Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2025/01/24 11:0 a.m.12 views

2025 State of SaaS Backup and Recovery Report

The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service SaaS applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/24 9:53 a.m.12 views

DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations

The U.S. Department of Justice DoJ on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology IT worker scheme that seeks to generate revenue for the Democratic People's Republic o...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/24 7:20 a.m.15 views

Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations

Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations. "When you turn on Identity Check, your device will require explicit biometric authentication to access certain...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/24 5:39 a.m.39 views

CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The medium-severity vulnerability is...

6.9CVSS7.3AI score0.99019EPSS
Exploits14
The Hacker News
The Hacker News
added 2025/01/23 3:13 p.m.29 views

Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misconfigured security features. "These weren't obscure, corner-case vulnerabilities," security vendor Eclypsium said in a report share...

8.2CVSS9AI score0.01286EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 3:0 p.m.14 views

Beware: Fake CAPTCHA Campaign Spreads Lumma Stealer in Multi-Industry Attacks

Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer. "The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 2:56 p.m.26 views

New Research: The State of Web Exposure 2025

Are your websites leaking sensitive data? New research reveals that 45% of third-party apps access user info without proper authorization, and 53% of risk exposures in Retail are due to the excessive use of tracking tools. Learn how to uncover and mitigate these hidden threats and risks—download...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 2:55 p.m.16 views

Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers

Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a "magic packet" sent by the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 2:0 p.m.12 views

Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads

An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads. The findings come from SentinelOne, which analyzed artifacts uploaded to the VirusTotal malware scannin...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 11:20 a.m.17 views

How to Eliminate Identity-Based Threats

Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches1,2. While identity-based attacks continue to dominate as the leading cause of security incidents, th...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 10:24 a.m.26 views

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access SMA 1000 Series appliances that it said has been likely exploited in the wild as a zero-day. The vulnerability, tracked as CVE-2025-23006 , is rated 9.8 out of a maximum of 10.0 on the CVSS scoring...

9.8CVSS9.8AI score0.23432EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/01/23 9:43 a.m.19 views

QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features

Cybersecurity researchers have disclosed details of a new BackConnect BC malware that has been developed by threat actors linked to the infamous QakBot loader. "BackConnect is a common feature or module utilized by threat actors to maintain persistence and perform tasks," Walmart's Cyber...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 6:21 a.m.37 views

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It...

9.9CVSS7.7AI score0.98557EPSS
Exploits3
The Hacker News
The Hacker News
added 2025/01/23 6:0 a.m.24 views

Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review

The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security DHS. "In alignment with the Department of Homeland Security's DHS commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/23 5:35 a.m.17 views

TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. "This actor engaged in a variety of threat activity, including cryptocurrency mining operations on...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/22 1:53 p.m.61 views

Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet

Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service DDoS attacks. According to QiAnXin XLab, the attacks have leveraged the security flaw since Jun...

9.8CVSS9.1AI score0.99993EPSS
Exploits28
The Hacker News
The Hacker News
added 2025/01/22 10:31 a.m.13 views

Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/22 10:30 a.m.11 views

President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison

U.S. President Donald Trump on Tuesday granted a "full and unconditional pardon" to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending more than 11 years behind bars. "I just called the mother of Ross William Ulbricht to let her know that in honor of her and the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/22 8:49 a.m.13 views

PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack

A previously undocumented China-aligned advanced persistent threat APT group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network VPN provider in 2023, according to new findings from ESET. "The attackers replaced the legitimate installer with...

8.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/22 7:25 a.m.44 views

Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products

Oracle is urging customers to apply its January 2025 Critical Patch Update CPU to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is a bug in the Oracle Agile Product Lifecycle Management PLM Framework CVE-2025-21556, CVSS score: 9.9 that...

10CVSS9.9AI score0.99654EPSS
Exploits62
The Hacker News
The Hacker News
added 2025/01/22 6:19 a.m.10 views

Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices

Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second Tbps distributed denial-of-service DDoS attack, the largest ever attack to be reported to date. The UDP protocol-based attack took place on October 29, 2024, targeting one of its...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/21 2:0 p.m.27 views

Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers

Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc Botnet. The ongoing activity "demonstrates enhanced capabilities, exploiting vulnerabilities...

