Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/11/29 11:0 a.m.5 views

Protecting Tomorrow's World: Shaping the Cyber-Physical Future

The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025 , we explored the different factor...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/29 10:6 a.m.9 views

Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks

Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service PhaaS toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials. "This campaign employs an AitM adversary-in-the-middle attack, allowing attackers to intercept user...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/29 9:34 a.m.14 views

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Microsoft has addressed four security flaws impacting its artificial intelligence AI, cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is...

9.8CVSS8.8AI score0.01339EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/29 5:31 a.m.7 views

U.S. Citizen Sentenced for Spying on Behalf of China's Intelligence Agency

A 59-year-old U.S. citizen who immigrated from the People's Republic of China PRC has been sentenced to four years in prison for conspiring to act as a spy for the country and sharing sensitive information about his employer with China's principal civilian intelligence agency. Ping Li, 59, of...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/28 4:57 p.m.9 views

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing...

9.8CVSS8AI score0.01485EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/28 11:30 a.m.5 views

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/28 10:48 a.m.8 views

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems. The package,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/28 9:29 a.m.12 views

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware campaign, infecting over 17,000 systems since at least June 2024. "Cybercriminals have been taking advantage of Godot Engine to execute crafted GDScript code which triggers malicious commands...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/28 4:37 a.m.5 views

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed. These intrusion attempts "originated from a wireline provider's network that was connected to ours," Jeff Simon,...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/27 4:5 p.m.12 views

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels

Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface UEFI bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept PoC and there is no...

5.5CVSS7AI score0.01858EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/11/27 4:5 p.m.14 views

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023, was not...

9.8CVSS10AI score0.91559EPSS
Exploits4
The Hacker News
The Hacker News
added 2024/11/27 11:30 a.m.5 views

Latest Multi-Stage Attack Scenarios with Real-World Examples

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/27 11:14 a.m.15 views

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google...

9.3CVSS7.7AI score0.01773EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/27 7:20 a.m.9 views

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled

An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti , the law enforcement exercise took place betwe...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/27 5:21 a.m.10 views

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

A threat actor named Matrix has been linked to a widespread distributed denial-of-service DDoS campaign that leverages vulnerabilities and misconfigurations in Internet of Things IoT devices to co-opt them into a disruptive botnet. "This operation serves as a comprehensive one-stop shop for...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/26 1:23 p.m.19 views

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin for WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-1054...

9.8CVSS10AI score0.15236EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/11/26 11:30 a.m.6 views

Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats

When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That's why Intruder, a leader in attack surface management, built Intel now known ascvemon - a free vulnerability intelligence platform designed to help you act fast and prioritize...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/26 10:34 a.m.17 views

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks

The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one in Mozilla Firefox and the other in Microsoft Windows, as part of attacks designed to deliver the eponymous backdoor on victim systems. "In a successful attack, if a victim...

9.8CVSS10AI score0.98998EPSS
Exploits5
The Hacker News
The Hacker News
added 2024/11/26 10:19 a.m.20 views

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro, which described the hacking group as an aggressive advanced persistent...

9.8CVSS9.8AI score0.99999EPSS
Exploits93
The Hacker News
The Hacker News
added 2024/11/26 5:3 a.m.18 views

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities KEV catalog following reports of active exploitation in the wild. The vulnerabilit...

9.8CVSS10AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/11/25 2:22 p.m.6 views

Google's New Restore Credentials Tool Simplifies App Login After Android Migration

Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for...

6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/25 1:54 p.m.6 views

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot

The administrators of the Python Package Index PyPI repository have quarantined the package "aiocpa " following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/25 11:30 a.m.4 views

Flying Under the Radar - Security Evasion Techniques

Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks "I really like the saying that 'This is out of scope' said no hacker ever. Whether it's trick...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/25 11:30 a.m.28 views

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)

We hear terms like "state-sponsored attacks" and "critical vulnerabilities" all the time, but what's really going on behind those words? This week's cybersecurity news isn't just about hackers and headlines—it's about how digital risks shape our lives in ways we might not even realize. For...

10CVSS10AI score0.99698EPSS
Exploits39
The Hacker News
The Hacker News
added 2024/11/25 11:24 a.m.7 views

Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks

Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code IaC and policy-as-code PaC tools like HashiCorp's Terraform and Styra's Open Policy Agent OPA that leverage dedicated, domain-specific languages DSLs to breach cloud platforms and exfiltrate data...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/25 9:16 a.m.7 views

Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections

Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver BYOVD to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/23 12:10 p.m.8 views

Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites

Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base DIB,...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/23 11:53 a.m.5 views

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/22 4:59 p.m.8 views

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future's Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/22 4:59 p.m.21 views

APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware

The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asyncshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help CHM file, the...

