News

Matrix Push C2 Emerges as Browser-Based C2 Platform Using Fake Notifications for Cross-Platform Attacks Post Views: 7 Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes Overview Cybercriminals have begun exploiting...

Sneaky2FA Phishing Kit Adds Browser-in-the-Browser (BitB) to Steal Microsoft 365 Sessions

Nov 20, 2025 | News

Sneaky2FA Phishing Kit Adds Browser-in-the-Browser (BitB) to Steal Microsoft 365 Sessions Post Views: 2 Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos. Reading Time: 3 Minutes Overview The Sneaky2FA phishing-as-a-service (PhaaS) platform...

New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale

Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers

React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution

Researchers Infiltrate Lazarus Group’s “Famous Chollima” Job-Fraud Network Using Fake Developer Laptops

Matrix Push C2 Emerges as Browser-Based C2 Platform Using Fake Notifications for Cross-Platform Attacks

Sneaky2FA Phishing Kit Adds Browser-in-the-Browser (BitB) to Steal Microsoft 365 Sessions

Recent News

Critical GitHub Vulnerability Allowed Remote Code Execution via Single “git push”

Critical nginx-ui Flaw Under Active Exploitation Enables Full Server Takeover

React2Shell Exploited in Mass Credential Harvesting Campaign Targeting 700+ Hosts

EvilTokens Phishing Service Fuels Large-Scale Microsoft 365 Account Takeover Campaign

Attackers Impersonate IT Support on Microsoft Teams to Deploy A0Backdoor Malware

State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware

Fortinet Fixes Actively Exploited FortiOS SSO Auth Bypass

CISA Flags Actively Exploited VMware vCenter RCE in KEV Catalog

Reprompt Attack Lets Attackers Exfiltrate Data From Microsoft Copilot With a Single Click

Node.js Fixes Critical DoS Flaw That Could Crash “Virtually Every Production App”