Lucene search
+L
ThnMost viewed

20929 matches found

The Hacker News
The Hacker News
added 2020/05/20 1:11 p.m.54 views

[Guide] Finding Best Security Outsourcing Alternative for Your Organization

As cyberattacks continue to proliferate in volume and increase in sophistication, many organizations acknowledge that some part of their breach protection must be outsourced, introducing a million-dollar question of what type of service to choose form. Today, Cynet releases the Security Outsourci...

1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/10/31 2:26 p.m.54 views

Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed "MessageTap," the backdoor malware is a 64-bit ELF dat...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2019/09/18 1:0 p.m.54 views

Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month

Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam—they mine cryptocurrencies as well. Smominru, an infamous...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/04/25 3:0 p.m.54 views

'Highly Critical' Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/12/21 3:59 a.m.54 views

Hackers Targeting Servers Running Database Services for Mining Cryptocurrency

Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The researchers from security firm GuardiCore...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2015/07/24 2:52 a.m.54 views

RCSAndroid — Advanced Android Hacking Tool Leaked Online

As digging deeper and deeper into the huge Hacking Team data dump, security researchers are finding more and more source code, including an advanced Android Hacking Tool. Yes, this time researchers have found a source code to a new piece of weaponized android malware that had the capability to...

6.8CVSS6.6AI score0.0238EPSS
Exploits0
The Hacker News
The Hacker News
added 2015/05/06 11:58 p.m.54 views

WordPress Vulnerability Puts Millions of Websites At Risk

Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting XSS vulnerability present in the default installation of the widely used content management system. The cross-site scripting XSS vulnerability, uncovered by the security...

4.3CVSS5.4AI score0.03803EPSS
Exploits3
The Hacker News
The Hacker News
added 2013/06/18 6:47 a.m.54 views

BlackBerry Z10 Privilege Escalation Vulnerability

BlackBerry Z10 users should be aware that there is a privilege escalation vulnerability. The vulnerability potentially allows a hacker to modify or edit data on a stolen BlackBerry Z10 smartphone with BlackBerry Protect enabled, identified as BSRT-2013-006 CVE-2013-3692 According to the...

10CVSS6.8AI score0.08158EPSS
Exploits0
The Hacker News
The Hacker News
added 2012/04/12 12:10 p.m.54 views

Samba remote code execution vulnerability, Patch Released !

Samba remote code execution vulnerability, Patch Released ! Samba is an award-winning free software file, print and authentication server suite for Windows clients. The project was begun by Australian Andrew Tridgell. There is a serious remotely exploitable vulnerability in the Samba open-source...

10CVSS8AI score0.74034EPSS
Exploits9
The Hacker News
The Hacker News
added 2026/05/06 10:57 a.m.53 views

Your AI Agents Are Already Inside the Perimeter. Do You Know What They're Doing?

Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern them. In their inaugural Market Guide for Guardian Agents, Gartner states that “enterprise adoption of AI agents is accelerating, outpacing maturity of...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/14 5:57 p.m.53 views

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 CVSS score: 9.8, has been described as a path traversal flaw. "Improper limitation of a pathname to a restricte...

9.8CVSS9.5AI score0.91941EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/05/14 10:40 a.m.53 views

Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails

Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is "using crafted emails that impersonate invoice...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/05 3:50 p.m.53 views

Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws

A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive...

7.8CVSS8.5AI score0.31894EPSS
Exploits28
The Hacker News
The Hacker News
added 2024/10/07 1:52 p.m.53 views

New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries

Cybersecurity researchers have discovered a new botnet malware family called Gorilla aka GorillaBot that draws its inspiration from the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack commands, with...

8.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/22 4:48 a.m.53 views

GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a...

10CVSS7.9AI score0.02573EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/04/08 11:29 a.m.53 views

Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Proofpoint and Team Cymru said...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/03 11:12 a.m.53 views

Attack Surface Management vs. Vulnerability Management

Attack surface management ASM and vulnerability management VM are often confused, and while they overlap, they're not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attac...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/19 9:59 a.m.53 views

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices

A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X. "The new...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/14 10:24 a.m.53 views

3 Things CISOs Achieve with Cato

Being a CISO is a balancing act: ensuring organizations are secure without compromising users' productivity. This requires taking multiple elements into consideration, like cost, complexity, performance and user experience. CISOs around the globe use Cato SSE 360, as part of the Cato SASE Cloud...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/11 6:28 a.m.53 views

Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability

Technical specifics and a proof-of-concept PoC exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403...

10CVSS8.2AI score0.03272EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/02/29 11:33 a.m.53 views

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges GRX The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol GTP for command-and-control C2 communications. GPRS...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/16 6:49 a.m.53 views

U.S. Government Disrupts Russia-Linked Botnet Engaged in Cyber Espionage

The U.S. government on Thursday said it disrupted a botnet comprising hundreds of small office and home office SOHO routers in the country that was put to use by the Russia-linked APT28 actor to conceal its malicious activities. "These crimes included vast spear-phishing and similar credential...

