Lucene search
+L

20926 matches found

The Hacker News
The Hacker News
added 2024/11/08 12:23 p.m.40 views

IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools

High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called...

7.8CVSS9.3AI score0.99374EPSS
Exploits62
The Hacker News
The Hacker News
added 2024/11/08 11:53 a.m.26 views

Malicious NPM Packages Target Roblox Users with Data-Stealing Malware

A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attack...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/08 11:53 a.m.29 views

The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses

We've all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses SMBs are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers CISO...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/08 9:39 a.m.18 views

Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective

Let's face it—traditional security training can feel as thrilling as reading the fine print on a software update. It's routine, predictable, and, let's be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that's as unforgettable as your favorite show. Remember how...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/08 7:15 a.m.34 views

New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus

Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The "intriguing" campaign, codenamed CRONTRAP , starts with a malicious Windows shortcut L...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/08 5:17 a.m.50 views

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 CVS...

10CVSS8.4AI score0.91783EPSS
Exploits16
The Hacker News
The Hacker News
added 2024/11/07 12:40 p.m.25 views

North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS

A threat actor with ties to the Democratic People's Republic of Korea DPRK has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk , attributed it wi...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/07 12:0 p.m.61 views

A Hacker's Guide to Password Cracking

Defending your organization's security is like fortifying a castle—you need to understand where attackers will strike and how they'll try to breach your walls. And hackers are always searching for weaknesses, whether it's a lax password policy or a forgotten backdoor. To build a stronger defense,...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/07 9:48 a.m.51 views

5 Most Common Malware Techniques in 2024

Tactics, techniques, and procedures TTPs form the foundation of modern defense strategies. Unlike indicators of compromise IOCs, TTPs are more stable, making them a reliable way to identify specific cyber threats. Here are some of the most commonly used techniques, according to ANY.RUN's Q3 2024...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/07 9:42 a.m.31 views

SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims

An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July 2024. Cybersecurity firm Check Point is tracking the large-scale campaign under the name CopyRhightadamantys. Target...

7.8CVSS7.1AI score0.00605EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/11/07 9:40 a.m.29 views

China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait

The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an entity in the region. "During this attack, the threat actor used as a lure the upcoming World Expo, which will be...

9.8CVSS9.8AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/11/07 9:8 a.m.21 views

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems

Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul URWB Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 CVS score: 10.0, the vulnerability...

10CVSS7.9AI score0.03146EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/07 9:7 a.m.20 views

Malicious PyPI Package 'Fabrice' Found Stealing AWS Keys from Thousands of Developers

Cybersecurity researchers have discovered a malicious package on the Python Package Index PyPI that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services AWS credentials. The package in question is "fabrice," which typosquats a...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/07 4:39 a.m.15 views

Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns

The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform. "The decision was based on the information and evidence collected over the...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 5:52 p.m.28 views

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. "Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDri...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 1:59 p.m.15 views

Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

Cybersecurity researchers are warning that a command-and-control C&C framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 11:30 a.m.14 views

9 Steps to Get CTEM on Your 2025 Budgetary Radar

Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 10:13 a.m.14 views

INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime

INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 6:58 a.m.11 views

South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers

Meta has been fined 21.62 billion won $15.67 million by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 5:37 a.m.16 views

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users

Google's cloud division has announced that it will enforce mandatory multi-factor authentication MFA for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/05 5:15 p.m.43 views

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions

The U.S. Federal Bureau of Investigation FBI has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed...

9.8CVSS10AI score0.99796EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/11/05 12:16 p.m.12 views

New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers

Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda's main goal is to initiate money transfers from compromised devices via account takeover ATO using a...

8.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/05 11:0 a.m.34 views

Leveraging Wazuh for Zero Trust security

Zero Trust security changes how organizations handle security by doing away with implicit trust while continuously analyzing and validating access requests. Contrary to perimeter-based security, users within an environment are not automatically trusted upon gaining access. Zero Trust security...

10CVSS9.2AI score0.85974EPSS
Exploits40
The Hacker News
The Hacker News
added 2024/11/05 9:34 a.m.27 views

Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices

Taiwanese network-attached storage NAS appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Ow...

8.4AI score0.2838EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/05 5:33 a.m.12 views

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control C2 server address distribution...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/05 5:8 a.m.18 views

Canadian Suspect Arrested Over Snowflake Customer Breach and Extortion Attacks

Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander "Connor" Moucka aka Judische and Waifu, was...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/05 3:30 a.m.34 views

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System

Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access...

