Lucene search
+L
ThnMost viewed

20926 matches found

The Hacker News
The Hacker News
added 2023/02/14 11:20 a.m.57 views

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Malicious actors have published more than 451 unique Python packages on the official Python Package Index PyPI repository in an attempt to infect developer systems with clipper malware. Software supply chain security company Phylum, which spotted the libraries, said the ongoing activity is a...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/31 4:6 a.m.57 views

QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates

Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage NAS devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects...

9.8CVSS1.5AI score0.02663EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/10/31 9:17 a.m.57 views

GitHub Repojacking Bug Could've Allowed Attackers to Takeover Other Users' Repositories

Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks. The RepoJacking technique, disclosed by Checkmarx, entails a bypass of a protection mechanism called popular...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/14 10:12 a.m.57 views

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

A PHP version of an information-stealing malware called Ducktail has been discovered in the wild being distributed in the form of cracked installers for legitimate apps and games, according to the latest findings from Zscaler. "Like older versions .NetCore, the latest version PHP also aims to...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/04 3:39 p.m.57 views

Popular YouTube Channel Caught Distributing Malicious Tor Browser Installer

A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Browser. Kaspersky dubbed the campaign OnionPoison, with all of the victims located in China. The scale of the attack remains unclear, but the Russian...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/24 5:59 p.m.57 views

Crypto Miners Using Tox P2P Messenger as Command and Control Server

Threat actors have begun to use the Tox peer-to-peer instant messaging service as a command-and-control method, marking a shift from its earlier role as a contact method for ransomware negotiations. The findings from Uptycs, which analyzed an Executable and Linkable Format ELF artifact "72client"...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/19 2:4 p.m.57 views

DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities

The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers. The improvements also include a new infection chain that incorporates previousl...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/17 6:20 a.m.57 views

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware

The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. Slovak cybersecurity firm ESET linked it to a campaign dubbed "Operation Interception" that was first disclosed in June 2020 and involved using...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/08 1:55 p.m.57 views

New Orchard Botnet Uses Bitcoin Founder's Account Info to Generate Malicious Domains

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control C2 infrastructure. "Because of the uncertainty of Bitcoin transactions, this technique is more unpredictable than using...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/07 4:29 a.m.57 views

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

A new IoT botnet malware dubbed RapperBot has been observed rapidly evolving its capabilities since it was first discovered in mid-June 2022. "This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/12 5:33 a.m.57 views

Microsoft Windows Autopatch is Now Generally Available for Enterprise Systems

Microsoft on Monday announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints. The launch, which comes a day before Microsoft is expected to release its monthly round of security patches, is available for...

1.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/21 8:2 a.m.57 views

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System DFS: Namespace Management Protocol MS-DFSNM to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/16 8:25 a.m.57 views

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 CVSS score: 8.1, the issue relates to a case of deserialization of...

2.9AI score0.17767EPSS
Exploits5
The Hacker News
The Hacker News
added 2022/05/10 9:48 a.m.57 views

Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory

Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2022-29972, has been codenamed "SynLapse" by researchers from Orca Security, who...

1.1AI score0.03686EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/03/02 6:41 a.m.57 views

Critical Security Bugs Uncovered in VoIPmonitor Monitoring Software

Critical security vulnerabilities have been uncovered in VoIPmonitor software that, if successfully exploited, could allow unauthenticated attackers to escalate privileges to the administrator level and execute arbitrary commands. Following responsible disclosure by researchers from Kerbit, an...

10CVSS4.8AI score0.49992EPSS
Exploits3
The Hacker News
The Hacker News
added 2021/11/16 4:48 p.m.57 views

New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses

Cybersecurity researchers have demonstrated yet another variation of the Rowhammer attack affecting all DRAM dynamic random-access memory chips that bypasses currently deployed mitigations, thereby effectively compromising the security of the devices. The new technique — dubbed "Blacksmith"...

9CVSS8.3AI score0.02889EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/08/31 3:27 a.m.57 views

New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes

Details have emerged about a now-patched security vulnerability impacting Microsoft Exchange Server that could be weaponized by an unauthenticated attacker to modify server configurations, thus leading to the disclosure of Personally Identifiable Information PII. The issue, tracked as...

