HackingPassion.com : [email protected][~]

The command server is a botnet’s one real weak point. Take it down and the bots go quiet. Operators figured this out early and built their infrastructure to survive exactly that.

This article covers how they do it. How botnets hide their command infrastructure inside Tor and I2P, how they scan for new victims without exposing themselves, and what to look for to detect ...

Google tells you the key is gone. It keeps working for 23 more minutes. When you delete a Google API key, a dialog appears that says the following: “Once deleted, it can no longer be used to make API requests.” That is the message. It is printed there by Google, presented as fact at the exact moment you think the risk is gone. It is not true.

...

GhostTree makes Windows Defender stop scanning. Two lines of code, no admin rights, and malware sitting right next to it goes completely undetected. A Varonis researcher published it today, confirmed it works, and Microsoft’s first response was that this does not count as a security issue. Then they patched it anyway.

Windows lets you create a folder t...

Chrome keeps saved passwords locked behind one master key. VoidStealer steals that key using a tool Chrome cannot block. It does not need administrator rights, does not touch the browser’s code, and when it is done, saved passwords, open login sessions, and stored payment cards are all readable. The technique had been sitting on GitHub as open-source research...

Reaper swipes macOS passwords and crypto wallets, backdoors the machine, and pretends to be Apple, Microsoft, and Google in the same attack. Apple shipped an update in March to stop exactly this. Reaper already bypasses it.

Reaper belongs to a malware family called SHub Stealer, active since April 2025. SHub grew out of an earlier macOS stealer called ...