Securing CI/CD workflows with Wazuh
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in…
Category: TheHackerNews
Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
May 21, 2025Ravie LakshmananMalware / Artificial Intelligence Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to…
How to Detect Phishing Attacks Faster: Tycoon2FA Example
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they…
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
May 21, 2025Ravie LakshmananMobile Security / Browser Security Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on…
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
May 21, 2025Ravie LakshmananData Breach / Account Security Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically…
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
May 20, 2025Ravie LakshmananMalware / Cloud Security A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including…
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
May 20, 2025Ravie LakshmananCredential Theft / Browser Security An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024…
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate…
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
May 20, 2025Ravie LakshmananMalware / Cyber Espionage High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign…
Key Insights from the 2025 State of Pentesting Report
May 20, 2025The Hacker NewsPenetration Testing / Risk Management In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises…
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
May 20, 2025Ravie LakshmananMalware / Cyber Espionage Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international…
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
May 20, 2025Ravie LakshmananLinux / Cryptojacking Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers. The malicious…