Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2025/02/13 12:25 p.m.11 views

Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other? We invite you to our upcoming webinar, "Opening the Fast Lane for Secur...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/13 11:58 a.m.28 views

RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an...

5.9CVSS9AI score0.99698EPSS
Exploits43
The Hacker News
The Hacker News
added 2025/02/13 11:0 a.m.16 views

AI and Security - A New Puzzle to Figure Out

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a chat interface, intelligently analyzing data or matching user preferences. No question AI...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/13 9:39 a.m.69 views

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108 , carries a CVSS score of 7.8 out of 10.0. The score, however, drops to 5.1 if access to the management interface is...

7.5CVSS10AI score0.98417EPSS
Exploits22
The Hacker News
The Hacker News
added 2025/02/13 9:11 a.m.11 views

FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux

Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster i...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/12 5:2 p.m.48 views

Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries

A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe. "This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enabl...

10CVSS10AI score0.99999EPSS
Exploits85
The Hacker News
The Hacker News
added 2025/02/12 2:4 p.m.22 views

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation protections and gain complete access to the underlying host. The new vulnerability is being tracked as...

9CVSS8.4AI score0.37055EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/02/12 11:20 a.m.28 views

How to Steer AI Adoption: A CISO Guide

CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren't many resources to guide them on what their role should look like or what they should bring to these meetings. We've pulled together a framework for security leaders ...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/12 10:43 a.m.30 views

North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack

The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them. "To execute this tactic, the threat actor masquerades a...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/12 9:38 a.m.88 views

Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation

Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild. Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rat...

9CVSS9AI score0.51865EPSS
Exploits17
The Hacker News
The Hacker News
added 2025/02/12 5:57 a.m.39 views

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now

Ivanti has released security updates to address multiple security flaws impacting Connect Secure ICS, Policy Secure IPS, and Cloud Services Application CSA that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 CVSS score: 9.1 - External...

9.9CVSS9.3AI score0.99971EPSS
Exploits22
The Hacker News
The Hacker News
added 2025/02/11 3:13 p.m.16 views

Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification

Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/11 1:30 p.m.18 views

4 Ways to Keep MFA From Becoming too Much of a Good Thing

Multi-factor authentication MFA has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it's undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/11 11:52 a.m.23 views

Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions

Progress Software has addressed multiple high-severity security flaws in its LoadMaster software that could be exploited by malicious actors to execute arbitrary system commands or download any file from the system. Kemp LoadMaster is a high-performance application delivery controller ADC and loa...

8.4CVSS9.1AI score0.06337EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/11 11:25 a.m.18 views

Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks

Gcore's latest DDoS Radar report analyzes attack data from Q3–Q4 2024, revealing a 56% YoY rise in the total number of DDoS attacks with the largest attack peaking at a record 2 Tbps. The financial services sector saw the most dramatic increase, with a 117% rise in attacks, while gaming remained...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/11 11:16 a.m.48 views

Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update

Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild. Assigned the CVE identifier CVE-2025-24200 CVSS score: 4.6, the vulnerability has been described as an authorization issue that could make it possible fo...

7.8CVSS6.1AI score0.18668EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/02/11 10:7 a.m.19 views

Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/11 9:55 a.m.21 views

Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks

Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025. NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim's host, allowing...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/11 7:3 a.m.15 views

FBI, Europol, and NCA Take Down 8Base Ransomware Data Leak and Negotiation Sites

--- Source: The Nation A coordinated law enforcement operation has taken down the dark web data leak and negotiation sites associated with the 8Base ransomware gang. Visitors to the data leak site are now greeted with a seizure banner that says: "This hidden site and the criminal content have bee...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/10 3:16 p.m.13 views

Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores

Threat actors have been observed leveraging Google Tag Manager GTM to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/10 12:13 p.m.71 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [10 February]

In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket—each one seems minor until it becomes the entry point for an attack. This week, we've seen cybercriminals turn overlooked weaknesses into...

8.6CVSS7.8AI score0.95151EPSS
Exploits21
The Hacker News
The Hacker News
added 2025/02/10 11:0 a.m.16 views

Don't Overlook These 6 Critical Okta Security Configurations

Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six key Okta security settings that provide a strong starting point, along with recommendations for implementing continuous monitoring of your Okta security posture. With...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/10 9:44 a.m.19 views

DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects

Threat actors have been observed targeting Internet Information Services IIS servers in Asia as part of a search engine optimization SEO manipulation campaign designed to install BadIIS malware. "It is likely that the campaign is financially motivated since redirecting users to illegal gambling...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/10 9:9 a.m.48 views

Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities

Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploited, could result in information disclosure under certain conditions. The vulnerability, tracked as CVE-2025-25064, carries a CVSS score of 9.8 out of a maximum of 10....

