Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2026/06/01 1:59 p.m.23 views

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned dev tools, sketchy forum chatter, phishing kits pretending to be productivity, and AI loweri...

9.1CVSS7.2AI score0.86678EPSS
Exploits9
The Hacker News
The Hacker News
added 2026/04/03 5:34 p.m.8 views

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416 , a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich,...

10CVSS7.2AI score0.99359EPSS
Exploits18
Malwarebytes
Malwarebytes
added 2026/03/09 7:21 a.m.18 views

A week in security (March 2 – March 8)

Last week on Malwarebytes Labs: One click on this fake Google Meet update can give attackers control of your PC Beware of fake OpenClaw installers, even if Bing points you to GitHub Fake CleanMyMac site installs SHub Stealer and backdoors crypto wallets Windows File Shredder: When deleting a file...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/03 9:20 a.m.9 views

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The activity, the company said, targets government and public-sector organizations with the end goal of...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/27 11:20 a.m.22 views

Do We Really Need The OWASP NHI Top 10?

The Open Web Application Security Project has recently introduced a new Top 10 project - the Non-Human Identity NHI Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used...

7.5AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/12/05 5:0 p.m.48 views

Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period in 2022. Threat actors leverage compromised identities to achieve a significant level of access t...

7.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/12/05 5:0 p.m.37 views

Microsoft Incident Response lessons on preventing cloud identity compromise

Microsoft observed a surge in cyberattacks targeting identities in 2023, with attempted password-based attacks increasing by more than tenfold in the first quarter of 2023 compared to the same period in 2022. Threat actors leverage compromised identities to achieve a significant level of access t...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/29 1:0 p.m.48 views

SaaS Attacks: Lessons from Real-Life Misconfiguration Exploits

It’s unfortunate but true: SaaS attacks continue to increase. You can’t get around it, COVID-19 accelerated the already exploding SaaS market and caused industries not planning on making a switch to embrace SaaS. With SaaS apps becoming the default system of record for organizations, it has left...

0.6AI score
Exploits0References8
Rows per page
Query Builder