Threat Prevention & Detection in SaaS Environments
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them. According to…
Category: TheHackerNews
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
Jul 16, 2024NewsroomOpen Source / Software Supply Chain Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to…
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
Jul 16, 2024NewsroomData Security / Vulnerability An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in…
CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software
Jul 16, 2024NewsroomVulnerability / Infrastructure Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools…
Kaspersky Exits U.S. Market Following Commerce Department Ban
Jul 16, 2024NewsroomNational Security / Data Security Russian security vendor Kaspersky has said it’s exiting the U.S. market nearly a month after the Commerce Department…
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to…
CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool
Jul 15, 2024NewsroomSaaS Security / Vulnerability A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to…
Infostealer Garden of Low-Hanging Fruit
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending…
Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
Jul 15, 2024NewsroomCybersecurity / Mobile Security Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication…
New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection
Jul 15, 2024NewsroomNetwork Security / Data Protection Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged…
U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation
The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used…
Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
Jul 12, 2024NewsroomVulnerability / Software Security A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to…