7.5CVSS0.9AI score0.97502EPSS
Exploits2
The Hacker News
The Hacker News
added 2021/07/21 1:27 p.m.57 views

Malicious NPM Package Caught Stealing Users' Saved Passwords From Browsers

A software package available from the official NPM repository has been revealed to be actually a front for a tool that's designed to steal saved passwords from the Chrome web browser. The package in question, named "nodejsnetserver" and downloaded over 1,283 times since February 2019, was last...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2021/07/21 10:12 a.m.57 views

XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems

A popular malware known for stealing sensitive information from Windows machines has evolved into a new strain capable of also targeting Apple's macOS operating system. The upgraded malware, dubbed "XLoader," is a successor to another well-known Windows-based info stealer called Formbook that's...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/05/26 6:58 a.m.57 views

Google Researchers Discover A New Variant of Rowhammer Attack

A team of security researchers from Google has demonstrated yet another variant of the Rowhammer vulnerability that targets increasingly smaller DRAM chips to bypass all current mitigations, making it a persistent threat to chip security. Dubbed "Half-Double," the new hammering technique hinges o...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/27 11:59 a.m.57 views

Hackers Threaten to Leak D.C. Police Informants' Info If Ransom Is Not Paid

The Metropolitan Police Department MPD of the District of Columbia has become the latest high-profile government agency to fall victim to a ransomware attack. The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police's networks and stolen 250 GB of unencrypte...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/21 12:47 p.m.57 views

Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid

Prominent Apple supplier Quanta on Wednesday said it suffered a ransomware attack from the REvil ransomware group, which is now demanding the iPhone maker pay a ransom of $50 million to prevent leaking sensitive files on the dark web. In a post shared on its deep web "Happy Blog" portal, the thre...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/22 2:52 p.m.57 views

Popular Netop Remote Learning Software Found Vulnerable to Hacking

Cybersecurity researchers on Sunday disclosed multiple critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. "These findings allow for elevation of privileges and ultimately...

9.8CVSS1.9AI score0.0148EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/01/04 12:37 p.m.57 views

British Court Rejects U.S. Request to Extradite WikiLeaks' Julian Assange

A British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange to the country on charges pertaining to illegally obtaining and sharing classified material related to national security. In a hearing at Westminster Magistrates' Court today, Judge Vanessa...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/09/28 11:6 a.m.57 views

Red Team — Automation or Simulation?

What is the difference between a penetration test and a red team exercise? The common understanding is that a red team exercise is a pen-test on steroids, but what does that mean? While both programs are performed by ethical hackers, whether they are in-house residents or contracted externally, t...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2020/09/09 8:23 a.m.57 views

Cybercriminals Are Using Legit Cloud Monitoring Tools As Backdoor

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2020/04/20 10:58 a.m.57 views

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans RAT capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/03/03 8:2 p.m.57 views

Researchers Claim CIA Was Behind 11-Year-Long Hacking Attacks Against China

Qihoo 360, one of the most prominent cybersecurity firms, today published a new report accusing the U.S. Central Intelligence Agency CIA to be behind an 11-year-long hacking campaign against several Chinese industries and government agencies. The targeted industry sectors include aviation...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2019/11/26 2:34 p.m.57 views

Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data

Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected social media accounts. In a blog post published yesterday, Twitter revealed that an SDK developed by...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2019/11/20 8:42 a.m.57 views

Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware

What an irony — someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users' wallets. The latest supply-chain cyberattack was revealed on Monda...

3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/08/29 3:34 p.m.57 views

Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking

Former Amazon employee Paige Thompson, who was arrested last month in relation to the Capital One data breach, has been accused of hacking not only the U.S. credit card issuer, but also more than 30 other companies. An indictment unsealed on Wednesday revealed that Thompson not just stole data fr...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2019/07/16 12:25 p.m.57 views

Engage Your Management with the Definitive 'Security for Management' Presentation Template

In every organization, there is a person who's directly accountable for cybersecurity. The name of the role varies per the organization's size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places. They're the person who...

Exploits0
The Hacker News
The Hacker News
added 2018/09/12 11:50 a.m.57 views

Beware! Unpatched Safari Browser Hack Lets Attackers Spoof URLs

A security researcher has discovered a serious vulnerability that could allow attackers to spoof website addresses in the Microsoft Edge web browser for Windows and Apple Safari for iOS. While Microsoft fixed the address bar URL spoofing vulnerability last month as part of its monthly security...

4.3CVSS1.1AI score0.06176EPSS
Exploits0
The Hacker News
The Hacker News
added 2018/08/15 9:28 a.m.57 views

Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware

A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of...

