TheHackerNews

New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Feb 14, 2025Ravie LakshmananVulnerability / DevOps Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an…

February 14, 2025 Cybernoz 3 min read

TheHackerNews

Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks

Feb 14, 2025Ravie LakshmananBrowser Security / Cryptocurrency The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript…

February 14, 2025 Cybernoz 2 min read

TheHackerNews

RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally

The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to…

February 14, 2025 Cybernoz 4 min read

TheHackerNews

Russian-Linked Hackers Using ‘Device Code Phishing’ to Hijack Accounts

Feb 14, 2025Ravie LakshmananEnterprise Security / Cyber Attack Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to…

February 14, 2025 Cybernoz 2 min read

TheHackerNews

AI-Powered Social Engineering: Ancillary Tools and Techniques

Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and…

February 14, 2025 Cybernoz 5 min read

TheHackerNews

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

Feb 14, 2025Ravie LakshmananZero-Day / Vulnerability Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote…

February 14, 2025 Cybernoz 2 min read

TheHackerNews

Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners

Feb 13, 2025Ravie LakshmananWeb Security / Cloud Security A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery…

February 13, 2025 Cybernoz 2 min read

TheHackerNews

North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks

Feb 13, 2025Ravie LakshmananUnited States A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business,…

February 13, 2025 Cybernoz 2 min read

TheHackerNews

AI and Security – A New Puzzle to Figure Out

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial…

February 13, 2025 Cybernoz 4 min read

TheHackerNews

Watch this Learn to Sync Dev and Sec Teams

Feb 13, 2025The Hacker NewsApplication Security / DevOps Ever felt like your team is stuck in a constant battle? Developers rush to add new features,…

February 13, 2025 Cybernoz 2 min read

TheHackerNews

RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used…

February 13, 2025 Cybernoz 4 min read

TheHackerNews

Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software

Feb 13, 2025Ravie LakshmananNetwork Security / Vulnerability Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an…

February 13, 2025 Cybernoz 2 min read