9.8CVSS9.4AI score0.36726EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/10 5:14 a.m.68 views

XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and web shells, and maintain persistent remote access to compromised systems. The zero-day exploitation o...

9.9CVSS9.5AI score0.99737EPSS
Exploits52
The Hacker News
The Hacker News
added 2025/02/08 6:17 a.m.19 views

Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

Cybersecurity researchers have uncovered two malicious machine learning ML models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection. "The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning...

8.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/07 2:58 p.m.21 views

DeepSeek App Transmits Sensitive User and Device Data Without Encryption

A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks. The assessment comes from NowSecure, which also...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/07 12:52 p.m.29 views

CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 CVSS v4 score: 8.6, a deserialization of...

8.6CVSS9.1AI score0.31309EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/07 11:10 a.m.18 views

AI-Powered Social Engineering: Reinvented Threats

The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It's the vectors – how these techniques are deployed – that are evolving. And like most industries these days, AI is accelerating its evolution. This article explores how these chang...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/07 11:1 a.m.25 views

Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks

Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited...

8.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/07 10:32 a.m.17 views

India's RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud

India's central bank, the Reserve Bank of India RBI, said it's introducing an exclusive "bank.in" internet domain for banks in the country to combat digital financial fraud. "This initiative aims to reduce cyber security threats and malicious activities like phishing; and, streamline secure...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/07 5:19 a.m.39 views

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware

Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management RMM software as a precursor for what appears to be a ransomware attack. The intrusion leveraged the now-patched vulnerabilities to gain initial access and maintain...

9.9CVSS8.3AI score0.95151EPSS
Exploits2
The Hacker News
The Hacker News
added 2025/02/06 2:34 p.m.17 views

Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking

Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/06 2:3 p.m.15 views

Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023

Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023. The total amount extorted during the first half of 2024 stood at $459.8 million, blockchain intelligence firm Chainalysis said, adding payment activity slumped after July 2024 by...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/06 11:32 a.m.29 views

SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images

A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to steal victims' mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition OCR model to exfiltrate select images...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/06 11:20 a.m.17 views

The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025

Privileged Access Management PAM has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical necessity to a critical pillar in leadership agendas. With the PAM market projected to reach $42.96 billion by 2037 according to Research Nester, organizations invest heavil...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/06 11:5 a.m.21 views

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center ASEC. The attacks commence with phishing emails...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/06 11:0 a.m.20 views

Top 3 Ransomware Threats Active in 2025

You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: "Pay $2 million in Bitcoin within 48 hours or lose everything." And the worst part is that even after paying, there's no guarantee you'll ge...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/06 7:40 a.m.44 views

Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc

Cisco has released updates to address two critical security flaws Identity Services Engine ISE that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below - CVE-2025-20124 CVSS score: 9.9 - An insecure Java...

9.9CVSS8.7AI score0.18476EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/02/05 2:55 p.m.14 views

Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign

The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems. According to cybersecurity company Bitdefender, the scam...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/05 1:3 p.m.21 views

Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts

Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover ATO attacks on Microsoft 365 environments. Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/05 12:46 p.m.17 views

Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks

A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. "This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/05 12:16 p.m.29 views

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114 , carries a CVSS score of 9.0 out of 10.0. "A vulnerability within the Veeam...

9CVSS7.5AI score0.00626EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/02/05 11:0 a.m.20 views

Navigating the Future: Key IT Vulnerability Management Trends 

As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers MSPs and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/05 9:40 a.m.23 views

AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks

A malware campaign has been observed delivering a remote access trojan RAT named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan RAT that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs...

6.5CVSS8AI score0.1337EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/02/05 5:5 a.m.26 views

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-45195 CVSS score: 7.5/9.8 - A forced...

9.8CVSS8.7AI score0.99983EPSS
Exploits13
The Hacker News
The Hacker News
added 2025/02/04 2:16 p.m.13 views

Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access

Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/04 12:28 p.m.24 views

Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 CVSS score: 7.0, allows remote attackers to circumvent mark-of-the-web MotW protections and execute arbitrary code in the context of the curre...

7CVSS7.1AI score0.67071EPSS
Exploits8
The Hacker News
The Hacker News
added 2025/02/04 12:11 p.m.18 views

North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS

The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process. "Targets are typically asked to communicate with an interviewer through a link that throws a...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/04 11:0 a.m.17 views

Watch Out For These 8 Cloud Security Shifts in 2025

As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could...

7.3AI score
Exploits0
Total number of security vulnerabilities20926