A letter from the admin,
Now that we’re halfway through 2025, I want to reflect on what the hashpwn community has achieved thus far. We have grown to 200+ members, 600+ posts, and have shared and cracked hundreds of thousands of hashes, posted dozens of helpful tools, wordlists and hashcat rules, while also enjoying the camaraderie of puzzles and CTF. Thank you to all those who have participated...
U.S. House Bans WhatsApp on Gov Devices Citing "High-Risk" Security Flaws.
Care to try your luck on some truncated md5 hashes? These are missing the last 2x char from the trailing end, so put your thinking cap on and have fun.
No, the “16 Billion Credentials” Leak Isn’t a New Breach
Watch out complex passwords, there's a new combinator tool in town.
Vavaldi just released Targinator, a feature-rich wordlist combinator that combines a wordlist with target hints in all possible positions, plus supports applying hashcat-style rules to either or both wordlists being combined.
https://forum.hashpwn.net/post/652
#hashcracking #combinator #hashcat #infosec #vavaldi #flagg #cyclone #hashpwn
Krispy Kreme Doughnut Corporation has confirmed a major data breach compromising sensitive personal data of thousands of current and former employees, as well as their family members.
https://forum.hashpwn.net/post/651
#krispykreme #databreach #hack #cybersecurity #hashpwn #news
Widespread Google Cloud & Cloudflare Outage Disrupts Spotify, Discord, Gmail & More.
https://forum.hashpwn.net/post/649
#google #cloudflare #discord #spotify #gmail #outage #hashpwn #news
Supply-Chain RAT Compromise Strikes 16 Gluestack React-Native-Aria Packages With Nearly 1 Million Weekly Downloads
FBI: Over 900 Organizations Hit by Play Ransomware, SimpleHelp Exploits and ESXi Variants Used
https://forum.hashpwn.net/post/642
#playcrypt #ransomware #RaaS #simplehelp #exploit #esxi #hashpwn #cybersecurity #news
ViciousTrap: Persistent SSH Backdoors Found in 9,000+ ASUS Routers
A sophisticated cyberattack campaign, dubbed ViciousTrap, has compromised over 9,000 ASUS routers, establishing persistent SSH backdoors that survive reboots and firmware updates.
https://forum.hashpwn.net/post/637
#backdoor #asus #cybersecurity #botnet #news #greynoise #ViciousTrap #hashpwn
Unimed, Brazil's largest healthcare cooperative, inadvertently exposed over 14 million patient-doctor messages through an unsecured Apache Kafka instance. The breach included sensitive data such as names, phone numbers, email addresses, Unimed card numbers, uploaded images, documents, and real-time chat logs from both human doctors and Unimed's AI chatbot, "Sara".
https://forum.hashpwn.net/post/636
#unimed #breach #hack #chatbot #cybersecurity #news #hashpwn
AirBorne Alert: 23 Zero-Click Vulnerabilities in Apple AirPlay Expose Billions of Devices to RCE Threats
https://forum.hashpwn.net/post/624
#AirBorne #apple #iphone #airplay #mac #rce #hack #cybersecurity #news #hashpwn
A critical vulnerability, CVE-2025-1127, has been identified in over 150 Lexmark printer models, including the CX, MX, XC, and CS series. This flaw allows remote attackers to execute arbitrary code on unpatched devices by exploiting a combination of path traversal (CWE-22) and race condition (CWE-362) vulnerabilities in the embedded web server. The vulnerability has been assigned a CVSS v3.1 score of 9.1 (Critical).
https://forum.hashpwn.net/post/620
#lexmark #printer #rce #CVE20251127 #cybersecurity #news #hashpwn
Inside Job - Coinbase Faces $400M Fallout After Insider Data Breach and $20M Ransom Demand
https://forum.hashpwn.net/post/617
#coinbase #crypto #hack #breach #hashpwn #news #cybersecurity
The FBI has issued an urgent alert about a wave of sophisticated social engineering attacks where threat actors impersonate high-ranking U.S. officials using AI-generated voice cloning and malicious text messages.
Exodus to Drop Monero (XMR) Support by August 2025
Exodus Wallet, a popular self-custody cryptocurrency wallet, has officially announced it will discontinue support for Monero (XMR) on August 10, 2025. After this deadline, users will no longer be able to send, receive, or view XMR balances through Exodus.
What You Need to Know:
https://forum.hashpwn.net/post/607
LockBit Ransomware Group Breached.
https://forum.hashpwn.net/post/599
#lockbit #ransomware #breach #hack #hashpwn #cybersecurity #infosec
For anyone having issues logging into hashpwn or creating a new account due to captcha not working, this issue has been fixed.
🚀 Spider v0.8.0
New features include:
"-file" to generate n-grams from local plaintext files
"-timeout" for URL crawling
"-sort" to output n-grams by frequency
https://forum.hashpwn.net/post/52
#spider #webcrawler #wordlist #ngram #infosec #hashcracking #golang #hashpwn