8.1CVSS8.4AI score0.0301EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/04 2:8 p.m.36 views

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence AI framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an...

8.8CVSS8.1AI score0.89633EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/11/04 12:2 p.m.34 views

German Police Disrupt DDoS-for-Hire Platform dstat[.]cc; Suspects Arrested

German law enforcement authorities have announced the disruption of a criminal service called dstat.cc that made it possible for other threat actors to easily mount distributed denial-of-service DDoS attacks. "The platform made such DDoS attacks accessible to a wide range of users, even those...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/04 11:28 a.m.33 views

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03)

This week was a total digital dumpster fire! Hackers were like, "Let's cause some chaos!" and went after everything from our browsers to those fancy cameras that zoom and spin. You know, the ones they use in spy movies? 🕵️‍♀️ We're talking password-stealing bots, sneaky extensions that spy on you,...

9.8CVSS8.7AI score0.81973EPSS
Exploits8
The Hacker News
The Hacker News
added 2024/11/04 11:0 a.m.13 views

Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)

As the holiday season approaches, retail businesses are gearing up for their annual surge in online and in-store traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain. Imperva, a Thales company, recently published its annu...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/04 10:4 a.m.16 views

Google's AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model LLM assisted framework called Big Sleep formerly Project Naptime. The tech giant described the development as the "first real-world vulnerability" uncovered using the...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/04 6:13 a.m.14 views

New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls

Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing aka vishing techniques to trick users into parting with their personal information. "FakeCall is an extremely sophisticated Vishing attack that leverages...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/02 5:32 a.m.20 views

Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar

Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It's a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 2:9 p.m.15 views

Inside Iran's Cyber Playbook: AI, Fake Hosting, and Psychological Warfare

U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participation in the sporting event. The activity has...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 10:27 a.m.24 views

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE , is estimated to have collected over 10,000 private...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 10:20 a.m.19 views

5 SaaS Misconfigurations Leading to Major Fu*%@ Ups

With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk possibilities are endless. Critical organizational assets and data are at risk from malicious actors, data breaches, and insider threats, which pose...

7.9AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 9:48 a.m.22 views

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials...

8.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 8:48 a.m.11 views

Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns

Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time to improve the experience. The development was first reported by The Verge. The artificial intelligence-powered tool was initially slated for a preview release...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/01 3:50 a.m.20 views

New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites

Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain, the U.K., and the U.S. since at least September 2024. Netcraft said more than 2,000 phishing websites have been identified the kit, known as Xiū gǒu, with the...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/31 3:0 p.m.20 views

New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its functionality, but also incorporates destructive capabilities to prevent the compromised device from booting up. "While the iOS implant delivery method closely mirror...

9.3CVSS7AI score0.16111EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/10/31 2:16 p.m.14 views

LottieFiles Issues Warning About Compromised "lottie-player" npm Package

LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to release an updated version of the library. "On October 30th 6:20 PM UTC - LottieFiles were notified that our popular open source npm package for the web player...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/31 10:30 a.m.38 views

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as "the new perimeter", the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of h...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/31 10:24 a.m.33 views

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 CVSS score: 8.1, has been addressed in version 6.5....

10CVSS8.5AI score0.83178EPSS
Exploits15
The Hacker News
The Hacker News
added 2024/10/30 3:44 p.m.13 views

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack

Threat actors linked to North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces , which...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/30 1:5 p.m.17 views

Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information

A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access to private APIs. The attack, codenamed CrossBarking , could have made it possible to conduct actions such as capturing screenshots, modifying browser settings, and accou...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/30 1:0 p.m.17 views

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute an information stealer known as SYS01stealer. "The hackers behind the campaign use trusted brands to expand their reach," Bitdefender Labs...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/30 11:0 a.m.21 views

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims' crypto wallets. The package, named "CryptoAITools," is said to have been distributed...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/30 10:30 a.m.16 views

Embarking on a Compliance Journey? Here's How Intruder Can Help

Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting. Luckily, Intruder simplifies the process by helping you address the key vulnerability management criteria these frameworks demand, making your compliance journey much smoother. Read on to understa...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/10/29 1:0 p.m.51 views

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence AI and machine learning ML models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI...

9.8CVSS8.3AI score0.2721EPSS
Exploits6
Total number of security vulnerabilities20926