Lucene search
+L

20921 matches found

The Hacker News
The Hacker News
added 2025/05/27 7:11 a.m.15 views

Hackers Are Calling Your Office: FBI Alerts Law Firms to Luna Moth's Stealth Phishing Campaign

The U.S. Federal Bureau of Investigation FBI has warned of social engineering attacks mounted by a criminal extortion actor known as Luna Moth targeting law firms over the past two years. The campaign leverages "information technology IT themed social engineering calls, and callback phishing...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/27 6:54 a.m.33 views

Russia-Linked Hackers Target Tajikistan Government with Weaponized Word Documents

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor's previously documented use of an HTML Application .HTA load...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/26 2:17 p.m.32 views

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under three different accounts, come with an install‑time...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/26 11:25 a.m.12 views

CISO's Guide To Web Privacy Validation And Why It's Important

Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO's guide provides a practical roadmap for continuous web privacy validation that's aligned with real-world practices. – Download the full guide here. Web Privacy: From Legal Requirement to Business...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/26 9:23 a.m.175 views

⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs

Cyber threats don't show up one at a time anymore. They're layered, planned, and often stay hidden until it's too late. For cybersecurity teams, the key isn't just reacting to alerts—it's spotting early signs of trouble before they become real threats. This update is designed to deliver clear,...

10CVSS8.1AI score0.99899EPSS
Exploits32
The Hacker News
The Hacker News
added 2025/05/25 7:36 a.m.31 views

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 5:24 p.m.35 views

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

The malware known as Latrodectus has become the latest to embrace the widely-used social engineering technique called ClickFix as a distribution vector. "The ClickFix technique is particularly risky because it allows the malware to execute in memory rather than being written to disk," Expel said ...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 12:49 p.m.36 views

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

Cybersecurity researchers have disclosed that a threat actor codenamed ViciousTrap has compromised nearly 5,300 unique network edge devices across 84 countries and turned them into a honeypot-like network. The threat actor has been observed exploiting a critical security flaw impacting Cisco Smal...

7.2CVSS7.2AI score0.54107EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 10:45 a.m.20 views

300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide

As part of the latest "season" of Operation Endgame, a coalition of law enforcement agencies have taken down about 300 servers worldwide, neutralized 650 domains, and issued arrest warrants against 20 targets. Operation Endgame, first launched in May 2024, is an ongoing law enforcement operation...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 10:30 a.m.70 views

SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall WAF on GitHub, with over 16.4K stars and a rapidly...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 7:3 a.m.10 views

U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation

The U.S. Department of Justice DoJ on Thursday announced the disruption of the online infrastructure associated with DanaBotaka DanaTools and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 5:16 a.m.19 views

CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday revealed that Commvault is monitoring cyber threat activity targeting applications hosted in their Microsoft Azure cloud environment. "Threat actors may have accessed client secrets for Commvault's Metallic Microsoft 365...

8.7CVSS7.2AI score0.01997EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/05/23 4:34 a.m.22 views

GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab's artificial intelligence AI assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/22 3:6 p.m.14 views

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a...

5.3CVSS9.5AI score0.01062EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/05/22 12:35 p.m.32 views

Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory AD. "The attack exploits the delegated Managed Service Account dMSA feature that was introduced in Windows Server 2025, works with the default...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/22 12:7 p.m.37 views

Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile EPMM software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, tracked as CVE-2025-4427 CVSS score:...

10CVSS9.7AI score0.99899EPSS
Exploits28
The Hacker News
The Hacker News
added 2025/05/22 11:25 a.m.18 views

Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program

It's not enough to be secure. In today's legal climate, you need to prove it. Whether you're protecting a small company or managing compliance across a global enterprise, one thing is clear: cybersecurity can no longer be left to guesswork, vague frameworks, or best-effort intentions. Regulators...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/22 11:11 a.m.14 views

Identity Security Has an Automation Problem—And It's Bigger Than You Think

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than ...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/22 11:6 a.m.45 views

Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched...

10CVSS8.3AI score0.83479EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/05/22 8:24 a.m.21 views

FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma aka LummaC or LummaC2, seizing 2,300 domains that acted as the command-and-control C2...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 6:6 p.m.53 views

Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics

Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 aka BlueDelta, Fancy Bear, or Forest Blizzard, which is linked to the Russian General...

9.8CVSS8.4AI score0.97798EPSS
Exploits69
The Hacker News
The Hacker News
added 2025/05/21 1:10 p.m.35 views

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. "The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 12:15 p.m.19 views

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into downloading malware. Kling AI is an artificial intelligence AI-powered platform to synthesize images and...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 11:25 a.m.23 views

Securing CI/CD workflows with Wazuh

Continuous Integration and Continuous Delivery/Deployment CI/CD refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 10:30 a.m.16 views

How to Detect Phishing Attacks Faster: Tycoon2FA Example

It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats can lead to credential theft, unauthorized access, and even full-scale breaches. As phishing technique...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 9:1 a.m.18 views

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App PWA scam. "While the payload itself is nothing new yet another adult gambling scam, the delivery method...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/21 7:11 a.m.10 views

Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click

Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised. "When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 3:53 p.m.20 views

Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery

A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System DNS records. The hijacked domains are then used to host URLs...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 3:1 p.m.26 views

100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. "The actor creates websites...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 12:42 p.m.43 views

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Cybersecurity researchers have discovered risky default identity and access management IAM roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "These roles, often...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 11:0 a.m.17 views

The Crowded Battle: Key Insights from the 2025 State of Pentesting Report

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises 200 from within the USA to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have ...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 10:57 a.m.41 views

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. "The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries...

7.8CVSS8.2AI score0.99945EPSS
Exploits62
The Hacker News
The Hacker News
added 2025/05/20 9:32 a.m.61 views

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group's intrusions targeting the...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 8:25 a.m.54 views

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs. "RedisRaider aggressively scans randomized portions of the IPv4 space and uses...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/20 5:49 a.m.38 views

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index PyPI repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/19 3:48 p.m.117 views

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/19 2:38 p.m.37 views

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. "Skitnet has been sold on underground forums like RAMP since April 2024," Swiss cybersecurity company PRODAFT told T...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/19 11:0 a.m.29 views

Why CTEM is the Winning Bet for CISOs in 2025

Continuous Threat Exposure Management CTEM has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today's cybersecurity programs by continuously aligning security efforts with real-world risk. At the heart ...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/19 10:37 a.m.23 views

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below -...

7.1AI score0.08917EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/05/19 10:0 a.m.59 views

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More

Cybersecurity leaders aren't just dealing with attacks—they're also protecting trust, keeping systems running, and maintaining their organization's reputation. This week's developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing...

9.4CVSS7.9AI score0.99899EPSS
Exploits37
The Hacker News
The Hacker News
added 2025/05/17 4:7 a.m.13 views

[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don't wait. They exploit vulnerabilities...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/16 11:37 a.m.34 views

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. "Over the past few months, it has expanded aggressively, continuously...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/16 10:30 a.m.14 views

Top 10 Best Practices for Effective Data Protection

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/16 9:8 a.m.22 views

Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability,...

6.8CVSS6.9AI score0.00371EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/05/16 7:56 a.m.18 views

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents," Qualys...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/15 4:45 p.m.15 views

Noyb Threatens Meta with Lawsuit for Violating GDPR to Train AI on E.U. User Data From May 27

Austrian privacy non-profit noyb none of your business has sent Meta's Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users' data for training its artificial intelligence AI models without an explicit opt-in...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/15 2:28 p.m.27 views

Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. "Criminals targeted our customer support agents overseas," the company said in a statement. "They used cash offers to convince a small group ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/15 11:25 a.m.17 views

Pen Testing for Compliance Only? It's Time to Change Your Approach

Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gainin...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/15 10:43 a.m.54 views

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 CVSS score: 4.3, has been characterized as a case of insufficient policy...

8.3CVSS4.2AI score0.08404EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/05/15 10:30 a.m.24 views

5 BCDR Essentials for Effective Ransomware Defense

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks. In a chilling example, Microsoft recently...

7.2AI score
Exploits0
Total number of security vulnerabilities20921