a Double-Edged Sword for IT Teams – Essential Yet Exploitable
Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having…
Category: TheHackerNews
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
Feb 28, 2025Ravie LakshmananAPI Security / AI Security Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise…
Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
Feb 28, 2025Ravie LakshmananFinancial Fraud / Cyber Espionage The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and…
12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings…
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
Feb 27, 2025Ravie LakshmananMalware / Threat Intelligence A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing…
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
Feb 27, 2025Ravie LakshmananCybercrime / Android Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat…
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
Feb 27, 2025The Hacker NewsArtificial Intelligence / Browser Security Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business…
Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware
Feb 27, 2025Ravie LakshmananMalware / Network Security The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology…
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
Feb 27, 2025Ravie LakshmananVulnerability / Network Security A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope…
Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
Feb 27, 2025Ravie LakshmananCybercrime / Cryptocurrency The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat…
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
Feb 26, 2025Ravie LakshmananEnterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center…
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
A cross-site scripting (XSS) vulnerability in a virtual tour framework has been weaponized by malicious actors to inject malicious scripts across hundreds of websites with…