U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case
Dec 23, 2024Ravie LakshmananSpyware / Mobile Security Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group…
Category: TheHackerNews
Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations
Dec 23, 2024Ravie LakshmananGDPR / Data Privacy Italy’s data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how…
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation…
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting…
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
Dec 20, 2024Ravie LakshmananFirewall Security / Vulnerability Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to…
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
Dec 20, 2024Ravie LakshmananMalware / Supply Chain Attack The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised…
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
Dec 20, 2024Ravie LakshmananVulnerability / Cyber Attack A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of…
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
Dec 20, 2024Ravie LakshmananCISA / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote…
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Dec 19, 2024Ravie LakshmananSupply Chain / Software Security Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node…
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Dec 19, 2024Ravie LakshmananMalware / Botnet Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of…
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Dec 19, 2024Ravie LakshmananMalware / Botnet Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of…
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Dec 19, 2024Ravie LakshmananVulnerability / Network Security Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could…