Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2025/02/25 4:10 a.m.37 views

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management PLM to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerabilities in question ar...

10CVSS8.2AI score0.99571EPSS
Exploits36
The Hacker News
The Hacker News
added 2025/02/24 4:58 p.m.33 views

New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer

Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center ASEC said it has observed a spike in the distribution volume of ACR Stealer since...

7.8CVSS7.1AI score0.66571EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/24 11:20 a.m.55 views

⚡ THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple's Data Dilemma

Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you...

9.3CVSS9.1AI score0.9951EPSS
Exploits42
The Hacker News
The Hacker News
added 2025/02/24 11:17 a.m.21 views

Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats

Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service Cloud KMS for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/24 11:17 a.m.21 views

Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense

Ransomware doesn't hit all at once—it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it's too late to stop the flood. Each stage of a ransomware...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/24 9:57 a.m.15 views

Australia Bans Kaspersky Software Over National Security and Espionage Concerns

Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/22 6:59 a.m.12 views

Bybit Confirms Record-Breaking $1.5 Billion Crypto Heist in Sophisticated Cold Wallet Attack

Cryptocurrency exchange Bybit on Friday revealed that a "sophisticated" attack led to the theft of over $1.5 billion worth of cryptocurrency from one of its Ethereum cold offline wallets, making it the largest ever single crypto heist in history. "The incident occurred when our ETH multisig cold...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/22 5:17 a.m.14 views

OpenAI Bans Accounts Misusing ChatGPT for Surveillance and Influence Campaigns

OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence AI-powered surveillance tool. The social media listening tool is said to likely originate from China and is powered by one of Meta's Llama models, with the accounts...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 4:15 p.m.17 views

Apple Drops iCloud's Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands

Apple is removing its Advanced Data Protection ADP feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 4:6 p.m.23 views

Data Leak Exposes TopSec's Role in China's Censorship-as-a-Service Operations

An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country. Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection an...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 1:3 p.m.25 views

Cybercriminals Can Now Clone Any Brand's Site in Minutes Using Darcula PhaaS v3

The threat actors behind the Darcula phishing-as-a-service PhaaS platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand's legitimate website and create a phishing version, further bringing down the technical expertise required to pull of...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 11:40 a.m.13 views

Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025

In today's rapidly evolving digital landscape, weak identity security isn't just a flaw—it's a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 11:0 a.m.17 views

AI-Powered Deception is a Menace to Our Societies

Wherever there’s been conflict in the world, propaganda has never been far away. Travel back in time to 515 BC and read the Behistun Inscription, an autobiography by Persian King Darius that discusses his rise to power. More recently, see how different newspapers report on wars, where it’s said,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/21 7:38 a.m.44 views

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies. "The threat...

10CVSS8AI score0.99571EPSS
Exploits30
The Hacker News
The Hacker News
added 2025/02/21 7:26 a.m.24 views

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

A high-severity security flaw impacting the Craft content management system CMS has been added by the U.S. Cybersecurity and Infrastructure Security Agency CISA to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability in question is...

9.3CVSS8.3AI score0.97446EPSS
Exploits10
The Hacker News
The Hacker News
added 2025/02/20 1:37 p.m.15 views

North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware

Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 11:30 a.m.6 views

DMARC for PCI DSS 4.0: A Good Practice for Securing Emails

PCI DSS 4.0 encourages the implementation of anti-phishing controls like DMARC! This highlights and reinforces the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. While not a mandate or a requirement for PCI DSS compliance, DMARC and...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 11:21 a.m.26 views

China-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed...

8.6CVSS8.8AI score0.99978EPSS
Exploits52
The Hacker News
The Hacker News
added 2025/02/20 11:21 a.m.22 views

PCI DSS 4.0 Mandates DMARC By 31st March 2025

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing i...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 11:12 a.m.14 views

Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used in the attack, jarsigner, is a file created during the installation of the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 10:0 a.m.13 views

Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now

For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchange for seamless internal and external...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 4:36 a.m.9 views

Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability

Citrix has released security updates for a high-severity security flaw impacting NetScaler Console formerly NetScaler ADM and NetScaler Agent that could lead to privilege escalation under certain conditions. The vulnerability, tracked as CVE-2024-12284 , has been given a CVSS v4 score of 8.8 out ...

8.8CVSS7.2AI score0.11919EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/20 4:29 a.m.22 views

Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below - CVE-2025-21355 CVSS score: 8.6 - Microsoft Bing Remote Code Execution Vulnerability...

