Toggle light / dark theme

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.

The first set of attacks entails the exploitation of CVE-2024–36401 (CVSS score: 9.8), a critical remote code execution vulnerability impacting OSGeo GeoServer GeoTools that has been weaponized in cyber attacks since late last year.

“Criminals have used the vulnerability to deploy legitimate software development kits (SDKs) or modified apps to gain passive income via network sharing or residential proxies,” Palo Alto Networks Unit 42 researchers Zhibin Zhang, Yiheng An, Chao Lei, and Haozhe Zhang said in a technical report.

Fake Mac fixes trick users into installing new Shamos infostealer

A new infostealer malware targeting Mac devices, called ‘Shamos,’ is targeting Mac devices in ClickFix attacks that impersonate troubleshooting guides and fixes.

The new malware, which is a variant of the Atomic macOS Stealer (AMOS), was developed by the cybercriminal group “COOKIE SPIDER,” and is used to steal data and credentials stored in web browsers, Keychain items, Apple Notes, and cryptocurrency wallets.

CrowdStrike, which detected Shamos, reports that the malware has attempted infections against over three hundred environments worldwide that they monitor since June 2025.

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts.

Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of Urban’s sentencing was reported by Bloomberg and Jacksonville news outlet News4JAX.

In addition, 120 months in federal prison, Urban faces an additional three years of supervised release and has been ordered to pay $13 million in restitution to victims. In a statement shared with security journalist Brian Krebs, Urban called the sentence unjust.

Wow! We Finally Have Evidence of a Planet in the Nearby Alpha Centauri

Support this channel on Patreon to help me make this a full time job: https://www.patreon.com/whatdamath (Unreleased videos, extra footage, DMs, no ads)
Alternatively, PayPal donations can be sent here: http://paypal.me/whatdamath.
Get a Wonderful Person Tee: https://teespring.com/stores/whatdamath.
More cool designs are on Amazon: https://amzn.to/3QFIrFX

Hello and welcome! My name is Anton and in this video, we will talk about new evidence for a large planet in the Alpha Centauri system near us.
Links:

NASA’s Webb Finds New Evidence for Planet Around Closest Solar Twin


https://arxiv.org/pdf/2508.03814
https://arxiv.org/pdf/2508.03812
https://iopscience.iop.org/article/10.3847/2515-5172/add880/meta.
Other videos:



#alphacentauri #planet #jameswebbspacetelescope.

0:00 Alpha centauri surprise!
0:40 What we know about the star system so far.
2:57 Potential detection in 2019
3:35 Why JWST is so good at this but there were still challenges.
4:55 Methods used to observe this star.
5:30 Surprise results and the initial analysis.
8:00 Non detection at later dates was important! Orbits worked out.
9:15 What we know about the planet so far.
11:30 Could this be rings?
12:30 What this implies and conclusions.
13:30 What’s next?

Enjoy and please subscribe.

Bitcoin/Ethereum to spare? Donate them here to help this channel grow!
bc1qnkl3nk0zt7w0xzrgur9pnkcduj7a3xxllcn7d4
or ETH: 0x60f088B10b03115405d313f964BeA93eF0Bd3DbF

Thank you to all Patreon supporters of this channel.

Wow! JWST Found Objects at Insane New Distances (Redshift of 25?!)

Support this channel on Patreon to help me make this a full time job: https://www.patreon.com/whatdamath (Unreleased videos, extra footage, DMs, no ads)
Alternatively, PayPal donations can be sent here: http://paypal.me/whatdamath.
Get a Wonderful Person Tee: https://teespring.com/stores/whatdamath.
More cool designs are on Amazon: https://amzn.to/3QFIrFX

Hello and welcome! My name is Anton and in this video, we will talk about a major discovery of most distant objects ever seen coming from the James Webb Space Telescope.
Links:
https://arxiv.org/pdf/2503.15594
https://arxiv.org/pdf/2503.

0:00 JWST breaks its own records.
0:40 Earlier observations and theory behind this.
3:10 New records at redshift of 17 and 25
5:20 What we know about these objects.
7:00 Issue explaining this.
7:50 Could this be black holes?
10:40 What’s next?
11:40 Conclusions.

Enjoy and please subscribe.

Bitcoin/Ethereum to spare? Donate them here to help this channel grow!
bc1qnkl3nk0zt7w0xzrgur9pnkcduj7a3xxllcn7d4
or ETH: 0x60f088B10b03115405d313f964BeA93eF0Bd3DbF

Thank you to all Patreon supporters of this channel.

Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks

Threat hunters have disclosed two different malware campaigns that have targeted vulnerabilities and misconfigurations across cloud environments to deliver cryptocurrency miners.

The threat activity clusters have been codenamed Soco404 and Koske by cloud security firms Wiz and Aqua, respectively.

Soco404 “targets both Linux and Windows systems, deploying platform-specific malware,” Wiz researchers Maor Dokhanian, Shahar Dorfman, and Avigayil Mechtinger said. “They use process masquerading to disguise malicious activity as legitimate system processes.”

New Koske Linux malware hides in cute panda images

A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory.

Researchers from cybersecurity company AquaSec analyzed Koske and described it as “a sophhisticated Linux threat.” Based on the observed adaptive behavior, the researchers believe that the malware was developed using large language models (LLMs) or automation frameworks.

Koske’s purpose is to deploy CPU and GPU-optimized cryptocurrency miners that use the host’s computational resources to mine over 18 distinct coins.

/* */