Critical Apache HugeGraph Vulnerability Under Attack
Jul 17, 2024NewsroomVulnerability / Data Security Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote…
Category: TheHackerNews
‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
Jul 16, 2024NewsroomMobile Security / Online Security Details have emerged about a “massive ad fraud operation” that leverages hundreds of apps on the Google Play…
Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its…
Threat Prevention & Detection in SaaS Environments
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them. According to…
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
Jul 16, 2024NewsroomOpen Source / Software Supply Chain Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to…
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
Jul 16, 2024NewsroomData Security / Vulnerability An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in…
CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software
Jul 16, 2024NewsroomVulnerability / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools…
Kaspersky Exits U.S. Market Following Commerce Department Ban
Jul 16, 2024NewsroomNational Security / Data Security Russian security vendor Kaspersky has said it’s exiting the U.S. market nearly a month after the Commerce Department…
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to…
CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool
Jul 15, 2024NewsroomSaaS Security / Vulnerability A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to…
Infostealer Garden of Low-Hanging Fruit
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending…
Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
Jul 15, 2024NewsroomCybersecurity / Mobile Security Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication…