New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits
Jan 25, 2024NewsroomThreat Intelligence / Malware Research A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver…
Category: TheHackerNews
Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach
Jan 25, 2024NewsroomCyber Attack / Data Breach Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE)…
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
Jan 24, 2024NewsroomCloud Security / Kubernetes Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors…
Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on…
What is Nudge Security and How Does it Work?
Jan 24, 2024The Hacker NewsSaaS Security / Endpoint Security In today’s highly distributed workplace, every employee has the ability to act as their own CIO,…
U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach
Jan 24, 2024NewsroomCryptocurrency / Cybercrime Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role…
The Unknown Risks of The Software Supply Chain: A Deep-Dive
Jan 24, 2024The Hacker NewsVulnerability / Software Security In a world where more & more organizations are adopting open-source components as foundational blocks in their…
Patch Your GoAnywhere MFT Immediately
Jan 24, 2024NewsroomVulnerability / Endpoint Security A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software that could be abused…
Gcore Radar Warns of a New Era of DDoS Attacks
Jan 23, 2024The Hacker NewsCybersecurity / Server Security As we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which…
VexTrio: The Uber of Cybercrime
The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive…
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
Jan 23, 2024NewsroomSoftware Security / Supply Chain Two malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted…
MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets
Jan 23, 2024NewsroomMalware / Cryptocurrency Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information…