7.8CVSS7.7AI score0.97798EPSS
Exploits49
The Hacker News
The Hacker News
added 2024/11/22 4:47 p.m.5 views

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign

A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. "The attackers embedded malicious JavaScrip...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/22 11:30 a.m.6 views

Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamles...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/22 9:37 a.m.5 views

Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks

Meta Platforms, Microsoft, and the U.S. Department of Justice DoJ have announced independent actions to tackle cybercrime and disrupt services that enable scams, fraud, and phishing attacks. To that end, Microsoft's Digital Crimes Unit DCU said it seized 240 fraudulent websites associated with an...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/22 6:15 a.m.5 views

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index PyPI repository that impersonated popular artificial intelligence AI models like OpenAI ChatGPT and Anthropic Claude to deliver an information stealer called JarkaStealer. The packages, named...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 4:22 p.m.18 views

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared by the Shadowserver Foundation, a majority of the infections hav...

5.9CVSS10AI score0.99698EPSS
Exploits18
The Hacker News
The Hacker News
added 2024/11/21 3:50 p.m.53 views

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

The China-aligned advanced persistent threat APT actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia. That's according to findings from cybersecurity firm ESET based on multiple Linux samples...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 12:23 p.m.5 views

10 Most Impactful PAM Use Cases for Enhancing Organizational Security

Privileged access management PAM plays a pivotal role in building a strong security strategy. PAM empowers you to significantly reduce cybersecurity risks, gain tighter control over privileged access, achieve regulatory compliance, and reduce the burden on your IT team. As an established provider...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 12:4 p.m.7 views

North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

Threat actors with ties to the Democratic People's Republic of Korea DPRK are impersonating U.S.-based software and technology consulting businesses in order to further their financial objectives as part of a broader information technology IT worker scheme. "Front companies, often based in China,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 11:30 a.m.5 views

Cyber Story Time: The Boy Who Cried "Secure!"

As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation ASV tools?" We've covered that pretty extensively in the past, so today, instead of covering the "What is ASV?" I wanted to address the "Why ASV?"...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 11:0 a.m.9 views

Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

New research has uncovered more than 145,000 internet-exposed Industrial Control Systems ICS across 175 countries, with the U.S. alone accounting for over one-third of the total exposures. The analysis, which comes from attack surface management company Censys, found that 38% of the devices are...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 9:16 a.m.7 views

5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme

Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S. for targeting employees of companies across the country using social engineering techniques to harvest credentials and using them to gain unauthorized access to sensitive data and break into crypt...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 7:13 a.m.11 views

Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects

Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, including a medium-severity flaw in the OpenSSL cryptographic library. "These particular vulnerabilities represent a milestone for automated...

4.3CVSS7.7AI score0.05966EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/21 6:34 a.m.4 views

NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data

Threat hunters are warning about an updated version of the Python-based NodeStealer that's now equipped to extract more information from victims' Facebook Ads Manager accounts and harvest credit card data stored in web browsers. "They collect budget details of Facebook Ads Manager accounts of the...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/20 1:9 p.m.5 views

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments

Threat actors are increasingly banking on a new technique that leverages near-field communication NFC to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such a...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/20 11:30 a.m.6 views

NHIs Are the Future of Cybersecurity: Meet NHIDR

The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity NHI, they can swiftly exploit it to move laterally across systems,...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/20 9:16 a.m.19 views

Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package

Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server since version 21.04 that could allow a local attacker to gain root privileges without requiring user interaction. The Qualys Threat Research Unit TRU, which identified...

7.8CVSS9.8AI score0.19924EPSS
Exploits16
The Hacker News
The Hacker News
added 2024/11/20 7:0 a.m.4 views

Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity

Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. The idea, the tech giant said, is to avoid incidents like that of CrowdStrike's earlier this July, enable more apps and users to be...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/20 6:58 a.m.7 views

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversa...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/20 4:37 a.m.11 views

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below - CVE-2024-44308 CVSS score: 8.8 - A vulnerability in JavaScriptCore that could lead to...

8.8CVSS9.2AI score0.22728EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/11/20 4:24 a.m.15 views

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management PLM Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 CVSS score: 7.5, could be exploited sans authentication to leak sensitive information. "This vulnerabili...

7.5CVSS6.7AI score0.01496EPSS
Exploits0
Total number of security vulnerabilities20926