North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign
Aug 21, 2024Ravie LakshmananCyber Espionage / Malware A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean…
Category: TheHackerNews
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
Aug 21, 2024Ravie LakshmananSoftware Security / Vulnerability Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be exploited to access…
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
Aug 21, 2024Ravie LakshmananMalware / Cryptocurrency Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious…
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
Aug 21, 2024Ravie LakshmananCyber Espionage / Threat Intelligence In what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer…
It’s Time To Untangle the SaaS Ball of Yarn
It’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely…
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
Aug 21, 2024Ravie LakshmananCyber Warfare / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to…
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
Aug 21, 2024Ravie LakshmananWordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than…
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
Aug 20, 2024Ravie LakshmananMobile Security / Banking Fraud Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a…
Key Indicators in CloudTrail Logs for Stolen API Keys
Aug 20, 2024The Hacker NewsCybersecurity / Cloud Security As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount.…
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering…
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
Aug 20, 2024Ravie LakshmananVulnerability / Container Security Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow…
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
Aug 20, 2024Ravie LakshmananVulnerability / Threat Intelligence A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed…