SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
Mar 17, 2025The Hacker NewsCloud Security / Threat Intelligence The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found…
Category: TheHackerNews
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
Mar 17, 2025Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to…
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Mar 15, 2025Ravie Lakshmanan Malware / Supply Chain Security Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI)…
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
Mar 14, 2025Ravie LakshmananCybercrime / Ransomware A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group…
GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging
Mar 14, 2025Ravie LakshmananMobile Security / Encryption The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the…
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right
Most microsegmentation projects fail before they even get off the ground—too complex, too slow, too disruptive. But Andelyn Biosciences proved it doesn’t have to be…
See How Hackers Breach Networks and Demand a Ransom
Mar 14, 2025The Hacker NewsData Protection / Ransomware Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold—from the initial breach…
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
Mar 14, 2025Ravie LakshmananSoftware Security / Cybercrime Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented…
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
Mar 14, 2025Ravie LakshmananThreat Intelligence / Malware A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77.…
North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps
The North Korea-linked threat actor known as ScarCruft is said to have been behind a never-before-seen Android surveillance tool named KoSpy targeting Korean and English-speaking…
![Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails](https://image.cybernoz.com/wp-content/uploads/2025/03/Microsoft-Warns-of-ClickFix-Phishing-Campaign-Targeting-Hospitality-Sector-via.png)
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social…
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
Mar 13, 2025Ravie LakshmananAuthentication / Vulnerability Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass…