Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
Jan 30, 2025Ravie LakshmananWeb Security / Vulnerability Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an…
Category: TheHackerNews
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
Jan 29, 2025Ravie LakshmananThreat Intelligence / Malware The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform”…
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could…
What’s Effective and What’s Not – Insights from 200 Experts
Jan 29, 2025The Hacker NewsThreat Detection / Artificial Intelligence Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy…
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
Jan 29, 2025Ravie LakshmananVulnerability / Threat Intelligence A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that…
How Interlock Ransomware Infects Healthcare Organizations
Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans…
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
Jan 29, 2025Ravie LakshmananVulnerability / Network Security Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation…
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
Jan 29, 2025Ravie LakshmananVulnerability / Software Security Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by…
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents
Jan 29, 2025Ravie LakshmananCyber Espionage / Threat Intelligence The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by…
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks
Jan 28, 2025Ravie LakshmananPhishing Attack / Network Security A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been…
OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking
Jan 28, 2025Ravie Lakshmanan Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car…
Propelling SecOps into the future
Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation…