Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia
May 01, 2024NewsroomNational Security / Insider Threat A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262…
Category: TheHackerNews
Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years
Apr 30, 2024NewsroomDocker Hub / Supply Chain Attack Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious “imageless” containers over…
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure
Apr 30, 2024NewsroomMachine Learning / National Security The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related threats.…
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
Apr 30, 2024NewsroomIoT Security / Botnet The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation…
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023
Apr 29, 2024NewsroomMobile Security / Hacking Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or…
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks
Apr 29, 2024NewsroomProgramming / Supply Chain A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor…
China-Linked ‘Muddling Meerkat’ Hijacks DNS to Map Internet on Global Scale
Apr 29, 2024NewsroomDNS Security / Cyber Espionage A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities…
Understanding Exposure Management, Pentesting, Red Teaming and RBVM
It comes as no surprise that today’s cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that…
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Apr 29, 2024NewsroomSandbox / Vulnerability Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to…
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks
Apr 28, 2024NewsroomCredential Stuffing / Data Breach Identity and access management (IAM) services provider Okta has warned of a spike in the “frequency and scale”…
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Apr 27, 2024NewsroomCyber Attack / Malware Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in…
Bogus npm Packages Used to Trick Software Developers into Installing Malware
Apr 27, 2024NewsroomMalware / Software Security An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job…