SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks

April 21, 2025

A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts.
The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to compromise payment card data, fraud prevention firm Cleafy said in an analysis. There is evidence to

Source: Read More

Previous ArticleJapan Warns of Hacked Trading Accounts and Unauthorized Trades

Next Article A greener path forward: Overcoming the hidden energy cost of multi-system software architectures

Highlights

CVE-2025-55733 – DeepChat Custom URL Handler Remote Code Execution Vulnerability

August 19, 2025

CVE ID : CVE-2025-55733

Published : Aug. 19, 2025, 7:15 p.m. | 5 hours, 37 minutes ago

Description : DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they control. When a victim visits such a site or clicks on the link, the browser triggers the app’s custom URL handler (deepchat:), causing the DeepChat application to launch and process the URL, leading to remote code execution on the victim’s machine. This vulnerability is fixed in 0.3.1.

Severity: 9.6 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks

How to Fine-Tune Large Language Models

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

CVE-2025-45017 – PHPGurukul Park Ticketing Management System SQL Injection Vulnerability

Google DeepMind Introduces AlphaEvolve: A Gemini-Powered Coding AI Agent for Algorithm Discovery and Scientific Optimization

ThinkPRM: A Generative Process Reward Models for Scalable Reasoning Verification

Perplexity AI coming soon to these Samsung devices – report

CVE-2025-55733 – DeepChat Custom URL Handler Remote Code Execution Vulnerability

CVE-2025-8500 – Code-projects Human Resource Integrated System SQL Injection Vulnerability

My top 6 browsers after trying nearly every one (spoiler: none are Chrome)

Build a serverless Amazon Bedrock batch job orchestration workflow using AWS Step Functions

SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks

Related Posts