APT-C-60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor
Nov 27, 2024Ravie LakshmananMalware / Cyber Espionage The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in…
Category: TheHackerNews
1,006 Arrests, 134,089 Malicious Networks Dismantled
Nov 27, 2024Ravie LakshmananCybercrime / Financial Fraud An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown…
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
Nov 27, 2024Ravie LakshmananIoT Security / Network Security A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages…
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker…
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast…
A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats
Nov 26, 2024The Hacker NewsPentest / Vulnerability Assessment When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s…
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
Nov 26, 2024Ravie LakshmananVulnerability / Cybercrime The Russia-aligned threat actor known as RomCom has been linked to the zero-day exploitation of two security flaws, one…
CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks
Nov 26, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array…
PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot
Nov 25, 2024Ravie LakshmananSoftware Supply Chain / Malware The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new…
Google’s New Restore Credentials Tool Simplifies App Login After Android Migration
Nov 25, 2024Ravie LakshmananMobile Security / Privacy Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party…
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
Nov 25, 2024Ravie LakshmananCloud Security / Supply Chain Attack Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like…
Flying Under the Radar – Security Evasion Techniques
Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution…