Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2025/01/04 2:29 p.m.22 views

Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution

A high-severity security flaw has been disclosed in ProjectDiscovery's Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS sco...

7.8CVSS9.6AI score0.01118EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/01/04 7:52 a.m.7 views

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google's Mandiant Managed Defense team,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/04 7:30 a.m.7 views

U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns

The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims. These attacks have been publicly attributed...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/03 11:14 a.m.13 views

New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%

Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model's LLM safety guardrails and produce potentially harmful or malicious responses. The multi-turn aka many-shot attack strategy has been codenamed Bad Likert Judge by Palo Alt...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/03 8:16 a.m.30 views

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

A proof-of-concept PoC exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol LDAP that could trigger a denial-of-service DoS condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 CVSS score: 7.5. It was addressed ...

9.8CVSS9.3AI score0.83642EPSS
Exploits8
The Hacker News
The Hacker News
added 2025/01/03 6:49 a.m.7 views

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Microsoft has announced that it's making an "unexpected change" to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. "We expect that most users will not be directly affected, however, it is critical that you validate i...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/03 5:43 a.m.7 views

Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations

Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voice-activated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.-based individuals current or former owners...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/02 12:53 p.m.5 views

Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API

Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings resid...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/02 10:53 a.m.7 views

Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them

In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/02 7:45 a.m.7 views

Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems. The heavily...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/02 7:25 a.m.3 views

Three Russian-German Nationals Charged with Espionage for Russian Secret Service

German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused of working for a foreign secret service. Dieter S. is also alleged to have participated in sabotage...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/01 1:24 p.m.7 views

New "DoubleClickjacking" Exploit Bypasses Clickjacking Protections on Major Websites

Threat hunters have disclosed a new "widespread timing-based vulnerability class" that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2025/01/01 9:59 a.m.6 views

Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics

The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024 presidential election. The federal agency said the entities – a subordinate organization of Iran's Islam...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/31 11:26 a.m.8 views

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

The U.S. Department of Justice DoJ has issued a final rule carrying out Executive Order EO 14117, which prevents mass transfer of citizens' personal data to countries of concern such as China including Hong Kong and Macau, Cuba, Iran, North Korea, Russia, and Venezuela. "This final rule is a...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/31 5:42 a.m.18 views

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents

The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. "On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust,...

9.8CVSS9.7AI score0.87991EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/12/31 4:35 a.m.8 views

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation

Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/30 12:43 p.m.9 views

New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits

The United States Department of Health and Human Services' HHS Office for Civil Rights OCR has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/30 12:15 p.m.24 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [30 Dec]

Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and...

10CVSS8.8AI score0.82192EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/12/30 10:40 a.m.7 views

When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions

News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/29 5:54 p.m.11 views

Dozens of Chrome Extensions Hacked, Exposing Millions of Users to Data Theft

A new attack campaign has targeted known Chrome browser extensions, leading to at least 35 extensions being compromised and exposing over 2.6 million users to data exposure and credential theft. The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign a...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/28 6:25 a.m.14 views

15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials

A high-severity flaw impacting select Four-Faith industrial routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 CVSS score: 7.2, has been described as an operating system OS command injection bug affecting...

7.2CVSS9.9AI score0.82192EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/12/27 5:42 p.m.6 views

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview aka DeceptiveDevelopment refers to a persistent attack campaign that employs social engineering lures, with the hacking crew...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/27 11:10 a.m.23 views

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in...

7.8CVSS8AI score0.99945EPSS
Exploits36
The Hacker News
The Hacker News
added 2024/12/27 7:34 a.m.16 views

Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately

Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service DoS condition on susceptible devices. The flaw, tracked as CVE-2024-3393 CVSS score: 8.7, impacts PAN-OS versions 10.X and 11.X, as well as Prisma Access running PAN-OS...

7.1CVSS9.2AI score0.26636EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/27 7:11 a.m.14 views

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten aka Tsunami variant called CAPSAICIN. "These botnets are frequently spread through documented D-Link...

9.8CVSS7.5AI score0.97101EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/12/27 6:46 a.m.23 views

Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization

The Apache Software Foundation ASF has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046 , the vulnerability carries a CVSS score of 10.0. It...

10CVSS10AI score0.78198EPSS
Exploits29
The Hacker News
The Hacker News
added 2024/12/26 2:42 p.m.5 views

Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts

A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company's network in March 2020. Junior Barros De Oliveira , 29, of Curitiba, Brazil has been charged with four counts of extortionate threats involving information obtaine...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/25 1:45 p.m.24 views

Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks

Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices,"...

9.3CVSS10AI score0.00691EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/25 1:30 p.m.19 views

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

The Apache Software Foundation ASF has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language SQL commands in the database. The SQL injection vulnerability, tracked as...

9.9CVSS9.9AI score0.69651EPSS
Exploits13
The Hacker News
The Hacker News
added 2024/12/25 10:24 a.m.7 views

Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP , said it discovered the artifact as part of a "recent" investigation into ...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/24 1:22 p.m.11 views

Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts

Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index PyPI repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/24 9:40 a.m.6 views

North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin

Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024 to North Korean cyber actors. "The theft is affiliated with TraderTraitor threat activity, which is also tracked as Jade Sleet, UNC4899, and Sl...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/24 9:25 a.m.22 views

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation in the wild. The vulnerability in question is...

8.1CVSS8.2AI score0.17578EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/24 6:6 a.m.24 views

Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks

The Apache Software Foundation ASF has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution RCE under certain conditions. The vulnerability, tracked as CVE-2024-56337, has been described as an incomplete mitigati...

9.9CVSS8.4AI score0.44312EPSS
Exploits13
The Hacker News
The Hacker News
added 2024/12/23 1:48 p.m.7 views

AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case

Cybersecurity researchers have found that it's possible to use large language models LLMs to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. "Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/23 12:14 p.m.34 views

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips

The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals are always changing how they attack, and we need to keep up. Hackers are using everyday tools in harmful...

9.3CVSS9.9AI score0.97591EPSS
Exploits27
The Hacker News
The Hacker News
added 2024/12/23 11:21 a.m.7 views

Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service

An interruption to the phishing-as-a-service PhaaS toolkit called Rockstar 2FA has led to a rapid uptick in activity from another nascent offering named FlowerStorm. "It appears that the Rockstar2FA group running the service experienced at least a partial collapse of its infrastructure, with page...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/23 9:37 a.m.7 views

Top 10 Cybersecurity Trends to Expect in 2025

The 2025 cybersecurity landscape is increasingly complex, driven by sophisticated cyber threats, increased regulation, and rapidly evolving technology. In 2025, organizations will be challenged with protecting sensitive information for their customers while continuing to provide seamless and easy...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/23 9:20 a.m.15 views

U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case

Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of California ruled in favor of the messaging giant for exploiting a security vulnerability to deliver Pegasus. "The limited...

9.8CVSS9.6AI score0.39166EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/23 6:42 a.m.9 views

Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million $15.66 million over how the generative artificial intelligence application handles personal data. The fine comes nearly a year after the Garante found that ChatGPT processed users' information to train its...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/21 9:22 a.m.5 views

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages

A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service RaaS operation since its inception in or around 2019 through at least February 2024. Rostislav Panev , 51, was arrested in Israel earlier...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/20 10:44 a.m.6 views

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea DPRK, has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/20 8:39 a.m.7 views

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/20 8:13 a.m.18 views

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the...

9.8CVSS10AI score0.42164EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/12/20 6:25 a.m.22 views

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 CVSS score: 9.3, an SQL injection bu...

9.8CVSS9.8AI score0.97591EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/12/20 4:30 a.m.17 views

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access PRA and Remote Support RS products to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

9.8CVSS10AI score0.87991EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/12/19 1:56 p.m.5 views

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescripteslinter/eslint and types-node, are engineered to...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/12/19 1:37 p.m.18 views

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Juniper Networks is warning that Session Smart Router SSR products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it's issuing the advisory after "several customers" reported anomalous behavior on their Session Sma...

9.8CVSS8.7AI score0.99999EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/12/19 10:31 a.m.12 views

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager FortiWLM that could lead to disclosure of sensitive information. The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0. It was originally fixed by...

9.8CVSS9.8AI score0.24901EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/12/19 10:0 a.m.4 views

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

The U.S. Cybersecurity and Infrastructure Security Agency CISA has issued Binding Operational Directive BOD 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications SCuBA secure configuration baselines. "Recent cybersecurity...

7.5AI score
Exploits0
Total number of security vulnerabilities20926