A Healthcare CISO’s Journey to Enabling Modern Care
Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t mince words: “Healthcare…
Category: TheHackerNews
New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data
A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification…
China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil
May 30, 2025Ravie LakshmananVulnerability / Threat Intelligence The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has…
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers
May 29, 2025Ravie LakshmananMalware / Windows Security Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and…
Cybercriminals Target AI Users with Malware-Loaded Installers Posing as Popular Tools
Fake installers for popular artificial intelligence (AI) tools like OpenAI ChatGPT and InVideo AI are being used as lures to propagate various threats, such as…
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints
The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then…
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations
May 29, 2025Ravie LakshmananMalware / Cloud Security Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS…
Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin
May 29, 2025Ravie LakshmananVulnerability / Website Security Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could…
Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack
May 28, 2025Ravie LakshmananCybersecurity / Cyber Espionage The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC)…
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore
May 28, 2025Ravie LakshmananRansomware / Data Breach An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion…
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File
May 28, 2025Ravie LakshmananData Privacy / Vulnerability Cybersecurity researchers have discovered a security flaw in Microsoft’s OneDrive File Picker that, if successfully exploited, could allow…
A 24-Hour Timeline of a Modern Stealer Campaign
May 28, 2025The Hacker NewsIdentity Theft / Enterprise Security Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving…