Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2025/01/15 1:32 p.m.5 views

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/15 12:26 p.m.7 views

Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. "Attackers can take control of a malicious server and read/write arbitrary files of any connected...

9.8CVSS10AI score0.72059EPSS
Exploits8
The Hacker News
The Hacker News
added 2025/01/15 11:30 a.m.7 views

The High-Stakes Disconnect For ICS/OT Security

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn't just ineffective—it's high risk. In the rapidly evolving domain of cybersecurity, the specific challenges and needs for Industrial Control Systems ICS...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/15 6:14 a.m.9 views

FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation

The U.S. Department of Justice DoJ on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation FBI to delete PlugX malware from over 4,250 infected computers as part of a "multi-month law enforcement operation." PlugX, also known as Korplug, is a remote acce...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/15 5:15 a.m.40 views

3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update

Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks. Of the 161 flaws, 11 are rated Critical and 149 are rated Important in severity. One other flaw, a...

9.8CVSS10AI score0.80912EPSS
Exploits13
The Hacker News
The Hacker News
added 2025/01/15 5:10 a.m.23 views

Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks

Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution. Horizon3.ai researcher Naveen Sunkavally, in a technical report detailing the findings, said the...

9.9CVSS10AI score0.95151EPSS
Exploits2
The Hacker News
The Hacker News
added 2025/01/14 4:53 p.m.23 views

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection SIP and install malicious kernel drivers by loading third-party kernel...

6CVSS8.8AI score0.10352EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/01/14 4:38 p.m.10 views

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

New research has pulled back the curtain on a "deficiency" in Google's "Sign in with Google" authentication flow that exploits a quirk in domain ownership to gain access to sensitive data. "Google's OAuth login doesn't protect against someone purchasing a failed startup's domain and using it to...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/14 10:8 a.m.7 views

4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect thi...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/14 9:29 a.m.9 views

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated. The figures, released by blockchain analytics...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/14 9:13 a.m.23 views

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VP...

9.8CVSS9.7AI score0.98259EPSS
Exploits9
The Hacker News
The Hacker News
added 2025/01/14 9:10 a.m.8 views

Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware

Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin's efforts to gather economic and political intelligence in Central Asia. The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063 , which...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/14 3:21 a.m.16 views

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access PRA and Remote Support RS products to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

9.9CVSS10AI score0.87991EPSS
Exploits8
The Hacker News
The Hacker News
added 2025/01/13 1:33 p.m.15 views

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it's currently responding to "multiple incidents" involving the...

10CVSS10AI score0.98545EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/01/13 12:5 p.m.70 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to...

9.3CVSS10AI score0.99971EPSS
Exploits25
The Hacker News
The Hacker News
added 2025/01/13 11:30 a.m.7 views

Ransomware on ESXi: The Mechanization of Virtualized Attacks

In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet according to Shodan, the operational and business impact of these attacks is profound...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/13 6:40 a.m.10 views

WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables

Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system CMS. "This credit card skimmer malware targeting WordPre...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/13 6:1 a.m.6 views

Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems

No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain. Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/11 7:54 a.m.6 views

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation

Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence AI services and produce offensive and harmful content...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/11 6:45 a.m.8 views

DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

The U.S. Department of Justice DoJ on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination wi...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/10 3:39 p.m.15 views

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio APE decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 CVSS score: 8.1, affects Samsung devices running Android versions 12, 13, a...

8.1CVSS7.8AI score0.00957EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/10 11:59 a.m.9 views

Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs

Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers vCISOs. While reporting is seen as a requirement for tracking cybersecurity progress, it often...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/10 11:58 a.m.9 views

AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics

Cybersecurity researchers have shed light on a nascent artificial intelligence AI assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date. "The group uses double extortion tactics, combining data theft with encryption to pressure...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/10 10:22 a.m.7 views

Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity

Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/10 9:31 a.m.8 views

RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns

Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. "The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/10 9:9 a.m.16 views

CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer

Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that's disguised as an employee CRM application as part of a supposed recruitment process. "The attack begins with a phishing email impersonating CrowdStrike...