1.2AI score
Exploits0
The Hacker News
The Hacker News
added 2018/01/29 4:40 a.m.57 views

Heat Map Released by Fitness Tracker Reveals Location of Secret Military Bases

Every one of us now has at least one internet-connected smart device, which makes this question even more prominent —how much does your smart device know about you? Over the weekend, the popular fitness tracking app Strava proudly published a "2017 heat map" showing activities from its users arou...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2016/10/03 10:23 p.m.57 views

Beware! You Can Get Hacked Just by Opening a 'JPEG 2000' Image

Researchers have disclosed a critical zero-day vulnerability in the JPEG 2000 image file format parser implemented in OpenJPEG library, which could allow an attacker to remotely execute arbitrary code on the affected systems. Discovered by security researchers at Cisco Talos group, the zero-day...

6.8CVSS7.8AI score0.02563EPSS
Exploits2
The Hacker News
The Hacker News
added 2016/02/01 8:26 p.m.57 views

Google Patches Critical Remotely-exploitable Flaws in Latest Android Update

Google has released the February Security Update for Android that patches multiple security vulnerabilities discovered in the latest version of Android operating system. In total, there were five "critical" security vulnerabilities fixed in the release along with four "high" severity and one mere...

10CVSS9.9AI score0.33367EPSS
Exploits4
The Hacker News
The Hacker News
added 2015/08/19 1:25 a.m.57 views

RaspBSD – FreeBSD distribution for Raspberry Pi

Raspberry Pi is gaining new heights by rapidly maturing as; after Microsoft made Windows 10 IoT core supporting the Raspberry Pi 2, now a new version FreeBSD operating system is also deployable on Raspberry Pi devices, called RaspBSD. FreeBSD Berkeley Software Distribution is an open source...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2013/10/27 4:37 p.m.57 views

Terminator RAT became more sophisticated in recent APT attacks

Advanced Persistent Threat APT is a term referring to targeted attacks on enterprises and other organizations and recently referred to what appeared to be nation-state intelligence agencies using cyber assaults for both conventional espionage and industrial espionage. Advanced threats have target...

9.3CVSS6.6AI score0.99966EPSS
Exploits12
The Hacker News
The Hacker News
added 2011/02/09 1:51 p.m.57 views

Nullcon 2011 - Information security Event !

Nullcon the open security community is back with the second edition of nullcon Goa, an international security conference. The event provides cutting edge research in information security in a vendor neutral environment Event details Event: nullcon 2011 Date: 25 February-26 February 2011 Location:...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/31 12:4 p.m.56 views

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. mu-plugins, short for must-use plugins, refers to plugins in a special directory...

10CVSS8.9AI score0.93971EPSS
Exploits19
The Hacker News
The Hacker News
added 2025/03/24 11:35 a.m.56 views

⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More

A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn't the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—whil...

10CVSS8.9AI score0.99301EPSS
Exploits71
The Hacker News
The Hacker News
added 2024/10/16 5:6 a.m.56 views

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

GitHub has released security updates for Enterprise Server GHES to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacker could bypass SAML...

10CVSS7.4AI score0.25126EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/11 6:53 a.m.56 views

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are...

9.8CVSS8.9AI score0.84345EPSS
Exploits3
The Hacker News
The Hacker News
added 2024/09/05 4:5 p.m.56 views

Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues

Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below - CVE-2024-40711 CVSS score: 9.8 - A vulnerability in Veeam Backup &...

9.9CVSS10AI score0.90208EPSS
Exploits3
The Hacker News
The Hacker News
added 2024/05/23 9:21 a.m.56 views

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager EPM that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 CVSS scores: 9.6 – relate to SQL...

9.9CVSS9.8AI score0.71685EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/04/20 5:18 a.m.56 views

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and...

10CVSS10AI score0.99539EPSS
Exploits22
The Hacker News
The Hacker News
added 2024/03/29 2:54 p.m.56 views

Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds

Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu,...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/11 5:59 a.m.56 views

Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT

A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts. "Threat actor group Magnet Goblin's hallmark is its...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/06 2:2 p.m.56 views

Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services

Three new security vulnerabilities have been discovered in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service ReDoS condition. "The new vulnerabilities affect any authenticated user of Azure...

9.8CVSS8.4AI score0.01874EPSS
Exploits0
Total number of security vulnerabilities5000