DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection
Jan 20, 2025Ravie LakshmananAndroid / Malware The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly…
Category: TheHackerNews
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Jan 20, 2025Ravie LakshmananNetwork Security / Vulnerability New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide…
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP
Jan 20, 2025Ravie LakshmananSupply Chain Attack / Solana Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI)…
TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025
Jan 19, 2025Ravie LakshmananSocial Media / Data Privacy Popular video-sharing social network TikTok has officially gone dark in the United States, 2025, as a federal…
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their…
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Jan 17, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to…
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Jan 17, 2025Ravie LakshmananWeb Security / Botnet Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms…
New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Jan 17, 2025Ravie LakshmananCybersecurity / Threat Intelligence Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that’s capable of Microsoft 365 accounts with an…
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
Jan 17, 2025Ravie LakshmananInsider Threat / Cryptocurrency The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their…
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their…
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection…
Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting
Jan 16, 2025Ravie LakshmananSpear Phishing / Threat Intelligence The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that…