7.5CVSS9.6AI score0.83642EPSS
Exploits6
The Hacker News
The Hacker News
added 2025/01/09 5:29 p.m.28 views

Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers

Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. "Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool...

9.2CVSS10AI score0.98545EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/01/09 1:40 p.m.9 views

New Banshee Stealer Variant Bypasses Antivirus with Apple's XProtect-Inspired Encryption

Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. "Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple's XProtect," Check...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/09 11:55 a.m.8 views

Product Walkthrough: How Reco Discovers Shadow AI in SaaS

As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI. Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist wit...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/09 10:44 a.m.9 views

MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan

Japan's National Police Agency NPA and National Center of Incident Readiness and Strategy for Cybersecurity NCSC accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019. The...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/09 10:44 a.m.10 views

Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

Ransomware isn't slowing down—it's getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection. The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/09 9:35 a.m.16 views

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection

Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution RCE. The vulnerability in question, CVE-2024-52875 , refers to a carriage return...

9.5AI score0.29116EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/01/09 7:13 a.m.19 views

Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure

Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 CVSS score: 9.0, a stack-based buffer overflow that...

9CVSS9.9AI score0.99971EPSS
Exploits13
The Hacker News
The Hacker News
added 2025/01/09 7:13 a.m.9 views

E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws

The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc's own data privacy regulations. The development marks the first time the Commission has bee...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/08 6:9 p.m.3 views

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections

Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/08 1:37 p.m.9 views

Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques

Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. "The NonEuclid remote access trojan RAT, developed in C, is a highly sophisticated malware offering unauthorised remote access with...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/08 11:2 a.m.23 views

Top 5 Malware Threats to Prepare Against in 2025

2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its...

7.8CVSS8.5AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
added 2025/01/08 10:29 a.m.23 views

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks

A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service DDoS attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the...

9.8CVSS9.7AI score0.99988EPSS
Exploits87
The Hacker News
The Hacker News
added 2025/01/08 9:56 a.m.8 views

FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance

The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things IoT consumer devices. "IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission FCC said. "Under thi...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/08 4:21 a.m.24 views

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-41713 CV...

9.8CVSS9.8AI score0.98067EPSS
Exploits14
The Hacker News
The Hacker News
added 2025/01/07 2:22 p.m.12 views

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. "The Illumina iSeq 100 used a very outdated...

10CVSS7.9AI score0.01812EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/07 11:50 a.m.8 views

Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year

It's time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/07 9:46 a.m.16 views

New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities

Internet service providers ISPs and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE aka Thumtais comes fitted with various components that allow the backdoor to deploy additional payloads, enumerat...

9.1CVSS10AI score0.99999EPSS
Exploits63
The Hacker News
The Hacker News
added 2025/01/07 8:43 a.m.5 views

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/07 7:44 a.m.12 views

Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers

Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution. The list of vulnerabilities is as follows - CVE-2024-9138 CVSS 4.0 score: 8.6 - A hard-coded...

9.3CVSS8.1AI score0.01777EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/06 2:26 p.m.8 views

India Proposes Digital Data Rules with Tough Penalties and Cybersecurity Requirements

The Indian government has published a draft version of the Digital Personal Data Protection DPDP Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau PIB sa...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/06 12:5 p.m.34 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]

Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been...

9.3CVSS9.3AI score0.83642EPSS
Exploits10
The Hacker News
The Hacker News
added 2025/01/06 11:30 a.m.10 views

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second just in Entra ID—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses source: Microsoft Digital Defense Report 2024. SaaS attacks are increasing, with hackers ofte...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/06 11:10 a.m.10 views

FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices

An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake 'Telegram Premium' app, it is distributed through a...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/06 9:28 a.m.8 views

Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages

Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation's Hardhat tool in order to steal sensitive data from developer systems. "By exploiting trust in open source plugins, attackers have infiltrated these...

7.4AI score
Exploits0
Total number of security vulnerabilities20926