Hackernews

2024

Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity
FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms
From Misuse to Abuse AI Risks and Attacks
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
5 Techniques for Collecting Cyber Threat Intelligence
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists
The Rise of Zero-Day Vulnerabilities Why Traditional Security Solutions Fall Short
China Accuses US of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns
Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates
WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites
Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration
5 Steps to Boost Detection and Response in a Multi-Layered Cloud
Supply Chain Attacks Can Exploit Entry Points in Python npm and Open-Source Ecosystems
THN Cybersecurity Recap Top Threats Tools and Trends Oct 7 - Oct 13
Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation
GitHub Telegram Bots and ASCII QR Codes Abused in New Wave of Phishing Attacks
GitHub Telegram Bots and QR Codes Abused in New Wave of Phishing Attacks
How Hybrid Password Attacks Work and How to Defend Against Them
CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
New Critical GitLab Vulnerability Could Allow Arbitrary CICD Pipeline Execution
Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation
OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation
Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems
6 Simple Steps to Eliminate SOC Analyst Burnout
Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
Firefox Zero-Day Under Attack Update Your Browser Immediately
Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries
N Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware
Social Media Accounts The Weak Link in Organizational SaaS Security
Microsoft Issues Security Update Fixing 118 Flaws Two Actively Exploited in the Wild
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
Zero-Day Alert Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines
Cyberattack Group Awaken Likho Targets Russian Government with Advanced Tools
GoldenJackal Target Embassies and Air-Gapped Systems Using Malware Toolsets
New Case Study The Evil Twin Checkout Page
The Value of AI-Powered Identity
Pro-Ukrainian Hackers Strike Russian State TV on Putins Birthday
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
New Gorilla Botnet Launches Over 300000 DDoS Attacks Across 100 Countries
Vulnerable APIs and Bot Attacks Costing Businesses Up to 186 Billion Annually
Modernization of Authentication Webinar on MFA Passwords and the Shift to Passwordless
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
THN Cybersecurity Recap Top Threats and Trends Sep 30 - Oct 6
Google Blocks Unsafe Android App Sideloading in India for Improved Fraud Protection
EU Court Limits Metas Use of Personal Facebook Data for Targeted Ads
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
US and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown
How to Get Going with CTEM When You Dont Know Where to Start
Cloudflare Thwarts Largest-Ever 38 Tbps DDoS Attack Targeting Global Sectors
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks
The Secret Weakness Execs Are Overlooking Non-Human Identities
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
LockBit Ransomware and Evil Corp Members Arrested and Sanctioned in Joint Global Effort
Ivanti Endpoint Manager Flaw Actively Targeted CISA Warns Agencies to Patch
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
Alert Over 700000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
Alert Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
5 Must-Have Tools for Effective Dynamic Malware Analysis
Andariel Hacking Group Shifts Focus to Financial Attacks on US Organizations
Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
Free Sniper Dz Phishing Tools Fuel 140000 Cyber Attacks Targeting User Credentials
New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
UK Hacker Charged in 375 Million Insider Trading Scheme Using Hacked Executive Emails
THN Cybersecurity Recap Last Weeks Top Threats and Trends September 23-29
Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
Session Hijacking 20 The Latest Way That Attackers are Bypassing MFA
A Hackers Era Why Microsoft 365 Protection Reigns Supreme
Meta Fined 91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext
Crypto Scam App Disguised as WalletConnect Steals 70K in Five-Month Campaign
US Charges Three Iranian Nationals for Election Interference and Cybercrimes
Progress Software Releases Patches for 6 Flaws in WhatsUp Gold Patch Now
Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution
How to Plan and Prepare for Penetration Testing
Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks
Cybersecurity Certifications The Gateway to Career Advancement
New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users
US Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering
Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
N Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks
Overloaded with SIEM Alerts Discover Effective Strategies in This Expert-Led Webinar
EPSS vs CVSS Whats the Best Approach to Vulnerability Prioritization
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
Chinese Hackers Infiltrate US Internet Providers in Cyber Espionage Campaign
Googles Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent
Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool
ChatGPT macOS Flaw Couldve Enabled Long-Term Spyware via Memory Function
Expert Tips on How to Spot a Phishing Link
Agentic AI in SOCs A Solution to SOARs Unfulfilled Promises
Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware
CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns
Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
US Proposes Ban on Connected Vehicles Using Chinese and Russian Tech
Discover Latest Ransomware Tactics and Zero Trust Strategies in This Expert Webinar
Kaspersky Exits US Automatically Replaces Software With UltraAV Raising Concerns
The SSPM Justification Kit
New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities
Telegram Agrees to Share User Data With Authorities for Criminal Investigations
THN Cybersecurity Recap Last Weeks Top Threats and Trends September 16-22
Why Never Expire Passwords Can Be a Risky Decision
Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk
Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls
New PondRAT Malware Hidden in Python Packages Targets Software Developers
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO
Ukraine Bans Telegram Use for Government and Military Personnel
Europol Shuts Down iServer Phishing Scheme and Ghost Cybercrime Chat Platform
Passwordless AND Keyless The Future of Privileged Access Management
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Wherever Theres Ransomware Theres Service Account Compromise Are You Protected
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

2023

Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour
Follow Us

Everything coding, technology, and digital Life