Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
Jan 22, 2024NewsroomVulnerability / Malware Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a...
Read more →Category: TheHackerNews
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security...
Read more →
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
Jan 20, 2024NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency...
Read more →
Microsoft’s Top Execs’ Emails Breached in Sophisticated Russia-Linked APT Attack
Jan 20, 2024NewsroomCyber Espionage / Emails Security Microsoft on Friday revealed that it was the target of a nation-state attack...
Read more →
TA866 Deploys WasabiSeed & Screenshotter Malware
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver...
Read more →
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Jan 19, 2024NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of...
Read more →
Backup and Recovery Strategies for Exchange Server Administrators
In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood...
Read more →
Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package
Jan 19, 2024NewsroomSoftware Security / Spyware A malicious package uploaded to the npm registry has been found deploying a sophisticated...
Read more →
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability
Jan 19, 2024NewsroomCyber Theat / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical...
Read more →
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Jan 18, 2024NewsroomServer Security / Cryptocurrency Vulnerable Docker services are being targeted by a novel campaign in which the threat...
Read more →
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver...
Read more →
When Security Measures Go Wrong
Jan 18, 2024The Hacker NewsAuthentication Security / Passwords In today’s digital landscape, traditional password-only authentication systems have proven to be...
Read more →