8.6CVSS9AI score0.01659EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 4:59 p.m.9 views

Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is t...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 12:45 p.m.11 views

New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection

A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version of the malware has been behind over 280 million blocked infection attempts worldwide since the start of...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 11:0 a.m.11 views

The Ultimate MSP Guide to Structuring and Selling vCISO Services

The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers MSPs and Managed Security Service Providers MSSPs to offer virtual Chief Information Security Officer vCISO services—delivering high-level cybersecurity leadership without the...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 9:35 a.m.7 views

Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detect...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/19 4:48 a.m.31 views

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The flaws are listed below -...

5.9CVSS8.6AI score0.98417EPSS
Exploits22
The Hacker News
The Hacker News
added 2025/02/18 3:34 p.m.83 views

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle MitM and a denial-of-service DoS attack, respectively, under certain conditions. The vulnerabilities, detailed by the...

8.1CVSS8.1AI score0.99506EPSS
Exploits74
The Hacker News
The Hacker News
added 2025/02/18 3:9 p.m.30 views

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/18 1:0 p.m.15 views

New FrigidStealer Malware Targets macOS Users via Fake Browser Updates

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/18 12:20 p.m.13 views

Debunking the AI Hype: Inside Real Hacker Tactics

Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs' Red Report 2025 which analyzed over one million malware samples, there's been no significant surge, so far, in AI-driven attacks...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/18 12:18 p.m.22 views

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589 , the vulnerability carries a...

7.8AI score0.01434EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/18 9:52 a.m.16 views

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign

The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/18 7:4 a.m.19 views

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers MFPs that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol LDAP and SMB/FTP services. "This pass-back style attack leverages a...

7.6CVSS8.2AI score0.00923EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/18 5:26 a.m.22 views

Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code in order to stay under the radar. MageCart is the name given to a malware that's...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/17 4:30 p.m.27 views

Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. "Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,"...

7.8CVSS6.6AI score0.0658EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/17 11:36 a.m.17 views

South Korea Suspends DeepSeek AI Downloads Over Privacy Violations

South Korea has formally suspended new downloads of Chinese artificial intelligence AI chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations. Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/17 11:0 a.m.15 views

CISO's Expert Guide To CTEM And Why It Matters

Cyber threats evolve—has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management CTEM is the smart approach for proactive cybersecurity. This concise report makes a clear business case for why CTEM's comprehensive approach is the best...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/17 9:19 a.m.111 views

⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More

Welcome to this week's Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follo...

10CVSS8.7AI score0.98417EPSS
Exploits35
The Hacker News
The Hacker News
added 2025/02/17 9:4 a.m.23 views

New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations

Cybersecurity researchers have shed light on a new Golang-based backdoor that uses Telegram as a mechanism for command-and-control C2 communications. Netskope Threat Labs, which detailed the functions of the malware, described it as possibly of Russian origin. "The malware is compiled in Golang a...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/15 10:26 a.m.18 views

Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls

Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granti...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/14 6:42 p.m.17 views

New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image AMI with a specific name to gain code execution within the Amazon Web Services AWS account. "If executed at scale, this attack could be used to gain...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/14 6:28 p.m.20 views

Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks

The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/14 11:0 a.m.19 views

AI-Powered Social Engineering: Ancillary Tools and Techniques

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: 'As technology continues to evolve, so do cybercriminals'...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/14 10:27 a.m.15 views

Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts

Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024. The attacks have targeted government, non-governmental organizations NGOs, information technology IT services an...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/14 10:17 a.m.72 views

RansomHub Becomes 2024's Top Ransomware Group, Hitting 600+ Organizations Globally

The threat actors behind the RansomHub ransomware-as-a-service RaaS scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized access to a victim network's domain controller as part of their...

10CVSS8AI score0.99999EPSS
Exploits133
The Hacker News
The Hacker News
added 2025/02/14 5:3 a.m.32 views

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access PRA and Remote Support RS products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability,...

9.8CVSS9.5AI score0.95151EPSS
Exploits16
The Hacker News
The Hacker News
added 2025/02/13 3:13 p.m.19 views

Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners

A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network CDN with an aim to steal credit card information and commit financial fraud. "The attacker targets victims searching for documents on search engines, resulting in access ...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/13 2:26 p.m.22 views

North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks

A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEPDRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked...

7.9AI score
Exploits0
Total number of security vulnerabilities20926