9.8CVSS9.8AI score0.97408EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/02/01 11:22 a.m.53 views

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/01 2:0 p.m.53 views

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Security researchers have detailed a new variant of a dynamic link library DLL search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/27 5:29 a.m.53 views

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service DDoS attacks. "Threat...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/16 5:0 a.m.53 views

Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing attacks against retail entities during the holiday shopping season. The goal of the attac...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/04 11:3 a.m.53 views

New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices

Cybersecurity researchers have discovered a new variant of an emerging botnet called P2PInfect that's capable of targeting routers and IoT devices. The latest version, per Cado Security Labs, is compiled for Microprocessor without Interlocked Pipelined Stages MIPS architecture, broadening its...

10CVSS7.3AI score0.9967EPSS
Exploits10
The Hacker News
The Hacker News
added 2023/11/24 3:32 p.m.53 views

Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

More details have emerged about a malicious Telegram bot called Telekopye that's used by threat actors to pull off large-scale phishing scams. "Telekopye can craft phishing websites, emails, SMS messages, and more," ESET security researcher Radek Jizba said in a new analysis. The threat actors...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/24 10:31 a.m.53 views

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have been used by a Hamas-affiliated threat actor to target Israel amid the ongoing war in the region. "Among the most prominent changes is the shift to Rust language,...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/14 11:54 a.m.53 views

Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service DDoS botnet dubbed OracleIV. "Attackers are exploiting this misconfiguration to deliver a malicious Docker container, buil...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/31 12:4 p.m.53 views

Malicious NuGet Packages Caught Distributing SeroXen RAT Malware

Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security firm ReversingLabs described the campaign as coordinated and ongoing since August 1, 2023, while linki...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/13 10:25 a.m.53 views

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That's according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency CISA and...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/09 10:49 a.m.53 views

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security

Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO's ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully...

9.8CVSS9.2AI score0.01505EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/10/05 9:30 a.m.53 views

CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added two security flaws to its Known Exploited Vulnerabilities KEV catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below -...

9.8CVSS8.2AI score0.99979EPSS
Exploits22
The Hacker News
The Hacker News
added 2023/10/02 5:31 a.m.53 views

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground

Cybersecurity experts have discovered yet another malware-as-a-service MaaS threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credential...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/26 4:24 a.m.53 views

Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack

Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. "Specifically, T-Mobile,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/24 7:38 a.m.53 views

Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal

The U.S. Justice Department DoJ on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds. Both the individuals, Roman Storm and Roman Semenov, have been charged...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/02 2:12 p.m.53 views

Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

A Russia-nexus adversary has been linked to 94 new domains starting March 2023, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the revamped infrastructure to a threat actor it...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/20 10:48 a.m.53 views

A Few More Reasons Why RDP is Insecure (Surprise!)

If it seems like Remote Desktop Protocol RDP has been around forever, it's because it has at least compared to the many technologies that rise and fall within just a few years. The initial version, known as "Remote Desktop Protocol 4.0," was released in 1996 as part of the Windows NT 4.0 Terminal...

7.8CVSS7.8AI score0.00668EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/06/15 4:20 p.m.53 views

Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency

Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings reveal. "Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquir...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/29 9:50 a.m.53 views

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

Linux routers in Japan are the target of a new Golang remote access trojan RAT called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center JPCERT/CC...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/03 5:7 a.m.53 views

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an Industrial Control Systems ICS advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the...

10CVSS8.1AI score0.01726EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/04/28 11:59 a.m.53 views

New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer or AMOS on Telegram for $1,000 per month, joining the likes of MacStealer. "The Atomic macOS Stealer can steal various types of information from the victim's machine, including...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/26 7:5 a.m.53 views

VMware Releases Critical Patches for Workstation and Fusion Software

VMware has released updates to resolve multiple security flaws impacting its Workstation and Fusion software, the most critical of which could allow a local attacker to achieve code execution. The vulnerability, tracked as CVE-2023-20869 CVSS score: 9.3, is described as a stack-based...

6.8AI score0.70423EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/04/18 9:5 a.m.53 views

Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access

The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB h...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/10 9:27 a.m.53 views

Protecting your business with Wazuh: The open source security platform

Today, businesses face a variety of security challenges like cyber attacks, compliance requirements, and endpoint security administration. The threat landscape constantly evolves, and it can be overwhelming for businesses to keep up with the latest security trends. Security teams use processes an...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/27 10:22 a.m.53 views

PureCrypter Malware Targets Government Entities in Asia-Pacific and North America

Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader known as PureCrypter to deliver an array of information stealers and ransomware. "The PureCrypter campaign uses the domain of a compromised non-profit...

Exploits0
The Hacker News
The Hacker News
added 2022/11/24 11:17 a.m.53 views

Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws

A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker. Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022...

6.5CVSS0.3AI score0.00908EPSS
Exploits1
The Hacker News
The Hacker News
added 2022/10/29 10:25 a.m.53 views

Twilio Reveals Another Breach from the Same Hackers Behind the August Hack

Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the...

1.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/15 4:48 a.m.53 views

Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack

Tata Power Company Limited, India's largest integrated power company, on Friday confirmed it was targeted by a cyberattack. The intrusion on IT infrastructure impacted "some of its IT systems," the company said in a filing with the National Stock Exchange NSE of India. It further said it has take...

2.9AI score
Exploits0
Total number of security vulnerabilities5000