Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
May 21, 2024NewsroomVulnerability / Software Development GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could…
Category: TheHackerNews
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
May 21, 2024NewsroomCloud Security / Data Security A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and…
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure
May 21, 2024NewsroomData Breach / Malware The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown…
Streamlining IT Security Compliance Using the Wazuh FIM Capability
File Integrity Monitoring (FIM) is an IT security control that monitors and detects file changes in computer systems. It helps organizations audit important files and…
Five Core Tenets Of Highly Effective DevSecOps Practices
One of the enduring challenges of building modern applications is to make them more secure without disrupting high-velocity DevOps processes or degrading the developer experience.…
Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
May 21, 2024NewsroomSupply Chain Security / AI Model A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by…
Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses
May 21, 2024NewsroomWindows 11 Security Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of…
NextGen Healthcare Mirth Connect Under Attack
May 21, 2024NewsroomHealthcare / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to…
“Linguistic Lumberjack” Vulnerability Discovered in Popular Logging Utility Fluent Bit
May 21, 2024NewsroomCyber Attack / API Security Cybersecurity researchers have discovered a critical security flaw in a popular logging and metrics utility called Fluent Bit…
Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel
May 20, 2024NewsroomCyber Attack / Threat Intelligence An Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS) has been attributed as behind…
Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks
May 20, 2024The Hacker NewsSoftware Security / Vulnerability All developers want to create secure and dependable software. They should feel proud to release their code…
Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal
Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore…