Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver...
Read more →Category: TheHackerNews
When Security Measures Go Wrong
Jan 18, 2024The Hacker NewsAuthentication Security / Passwords In today’s digital landscape, traditional password-only authentication systems have proven to be...
Read more →
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Jan 18, 2024NewsroomSupply Chain Attacks / AI Security Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow...
Read more →
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
Jan 18, 2024NewsroomFirmware Security / Vulnerability Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an...
Read more →
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts
Jan 18, 2024NewsroomCyber Espionage / Threat Intelligence High-profile individuals working on Middle Eastern affairs at universities and research organizations in...
Read more →
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
Jan 17, 2024NewsroomSpyware / Forensic Analysis Cybersecurity researchers have identified a “lightweight method” called iShutdown for reliably identifying signs of...
Read more →
Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation
Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of...
Read more →
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
Jan 17, 2024NewsroomFinancial Data / Vulnerability The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity...
Read more →
Webinar: The Art of Privilege Escalation
Jan 17, 2024The Hacker NewsCyber Threat / Live Webinar In the digital age, the battleground for security professionals is not...
Read more →
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
Jan 17, 2024NewsroomBotnet / Cloud Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation...
Read more →
GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials
Jan 17, 2024NewsroomVulnerability / Software Security GitHub has revealed that it has rotated some keys in response to a security...
Read more →
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
Jan 17, 2024NewsroomVulnerability / Cyber Threat Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC)...
Read more →