DigeeX @digeex@noc.social

I am proud to announce I have released Raider, an open source web authentication testing framework.

It's already published on PyPi, so you can install it with `pip install raider`.

The source code can be found on Github: https://github.com/DigeeX/raider

Documentation: https://raider.readthedocs.io/en/latest/index.html

Call to action: Raising security awareness: https://www.digeex.de/blog/call-to-action/

Hacker downloads close to 300,000 personal ID photos | News | ERR: https://news.err.ee/1608291072/hacker-downloads-close-to-300-000-personal-id-photos

‘Somebody Has to Do the Dirty Work’: NSO Founders Defend Pegasus Spyware: https://thewire.in/tech/nso-group-founders-pegasus-spyware

The Life Cycle of a Breached Database – Krebs on Security: https://krebsonsecurity.com/2021/07/the-life-cycle-of-a-breached-database/

New destructive Meteor wiper malware used in Iranian railway attack: https://www.bleepingcomputer.com/news/security/new-destructive-meteor-wiper-malware-used-in-iranian-railway-attack/

Top Routinely Exploited Vulnerabilities | CISA: https://us-cert.cisa.gov/ncas/alerts/aa21-209a

The Insecurity Industry - by Edward Snowden - Continuing Ed — with Edward Snowden: https://edwardsnowden.substack.com/p/ns-oh-god-how-is-this-legal

Google Online Security Blog: A new chapter for Google’s Vulnerability Reward Program
: https://security.googleblog.com/2021/07/a-new-chapter-for-googles-vulnerability.html

Northern Ireland suspends vaccine passport system after data leak: https://www.bleepingcomputer.com/news/security/northern-ireland-suspends-vaccine-passport-system-after-data-leak/

Biden: Severe cyberattacks could escalate to 'real shooting war': https://www.bleepingcomputer.com/news/security/biden-severe-cyberattacks-could-escalate-to-real-shooting-war/

Israeli government raids NSO Group offices - The Record by Recorded Future: https://therecord.media/israeli-government-raids-nso-group-offices/

Cloudflare's Handling of an RCE Vulnerability in Cdnjs: https://blog.cloudflare.com/cloudflares-handling-of-an-rce-vulnerability-in-cdnjs/

16 of 30 Google results contain SQL injection vulnerabilities: https://waritschlager.de/sqlinjections-in-google-results.html

Autofill in password managers can allow login credentials to be stolen: https://marektoth.com/blog/password-managers-autofill/

WhatsApp chief says government officials, US allies targeted by Pegasus spyware | ZDNet: https://www.zdnet.com/article/whatsapp-chief-says-government-officials-us-allies-targeted-by-nso-groups-pegasus-spyware/

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild: https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-day-affecting-iphones-and-macs-exploited-in-the-wild/

Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows: https://www.bleepingcomputer.com/news/security/attackers-deploy-cryptominers-on-kubernetes-clusters-via-argo-workflows/

Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots: https://www.bleepingcomputer.com/news/security/apple-fixes-bug-that-breaks-iphone-wifi-when-joining-rogue-hotspots/

MacOS malware steals Telegram accounts, Google Chrome data: https://www.bleepingcomputer.com/news/security/macos-malware-steals-telegram-accounts-google-chrome-data/

New PetitPotam attack allows take over of Windows domains: https://www.bleepingcomputer.com/news/microsoft/new-petitpotam-attack-allows-take-over-of-windows-domains/

iOS zero-day let SolarWinds hackers compromise fully updated iPhones | Ars Technica: https://arstechnica.com/gadgets/2021/07/solarwinds-hackers-used-an-ios-0-day-to-steal-google-and-microsoft-credentials/