#Hackers stole all the data from #CDPR: source of #Cyberpunk2077, #Witcher 3 and remastered, internal documents, financial information, etc.
Just discovered the BIOS password on my son's laptop and it wasn't dropping even without a battery.
So here's the most useful solution that can generate engineering keys for all modern laptops:
https://www.biosbug.com/ β easy, free, you don't have to install anything, just type your code and get the key.
#Hardware #Hackers #TipsAndTricks
So here's the most useful solution that can generate engineering keys for all modern laptops:
https://www.biosbug.com/ β easy, free, you don't have to install anything, just type your code and get the key.
#Hardware #Hackers #TipsAndTricks
π₯5π2
The Internet Archive has been under a long attack by book publishers. The website lost in court and was forced to erase many records related to free book storages.
π€ Oddly enough, soon after that the wayback machine got under hackers attack:
The site is under DDoS and also faced security breach losing data of 31 million users. The source of the breach is an outdated #JavaScript library
#Internet #Hackers
π€ Oddly enough, soon after that the wayback machine got under hackers attack:
The site is under DDoS and also faced security breach losing data of 31 million users. The source of the breach is an outdated #JavaScript library
#Internet #Hackers
π±16π11π1π₯1π1
The Open Source software is under attack, said the report by some agency: several apps, including Godot, were targeted with free mods and plugins that were actually malware... Wait, what?
Some were just downloading cracked games and malware was getting extra access from computers with Godot installed. Unless it wasn't β first, you should only get Godot from official sources. Second β even hacked games with viruses don't benefit from the official Godot build on your PC.
Then what happened? There are fake Godot distributors and there are infected cracked games with Godot based viruses. Overall, It's not the best way to deliver the virus, since Godot is huge, compared to "normal" viruses and loaders.
https://godotengine.org/article/statement-on-godloader-malware-loader/
#InfoSec@GameDEV
#GodotEngine@GameDEV
#Hackers@GameDEV
Some were just downloading cracked games and malware was getting extra access from computers with Godot installed. Unless it wasn't β first, you should only get Godot from official sources. Second β even hacked games with viruses don't benefit from the official Godot build on your PC.
Then what happened? There are fake Godot distributors and there are infected cracked games with Godot based viruses. Overall, It's not the best way to deliver the virus, since Godot is huge, compared to "normal" viruses and loaders.
https://godotengine.org/article/statement-on-godloader-malware-loader/
#InfoSec@GameDEV
#GodotEngine@GameDEV
#Hackers@GameDEV
Godot Engine
Statement on GodLoader malware loader β Godot Engine
Godot security team clarifies the risk exposed by Check Point Research's report.
π±10π1
Be very careful with GitHub emails: scammers send out phishing messages to all active GitHub users!
1. No, they are not from GH
2. No, you aren't getting $$
3. Yes, believing this would be dumb, but apparently thousands did and it's been out for a few days only
https://github.com/orgs/community/discussions/174380
#Hackers@GameDEV
#Security@GameDEV
#GitHub@GameDEV
1. No, they are not from GH
2. No, you aren't getting $$
3. Yes, believing this would be dumb, but apparently thousands did and it's been out for a few days only
https://github.com/orgs/community/discussions/174380
#Hackers@GameDEV
#Security@GameDEV
#GitHub@GameDEV
π5β€1π1
Since "Rate my team in Counter Strike" bots are so common now on Steam, Valve is using a nasty trick β their messages with phishing links are not being delivered.
For bots it looks like it works. But users only see the safe text. So, people who used to trick those bots are mad that now they don't get their scam links. Found this in the profile of a scammer today and giggled.
#Steam@GameDEV
#Valve@GameDEV
#Hackers@GameDEV
#Scam@GameDEV
For bots it looks like it works. But users only see the safe text. So, people who used to trick those bots are mad that now they don't get their scam links. Found this in the profile of a scammer today and giggled.
#Steam@GameDEV
#Valve@GameDEV
#Hackers@GameDEV
#Scam@GameDEV
π29β€2
There's a CVE-2025-55182:
Pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
But that's not the crazy part: hackers created several forked tools for fake CVE inspection, that actually steals the data of users and loads you malware.
Do not launch GitHub repos mindlessly!
#Hackers@GameDEV
#Security@GameDEV
Pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
But that's not the crazy part: hackers created several forked tools for fake CVE inspection, that actually steals the data of users and loads you malware.
Do not launch GitHub repos mindlessly!
#Hackers@GameDEV
#Security@GameDEV
β6π3
Rainbow Six Siege has been hacked in several attempts by different groups.
First ones got access to the game server admin panel: they banned people and gave away $300m+ worth of goods for free. It seems that hackers banned Ubisoft employees while Ubisoft banned "people with suspicious amounts of currency". Most of these bans are rolled back now.
Then a few more groups seemingly got the full access to all the sources of the game. This still has to be confirmed, since Ubisoft is only discussing the admin access. They temporarily shut down the marketplace and secondary ban system that has been breached.
The security issue is not coming from Ubisoft, it's MongoBleed: MongoDB Zlib Vulnerability (CVE-2025-14847), affecting millions of servers worldwide.
#Ubisoft@GameDEV
#Security@GameDEV
#Hackers@GameDEV
First ones got access to the game server admin panel: they banned people and gave away $300m+ worth of goods for free. It seems that hackers banned Ubisoft employees while Ubisoft banned "people with suspicious amounts of currency". Most of these bans are rolled back now.
Then a few more groups seemingly got the full access to all the sources of the game. This still has to be confirmed, since Ubisoft is only discussing the admin access. They temporarily shut down the marketplace and secondary ban system that has been breached.
The security issue is not coming from Ubisoft, it's MongoBleed: MongoDB Zlib Vulnerability (CVE-2025-14847), affecting millions of servers worldwide.
#Ubisoft@GameDEV
#Security@GameDEV
#Hackers@GameDEV
1π«‘8π4π±2π₯1
GameDev Pulse
Rainbow Six Siege has been hacked in several attempts by different groups. First ones got access to the game server admin panel: they banned people and gave away $300m+ worth of goods for free. It seems that hackers banned Ubisoft employees while Ubisoftβ¦
The same exploit seemingly allowed hackers to wipe Escape From Tarkov accounts, including some media people, who lost their data while streaming.
#Security@GameDEV
#Hackers@GameDEV
#Security@GameDEV
#Hackers@GameDEV
π«‘8π₯1
Notepad++ update mechanism has been hacked in a way that under certain conditions hackers can replace the update system of the app and redirect users traffic to make people install custom version and any additional apps with it.
If you have NP++ on your machine and you have updated it since June 2025: backup data, remove NP++, check any oddities, and install the new safe NP++. Do not update your app via the app itself, since it can be compromised.
It seems that the whole thing was not random and was not targeting casual users, but high-end companies and state-related facilities. But anyway, you know.
#Hackers@GameDEV
#Security@GameDEV
If you have NP++ on your machine and you have updated it since June 2025: backup data, remove NP++, check any oddities, and install the new safe NP++. Do not update your app via the app itself, since it can be compromised.
It seems that the whole thing was not random and was not targeting casual users, but high-end companies and state-related facilities. But anyway, you know.
#Hackers@GameDEV
#Security@GameDEV
π±14π3