GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions
A newly discovered campaign dubbed GreedyBear has leveraged over 150 malicious extensions to the Firefox marketplace that are designed to...
Read more →Category: TheHackerNews
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution...
Read more →
SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day
Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting its Gen 7...
Read more →
6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits
Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis...
Read more →
Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 11 malicious Go packages that are...
Read more →
What 2025 Is Teaching Us About Cloud Defense
Now that we are well into 2025, cloud attacks are evolving faster than ever and artificial intelligence (AI) is both...
Read more →
Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups
Aug 07, 2025Ravie LakshmananVulnerability / Threat Detection Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions...
Read more →
How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere in modern software. From machine learning models to...
Read more →
Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
Aug 06, 2025Ravie LakshmananDevOps / Container Security Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container...
Read more →
Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published...
Read more →
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems
Aug 06, 2025Ravie LakshmananVulnerability / Endpoint Security Trend Micro has released mitigations to address critical security flaws in on-premise versions...
Read more →
Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools
Aug 06, 2025Ravie LakshmananArtificial Intelligence / Threat Detection Microsoft on Tuesday announced an autonomous artificial intelligence (AI) agent that can...
Read more →