Mert SARICA

Istanbul Senin Data Breach | Hack 4 Career Introduction When the calendar showed May 26, 2025, a post appeared on DarkForums — a platform frequented by cybercriminals — from a threat actor using the alias kovalidis. In the message, the actor, ...

Was the İstanbul Senin app, linked to Istanbul Municipality, really hacked — or was it something else?

In my latest blog post, I investigate the alleged leak of 4.7M users’ data from a citizen’s perspective. 👇

🔗 www.hack4career.com/istanbul-sen...

ClickFix & FileFix: How a Copy-Paste Trick Became 2025’s Top Social Engineering Threat - SOCRadar® Cyber Intelligence Inc. ClickFix attacks are redefining what social engineering looks like in 2025. What began as a niche trick buried in shady corners of the web has...

ClickFix & FileFix: How a Copy-Paste Trick Became 2025’s Top Social Engineering Threat

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against…

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

Hacktivist-Driven DDoS Dominates Attacks on Public Sector ENISA report reveals DDoS accounted for 60% of public sector security incidents last year

Hacktivist-Driven DDoS Dominates Attacks on Public Sector

How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia | TechCrunch Peter Williams sold eight exploits to a Russian zero-day broker by smuggling them from his employer’s highly secured air-gapped network. A court document, plus exclusive reporting by TechCrunch and…

How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia

Choosing the VPN That's Right for You VPN stands for “Virtual Private Network.” When you connect to a VPN, all data that you send (such as the requests to servers when browsing the web) appears to originate from the VPN itself, rather…

Choosing the VPN That's Right for You

Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case Yuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US.

Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case

AI Code Security Checkpoints for Human Oversight To write secure code with LLMs developers must have the skills to use AI as a collaborative assistant rather than an autonomous tool, Madou argues.

AI Code Security Checkpoints for Human Oversight www.darkreading.com/application-...

Introducing Aardvark: OpenAI’s agentic security researcher Now in private beta: an AI agent that thinks like a security researcher and scales to meet the demands of modern software.

Aardvark: OpenAI’s agentic security researcher openai.com/index/introd...

70% of CISOs say internal conflicts more damaging than cyberattacks CISO-CEO tension and unclear authority under duress are imperiling incident response. CISOs must establish not only clear response plans but also leadership alliances centered on business value,…

70% of CISOs say internal conflicts more damaging than cyberattacks www.csoonline.com/article/4079...

Millions Impacted by Conduent Data Breach The hackers stole names, addresses, dates of birth, Social Security numbers, and health and insurance information.

Millions Impacted by Conduent Data Breach

Is your perimeter having an identity crisis? Your biggest security risk might now sound exactly like your boss. AI clones identities so well that only zero-trust thinking can keep you safe.

Is your perimeter having an identity crisis? www.csoonline.com/article/4080...

Chrome to Turn HTTPS on by Default for Public Sites Starting October 2026, the browser will ask users if they want to access public websites that do not use secure connections.

Chrome to Turn HTTPS on by Default for Public Sites www.securityweek.com/chrome-to-tu...

Bugün bir duruşu, bir karakteri ve bir milletin yeniden doğuşunu kutluyoruz. Cumhuriyetimizin ışığı sonsuza dek yolumuzu aydınlatsın.

🇹🇷 29 Ekim Cumhuriyet Bayramımız kutlu olsun! 🇹🇷

Iran’s MOIS-linked Ravin Academy hit by data breach : Ravin Academy confirms the intrusion on Telegram, says student data was stolen

Iran’s MOIS-linked Ravin Academy hit by data breach www.theregister.com/2025/10/27/b...

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware Kaspersky reveals Chrome zero-day CVE-2025-2783 exploited to deploy Memento Labs’ LeetAgent spyware.

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware thehackernews.com/2025/10/chro...

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands Researchers uncover a CSRF flaw in ChatGPT Atlas letting attackers inject persistent malicious code.

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands thehackernews.com/2025/10/new-...

TCS Refutes Losing M&S Contract After Cyber-Attack The IT outsourcing giant said its service desk contract with Marks & Spencer was terminated long before the hack

TCS Refutes Losing M&S Contract After Cyber-Attack www.infosecurity-magazine.com/news/tcs-ref...

X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10 Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10 hackread.com/x-retire-twi...

Ex-CISA chief says AI could mean the end of cybersecurity : Jen Easterly says most breaches stem from bad software, and smarter tech could finally clean it up

Ex-CISA chief says AI could mean the end of cybersecurity www.theregister.com/2025/10/27/j...

Mem3nt0 mori – The Hacking Team is back! Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

The Hacking Team is back! securelist.com/forumtroll-a...

Researchers expose large-scale YouTube malware distribution network - Help Net Security Researchers help set back a large-scale malware distribution operation on YouTube they dubbed the "YouTube Ghost Network." 

Researchers expose large-scale YouTube malware distribution network www.helpnetsecurity.com/2025/10/23/y...

OpenAI defends Atlas as prompt injection attacks surface : 'Trust no AI' says one researcher

OpenAI defends Atlas as prompt injection attacks surface www.theregister.com/2025/10/22/o...

Exclusive: Apple alerts exploit developer that his iPhone was targeted with government spyware A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and was fired. Weeks later, Apple notified him that his personal iPhone was targeted…

Apple alerts exploit developer that his iPhone was targeted with government spyware  techcrunch.com/2025/10/21/a...

Supply Chain Attack Targets VS Code Extensions With ‘GlassWorm’ Malware The malware uses invisible Unicode characters to hide its code and blockchain-based infrastructure to prevent takedowns.

Supply Chain Attack Targets VS Code Extensions With 'GlassWorm' Malware www.securityweek.com/supply-chain...

Today is when Amazon brain drain finally caught up with AWS column: When your best engineers log off for good, don’t be surprised when the cloud forgets how DNS works

Today is when Amazon brain drain finally caught up with AWS www.theregister.com/2025/10/20/a...

NSO permanently barred from targeting WhatsApp users with Pegasus spyware Ruling holds that defeating end-to-end encryption in WhatsApp harms Meta’s business.

NSO permanently barred from targeting WhatsApp users with Pegasus spyware arstechnica.com/security/202...

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign Researchers uncover 131 Chrome extensions automating WhatsApp spam, impacting 20,905 users in Brazil.

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign thehackernews.com/2025/10/131-...

TikTok videos continue to push infostealers in ClickFix attacks Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware.

TikTok videos continue to push infostealers in ClickFix attacks www.bleepingcomputer.com/news/securit...

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts Google reports North Korean hackers using EtherHiding to embed adaptive malware in blockchain smart contracts.

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts thehackernews.com/2025/10/nort...