{"id":13978,"date":"2018-09-27T05:50:44","date_gmt":"2018-09-27T05:50:44","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/"},"modified":"2018-09-27T05:50:44","modified_gmt":"2018-09-27T05:50:44","slug":"boffins-bypass-password-protection-with-pilfering-by-phony-programs","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/","title":{"rendered":"Boffins bypass password protection with pilfering by phony programs"},"content":{"rendered":"<p>Password managers on mobile devices can be tricked by imposter apps into handing over a user&#8217;s passwords.<\/p>\n<p>This according to <a target=\"_blank\" rel=\"nofollow\" href=\"http:\/\/www.s3.eurecom.fr\/~yanick\/publications\/2018_ccs_phishing.pdf\">a paper<\/a> [PDF] from researchers with the University of Genoa and EURECOM, who found that the Android Instant Apps feature is designed and can ask for, and receive, stored credentials from password managers meant for other applications.<\/p>\n<p>The idea is that <a target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/support.google.com\/googleplay\/answer\/7240211?hl=en\">Instant Apps<\/a>, a feature intended to let user try out portions of an Android app without fully downloading it by running remotely hosted code, does not get properly distinguished from fully-installed apps by either users or password managers.<\/p>\n<p>The researchers say that a number of popular Android password managers are also prone to falling for spoofed package names and metadata entries that lead them to conclude a spoofed app is authentic.<\/p>\n<p>&#8220;This means that the package name of the Instant App is attacker-controlled, and that it is thus possible to trick password managers to auto-fill credentials for an attacker-chosen website even without requiring the installation of an additional app,&#8221; the researchers explain.<\/p>\n<p>&#8220;This allows an attacker to bootstrap an end-to-end phishing attack by luring the victim into visiting a malicious webpage: such webpage may contain, for example, a fake Facebook-related functionality.&#8221;<\/p>\n<p>The paper paints a picture of an attack scenario where an attacker would lure the user to a lookalike page, or even just a fake &#8216;like&#8217; button, that would then prompt the user to approve opening a lookalike &#8216;instant app&#8217; package that is connected to the attacker&#8217;s server.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2017\/09\/19\/password_shutterstock.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"password\"\/><\/p>\n<h2 title=\"Cloud lineup gets security overhaul with 2FA and new monitoring tools\">Microsoft &#8216;kills&#8217; passwords, throws up threat manager, APIs Graph Security<\/h2>\n<p><a href=\"https:\/\/www.theregister.co.uk\/2018\/09\/24\/microsoft_kills_passwords\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>From there, the malicious instant app would present itself as a valid app (such as Facebook) and request the password manager hand over login credentials. Neither the user, nor the password manager, would be aware they had been conned.<\/p>\n<p>&#8220;We believe this attack strategy significantly lowers the bar, with respect to all known phishing attacks on the web and mobile devices: to the best of our knowledge, this is the first attack that does not assume a malicious app already installed on the phone and that does not even require the user to insert her credentials,&#8221; the researchers say.<\/p>\n<p>&#8220;These attacks are strictly more practical than all currently known mobile phishing works.&#8221;<\/p>\n<p>In the end, the researchers say the solution for the issue is not for password managers to change how they operate, but rather that Google develop a more reliable and secure method for password tools to verify that the apps asking for credentials are who they say they are.<\/p>\n<p>&#8220;The key design issue is that all these mechanisms use package names as the main abstraction to work with, thus leaving developers of password managers with the daunting task of mapping apps to their associated domain names,&#8221; the paper reads.<\/p>\n<p>&#8220;Given the number of security issues and misplaced trust assumptions we have identified in leading password managers, we believe third-party developers should not be asked to implement this critical step.&#8221; \u00ae<\/p>\n<p class=\"wptl btm\"><span>Sponsored:<\/span> <a href=\"https:\/\/go.theregister.co.uk\/tl\/1787\/-6625\/following-bottomlines-journey-to-the-hybrid-cloud?td=wptl1787\">Following Bottomline\u2019s journey to the Hybrid Cloud<\/a><\/p>\n<p>READ MORE <a href=\"http:\/\/go.theregister.com\/feed\/www.theregister.co.uk\/2018\/09\/26\/password_manager_theft\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google Instant Apps still needs a lot of work on security Password managers on mobile devices can be tricked by imposter apps into handing over a user&#8217;s passwords.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":13979,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-13978","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Boffins bypass password protection with pilfering by phony programs 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Boffins bypass password protection with pilfering by phony programs 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-09-27T05:50:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Boffins bypass password protection with pilfering by phony programs\",\"datePublished\":\"2018-09-27T05:50:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/\"},\"wordCount\":516,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/\",\"name\":\"Boffins bypass password protection with pilfering by phony programs 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg\",\"datePublished\":\"2018-09-27T05:50:44+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/09\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Boffins bypass password protection with pilfering by phony programs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Boffins bypass password protection with pilfering by phony programs 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/","og_locale":"en_US","og_type":"article","og_title":"Boffins bypass password protection with pilfering by phony programs 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-09-27T05:50:44+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Boffins bypass password protection with pilfering by phony programs","datePublished":"2018-09-27T05:50:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/"},"wordCount":516,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/","url":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/","name":"Boffins bypass password protection with pilfering by phony programs 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg","datePublished":"2018-09-27T05:50:44+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/09\/boffins-bypass-password-protection-with-pilfering-by-phony-programs.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/boffins-bypass-password-protection-with-pilfering-by-phony-programs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Boffins bypass password protection with pilfering by phony programs"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/13978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=13978"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/13978\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/13979"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=13978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=13978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=13978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}