AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Apr 16, 2024NewsroomCloud Security / DevSecOps New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can…
Category: TheHackerNews
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities…
TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks
Apr 16, 2024NewsroomThreat Intelligence / Endpoint Security The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a…
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
Apr 16, 2024NewsroomEncryption / Network Security The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting…
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations
Apr 16, 2024NewsroomPrivacy Breach / Regulatory Compliance The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal…
Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called…
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
Apr 15, 2024NewsroomFirmware Security / Vulnerability A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device…
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks
Apr 15, 2024NewsroomCloud Security /SaaS Security The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider…
Launching Innovation Rockets, But Beware of the Darkness Ahead
Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken…
The Role of Just-in-Time Privileged Access in Security Evolution
Apr 15, 2024The Hacker NewsActive Directory / Attack Surface To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution…
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Apr 15, 2024NewsroomSpyware / Mobile Security Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering…
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
Apr 15, 2024NewsroomFirewall Security / Vulnerability Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under…