It’s Time To Untangle the SaaS Ball of Yarn
It’s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely…
Category: TheHackerNews
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
Aug 21, 2024Ravie LakshmananCyber Warfare / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to…
GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk
Aug 21, 2024Ravie LakshmananWordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than…
Czech Mobile Users Targeted in New Banking Credential Theft Scheme
Aug 20, 2024Ravie LakshmananMobile Security / Banking Fraud Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a…
Key Indicators in CloudTrail Logs for Stolen API Keys
Aug 20, 2024The Hacker NewsCybersecurity / Cloud Security As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount.…
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering…
Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
Aug 20, 2024Ravie LakshmananVulnerability / Container Security Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow…
Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor
Aug 20, 2024Ravie LakshmananVulnerability / Threat Intelligence A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed…
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Aug 20, 2024Ravie LakshmananVulnerability / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known…
Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America
Aug 20, 2024Ravie LakshmananMalware / Cyber Espionage Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities…
Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information
Aug 20, 2024Ravie LakshmananEnterprise Security / Data Breach Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have…
Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware
Aug 19, 2024Ravie LakshmananMalvertising / Cybercrime Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat. “These…