Lucene search
+L

20923 matches found

The Hacker News
The Hacker News
added 2025/05/06 11:25 a.m.12 views

Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches

It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report DBIR — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/06 11:5 a.m.14 views

Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks

Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data. "While these 'plug-and-play' options greatly simplify the setup process, they often prioritize ease of use over...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/06 10:0 a.m.35 views

Entra ID Data Protection: Essential or Overkill?

Microsoft Entra ID formerly Azure Active Directory is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role — managing authenticatio...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/06 5:46 a.m.18 views

Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers

Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 CVSS score: 8.1, a high-severity flaw in the System component that could lead to...

8.1CVSS8.3AI score0.26049EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/05/06 4:24 a.m.35 views

Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence

A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities KEV catalog by the U.S. Cybersecurity and Infrastructure Security Agency CISA, citing evidence of active exploitation. The vulnerability, tracked as...

9.8CVSS10AI score0.9999EPSS
Exploits33
The Hacker News
The Hacker News
added 2025/05/05 5:6 p.m.33 views

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively...

9.8CVSS8.2AI score0.031EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/05/05 4:1 p.m.29 views

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities KEV catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE-2025-34028 CV...

8.7CVSS9.8AI score0.97292EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/05/05 11:29 a.m.72 views

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

What if attackers aren't breaking in—they're already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under...

9.3CVSS9.4AI score0.97408EPSS
Exploits43
The Hacker News
The Hacker News
added 2025/05/05 11:0 a.m.15 views

Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace

Let's be honest: if you're one of the first or the first security hires at a small or midsize business, chances are you're also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. You're not running a security department. You are THE security department. You're...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/05 5:39 a.m.14 views

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/03 2:31 p.m.43 views

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system's primary disk and render it unbootable. The names of the packages are listed below - github.com/truthfulpharm/prototransfor...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/03 9:33 a.m.68 views

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure CNI entity in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage...

9.8CVSS8.8AI score0.8488EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/05/03 7:6 a.m.49 views

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

The U.S. Department of Justice DoJ on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami Khaled Ahmed of Sana'a, Yemen, has been charg...

10CVSS10AI score0.99999EPSS
Exploits22
The Hacker News
The Hacker News
added 2025/05/02 12:25 p.m.18 views

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

Ireland's Data Protection Commission DPC on Friday fined popular video-sharing platform TikTok €530 million $601 million for infringing data protection regulations in the region by transferring European users' data to China. "TikTok infringed the GDPR regarding its transfers of EEA European...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/02 10:30 a.m.17 views

How to Automate CVE and Vulnerability Advisory Response with Tines

Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform's Community Edition. A recent standout is a workflow that automates...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/02 8:57 a.m.40 views

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future's Insikt Group said in a report shared...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/02 6:40 a.m.15 views

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be 'passwordless by...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 3:47 p.m.58 views

Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers

Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name "WP-antymalwary-bot.php," comes with a variety of features to maintain access, hide itself from the admin dashboard, and execut...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 11:25 a.m.37 views

Why top SOC teams are shifting to Network Detection and Response

Security Operations Center SOC teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” i...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 11:2 a.m.30 views

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

Artificial intelligence AI company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an "influence-as-a-service" operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used i...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 9:44 a.m.14 views

New Research Reveals: 95% of AppSec Fixes Don't Reduce Risk

For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 9:27 a.m.18 views

DarkWatchman, Sheriff Malware Hit Russia and Ukraine with Stealth and Nation-Grade Tactics

Russian companies have been targeted as part of a large-scale phishing campaign that's designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnolog...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 8:11 a.m.24 views

Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach

Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. "This activity has affected a small number of customers we have in...

8.7CVSS8.6AI score0.01997EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/05/01 6:22 a.m.47 views

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models

SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access SMA appliances have been exploited in the wild. The vulnerabilities in question are listed below - CVE-2023-44221 CVSS score: 7.2 - Improper neutralization of special elements in the SMA100 SSL-VP...

9.1CVSS9.9AI score0.99957EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/04/30 3:59 p.m.19 views

Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense

As the field of artificial intelligence AI continues to evolve at a rapid pace, fresh research has found how techniques that render the Model Context Protocol MCP susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new repo...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 11:26 a.m.13 views

[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats

How Many Gaps Are Hiding in Your Identity System? It's not just about logins anymore. Today's attackers don't need to "hack" in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 11:5 a.m.26 views

Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool

A China-aligned advanced persistent threat APT group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle AitM attacks. "Spellbinder enables adversary-in-the-middle AitM attacks, through IPv6 stateless address autoconfiguratio...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 10:24 a.m.14 views

Customer Account Takeovers: The Multi-Billion Dollar Problem You Don't Know About

Everyone has cybersecurity stories involving family members. Here's a relatively common one. The conversation usually goes something like this: "The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my show...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 10:20 a.m.57 views

Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks

Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan known as RomCom RAT since mid-2022. RomCom "employs advanced evasion techniques, including living-off-the-land LOTL tactics and encrypted command a...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 10:15 a.m.23 views

RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control

Cybersecurity researchers have revealed that RansomHub's online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service RaaS operation. Singaporean cybersecurity company Group-IB said that this may have caused affiliat...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 7:8 a.m.20 views

Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code

Meta on Tuesday announced LlamaFirewall , an open-source framework designed to secure artificial intelligence AI systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/30 4:45 a.m.20 views

Indian Court Orders Action to Block Proton Mail Over AI Deepfake Abuse Allegations

A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pvt Ltd in January...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 5:22 p.m.13 views

WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy

Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence AI capabilities in a privacy-preserving manner. "Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 4:18 p.m.16 views

New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems

Various generative artificial intelligence GenAI services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 1:7 p.m.43 views

SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients

Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. "We first became aware of this threat cluster during a 2024 intrusion conducted against an...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 11:0 a.m.13 views

Product Walkthrough: Securing Microsoft Copilot with Reco

Find out how Reco keeps Microsoft 365 Copilot safe by spotting risky prompts, protecting data, managing user access, and identifying threats - all while keeping productivity high. Microsoft 365 Copilot promises to boost productivity by turning natural language prompts into actions. Employees can...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 10:11 a.m.62 views

Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products

Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023 but an increase from 63 the year before. Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances...

9.8CVSS8.5AI score0.99999EPSS
Exploits44
The Hacker News
The Hacker News
added 2025/04/29 5:43 a.m.27 views

Malware Attack Targets World Uyghur Congress Leaders via Trojanized UyghurEdit++ Tool

In a new campaign detected in March 2025, senior members of the World Uyghur Congress WUC living in exile have been targeted by a Windows-based malware that's capable of conducting surveillance. The spear-phishing campaign involved the use of a trojanized version of a legitimate open-source word...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/29 4:21 a.m.42 views

CISA Adds Actively Exploited Broadcom and Commvault Flaws to KEV Database

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added two high-severity security flaws impacting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerabilities...

8.7CVSS8.4AI score0.01997EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/04/28 12:18 p.m.130 views

⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More

What happens when cybercriminals no longer need deep skills to breach your defenses? Today's attackers are armed with powerful tools that do the heavy lifting — from AI-powered phishing kits to large botnets ready to strike. And they're not just after big corporations. Anyone can be a target when...

9.3CVSS9.4AI score0.9999EPSS
Exploits75
The Hacker News
The Hacker News
added 2025/04/28 11:0 a.m.30 views

How Breaches Start: Breaking Down 5 Real Vulns

Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities, uncovered by Intruder's bug-hunting team, reveal how attackers turn overlooked flaws into serious security...

7.8CVSS8.2AI score0.99981EPSS
Exploits39
The Hacker News
The Hacker News
added 2025/04/28 9:7 a.m.26 views

Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools

Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat APT group called Earth Kurma since June 2024. The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/28 8:6 a.m.17 views

WooCommerce Users Targeted by Fake Patch Phishing Campaign Deploying Site Backdoors

Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor instead. WordPress security company Patchstack described the activity as sophisticated and a variant ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/28 7:13 a.m.35 views

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities -...

10CVSS9.1AI score0.99829EPSS
Exploits16
The Hacker News
The Hacker News
added 2025/04/27 5:2 a.m.75 views

Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers

Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves the use of AzureChecker.exe, a Command Line Interface CLI tool that is being used by a wide range of...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/26 10:38 a.m.36 views

ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion

Cybersecurity researchers have detailed the activities of an initial access broker IAB dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/25 2:5 p.m.28 views

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry – BlockNovas LLC...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/25 10:41 a.m.50 views

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote...

10CVSS9.4AI score0.99406EPSS
Exploits21
The Hacker News
The Hacker News
added 2025/04/25 10:30 a.m.13 views

Why NHIs Are Security's Most Dangerous Blind Spot

When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities NHIs. At the top...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/25 8:57 a.m.16 views

Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by...

6.9CVSS7.4AI score0.01142EPSS
Exploits2
Total number of security vulnerabilities20923