-
·
Hackers abuse the .arpa Top-Level Domain to host phishing scams, using IPv6 tunnels, reverse DNS tricks, and shadow domains to bypass security checks.¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
San Francisco, CA, United States, 3rd March 2026, CyberNewswire
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Mar. 3, 2026Ralph Echemendia is a world-renowned cybersecurity expert, known internationally by his alter ego “The Ethical Hacker.”
In 2015, WIRED called Ralph Echemendia “Hollywood’s go-to digital bodyguard, a reformed hacker from the dark side who now helps filmmakers, celebrities, and moguls keep their valuable data secure.”
His jaw dropping “Hacking Hollywood” appearance has been presented at Creative Artists Agency, the Digital Entertainment World Expo, as well as the Anti-Piracy and Content Protection Summit.
Echemendia has worked with award-winning Director Oliver Stone as a technical supervisor on films such as “Savages” and “Snowden” as well as other projects such as the film “Nerve” and award-winning TV series Mr. Robot.
Scott Schober, author of the popular book “Hacked Again,” and host on the Cybercrime Magazine Podcast, recently interviewed Echemendia, covering his days as a teenage hacker and his thoughts on today’s threats posed by AI.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post Hollywood’s Ethical Hacker On The Cybercrime Magazine Podcast appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SloppyLemming, an India-linked espionage group also known as Outrider Tiger and Fishing Elephant, has run a year-long cyber campaign against high‑value targets in Pakistan and Bangladesh using a new BurrowShell backdoor and a Rust-based remote access tool (RAT). This activity builds directly on earlier operations exposed by Cloudflare’s CloudForce One in 2024. However, it shows […]
The post SloppyLemming Espionage Campaign Targets Pakistan, Bangladesh with BurrowShell Backdoor and Rust RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Europol’s Project Compass targets The Com (aka 764 network), an online group exploiting minors. After 30 arrests, officials say the hunt for those involved is far from over.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new phishing framework called Starkiller is raising the bar for “phishing-as-a-service” by serving victims the real login pages of major brands through attacker infrastructure, making pages look authentic and stay up to date. By acting as a live reverse proxy, it can capture credentials and, more importantly, steal session cookies/tokens after the victim completes multi-factor authentication (MFA), enabling […]
The post New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new wave of malvertising activity linked to the threat group “D‑Shortiez” has been observed exploiting a WebKit browser flaw to hijack the back button on Safari and other iOS browsers. This technique revives a classic forced‑redirect approach that traps users on fraudulent landing pages, showing how persistent ad‑based threat actors continue to evolve their […]
The post Malvertising Actor ‘D-Shortiez’ Exploits WebKit Back-Button Hijack in Forced-Redirect Campaign appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Keygraph has released Shannon, a fully autonomous AI-powered penetration testing tool designed to identify and actively exploit real vulnerabilities in web applications before malicious actors can. Unlike traditional scanners that generate alerts, Shannon delivers proven, reproducible exploits, closing the dangerous security gap that exists between annual pentests and continuous code deployments. How Shannon Works Shannon emulates […]
The post Shannon: Autonomous AI Tool with Nmap Integration Can Uncover and Exploit Security Flaws appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An active Zerobot campaign abusing two critical vulnerabilities CVE-2025-7544 in Tenda AC1206 routers and CVE-2025-68613 in the n8n workflow automation platform to deploy a Mirai-based payload dubbed Zerobotv9. The campaign uses common download tools and multi-architecture binaries to rapidly enroll compromised systems into a botnet that can be leveraged for denial-of-service attack and further intrusion […]
The post Zerobot Malware Exploits Tenda Command Injection Vulnerabilities to Deploy Malicious Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hewlett Packard Enterprise (HPE) has disclosed a remote authentication-bypass vulnerability in HPE AutoPass License Server (APLS) that could let unauthenticated attackers bypass login controls over the network. The issue is tracked as CVE-2026-23600 and is fixed in APLS 9.19 and later. Item Details Vendor bulletin HPESBGN05003 rev.1 (Security Bulletin), initial release 27 Feb 2026; last […]
The post HPE AutoPass Vulnerability Allows Remote Attackers to Bypass Authentication appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