8.7CVSS10AI score0.7861EPSS
Exploits7
The Hacker News
The Hacker News
added 2025/01/21 12:46 p.m.32 views

13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices. The activity "takes advantage of misconfigured DNS records to pass email protection techniques,"...

9.1CVSS8AI score0.01313EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/21 10:52 a.m.12 views

Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties

A former analyst working for the U.S. Central Intelligence Agency CIA pleaded guilty to transmitting top secret National Defense Information NDI to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity. Asif William Rahman, 34, of Vienna, wa...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/21 10:30 a.m.14 views

HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/21 5:45 a.m.7 views

PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload,...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/21 5:27 a.m.9 views

CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits

The Computer Emergency Response Team of Ukraine CERT-UA is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA added...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/20 3:8 p.m.28 views

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access ...

6.5CVSS5.8AI score0.28537EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/20 2:53 p.m.6 views

DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection

The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem meaning "organization" in Urdu and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps ...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/20 12:2 p.m.29 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]

As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper...

9.3CVSS8.6AI score0.99835EPSS
Exploits45
The Hacker News
The Hacker News
added 2025/01/20 11:10 a.m.5 views

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

Every week seems to bring news of another data breach, and it's no surprise why: securing sensitive data has become harder than ever. And it's not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/20 5:45 a.m.9 views

Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP

Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index PyPI repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below - @async-mutex/mutex, a...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/19 5:24 a.m.6 views

TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025

Popular video-sharing social network TikTok has officially gone dark in the United States, as a federal ban on the app comes into effect on January 19, 2025. "We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/18 6:6 a.m.8 views

U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon

The U.S. Treasury Department's Office of Foreign Assets Control OFAC has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/17 2:8 p.m.10 views

Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. "These switches are widely used in building and home automation systems for a varie...

9.3CVSS10AI score0.02341EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/17 1:6 p.m.9 views

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. "Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/17 10:21 a.m.10 views

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/17 10:7 a.m.6 views

U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs

The U.S. Treasury Department's Office of Foreign Assets Control OFAC sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea DPRK by dispatching IT workers around the world to obtain employment...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/17 10:7 a.m.8 views

New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass

Cybersecurity researchers have detailed a new adversary-in-the-middle AitM phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication 2FA codes since at least October 2024. The nascent phishing kit has been dubbed Sneaky 2FA by French...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/17 4:14 a.m.7 views

European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China

Austrian privacy non-profit None of Your Business noyb has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China. The advocacy group is seeking an...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/16 6:12 p.m.11 views

Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign

The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. "Star Blizzard's targets are most commonly related to government...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/16 12:25 p.m.10 views

Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action

The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/16 11:30 a.m.22 views

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024

You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the 1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. Source: Verizon. Cybersecurity budgets grew again in 2024, with organizations now spending...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/16 11:23 a.m.11 views

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits

Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface UEFI systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 CVSS score: 6.7, resides in a UEFI application signed by...

8.2CVSS9.4AI score0.01036EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/01/16 11:20 a.m.6 views

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager NTLM v1 can be trivially bypassed by a misconfiguration. "A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/16 11:15 a.m.22 views

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer

Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers hid malicious code in images they uploaded to archive.org, a file-hosting website, and used the same...

7.8CVSS8.1AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2025/01/16 6:45 a.m.21 views

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws

Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security...

6.4CVSS6.7AI score0.0063EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/16 6:39 a.m.25 views

Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager

Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager EPM, including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale...

9.9CVSS10AI score0.99835EPSS
Exploits4
The Hacker News
The Hacker News
added 2025/01/15 3:48 p.m.9 views

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. "The scheme consists of stealing as many advertiser accounts as possible by...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/15 3:37 p.m.5 views

Lazarus Group Targets Web3 Developers with Fake LinkedIn Profiles in Operation 99

The North Korea-linked Lazarus Group has been attributed to a new cyber attack campaign dubbed Operation 99 that targeted software developers looking for freelance Web3 and cryptocurrency work to deliver malware. "The campaign begins with fake recruiters, posing on platforms like LinkedIn, luring...

7.4AI score
Exploits0
Total number of security vulnerabilities20926