Why More Security Leaders Are Selecting AEV
Jun 06, 2025The Hacker NewsCyber Resilience / Penetration Testing Cybersecurity involves both playing the good guy and the bad guy. Diving deep into advanced technologies…
Category: TheHackerNews
New PathWiper Data Wiper Malware Disrupts Ukrainian Critical Infrastructure in 2025 Attack
A critical infrastructure entity within Ukraine was targeted by a previously unseen data wiper malware named PathWiper, according to new findings from Cisco Talos. “The…
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
Jun 05, 2025Ravie LakshmananBrowser Security / Online Safety Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in…
Researchers Detail Bitter APT’s Evolving Tactics as Its Geographic Scope Expands
Jun 05, 2025Ravie LakshmananThreat Intelligence / Network Security The threat actor known as Bitter has been assessed to be a state-backed hacking group that’s tasked…
Iran-Linked BladedFeline Hits Iraqi and Kurdish Targets with Whisper and Spearal Malware
An Iran-aligned hacking group has been attributed to a new set of cyber attacks targeting Kurdish and Iraqi government officials in early 2024. The activity…
Why Business Impact Should Lead the Security Conversation
Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same…
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
Jun 05, 2025Ravie LakshmananDark Web / Law Enforcement The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145…
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Jun 05, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that,…
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Jun 04, 2025Ravie Lakshmanan Threat Intelligence / Data Breach Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice…
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Jun 04, 2025Ravie LakshmananLinux / Malware Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that…
Why Traditional DLP Solutions Fail in the Browser Era
Jun 04, 2025The Hacker NewsBrowser Security / Enterprise Security Traditional data leakage prevention (DLP) tools aren’t keeping pace with the realities of how modern businesses…
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation,…