From Logs to Runtime Protection
Nov 28, 2024The Hacker NewsCloud Security / Threat Detection Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency,…
Category: TheHackerNews
XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
Nov 28, 2024Ravie LakshmananSoftware Security / Data Breach Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year…
Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware
Nov 28, 2024Ravie LakshmananWindows Security / Cryptomining A popular open-source game engine called Godot Engine is being misused as part of a new GodLoader malware…
U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider
Nov 28, 2024Ravie LakshmananNetwork Security / Cyber Espionage U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its…
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the…
Latest Multi-Stage Attack Scenarios with Real-World Examples
Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how…
Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels
Nov 27, 2024Ravie LakshmananLinux / Malware Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit…
APT-C-60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor
Nov 27, 2024Ravie LakshmananMalware / Cyber Espionage The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in…
1,006 Arrests, 134,089 Malicious Networks Dismantled
Nov 27, 2024Ravie LakshmananCybercrime / Financial Fraud An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown…
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
Nov 27, 2024Ravie LakshmananIoT Security / Network Security A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages…
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker…
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast…