Category: TheHackerNews

Remote Code Execution
27
Oct
2023

BIG-IP Vulnerability Allows Remote Code Execution

Oct 27, 2023NewsroomNetwork Security / Vulnerability F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result…

iLeakage Vulnerability
26
Oct
2023

New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs

Oct 26, 2023NewsroomData Security / Vulnerability A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits…

RPS DDoS Attack
26
Oct
2023

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

Oct 26, 2023NewsroomNetwork Security / Cyber Attack Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS)…

SIM Swaps to Ransomware
26
Oct
2023

Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware

Oct 26, 2023NewsroomCyber Threat / Social Engineering The prolific threat actor known as Scattered Spider has been observed impersonating newly…

Web Security
26
Oct
2023

The Danger of Forgotten Pixels on Websites: A New Case Study

Oct 26, 2023The Hacker NewsWeb Security / Data Protection While cyberattacks on websites receive much attention, there are often unaddressed…

Cyber Espionage Group
26
Oct
2023

Researchers Warn of Kazakhstan’s Stealthy Cyber Espionage Group

Oct 26, 2023NewsroomEndpoint Protection / Malware A relatively new threat actor known as YoroTrooper is likely made of operators originating…

Vulnerability
26
Oct
2023

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data

Oct 26, 2023NewsroomVulnerability / Network Security Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being…

IMAPLoader Malware Attacks
26
Oct
2023

Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks

Oct 26, 2023NewsroomCyber Threat / Malware The Iranian threat actor known as Tortoiseshell has been attributed to a new wave…

OAuth Flaws
25
Oct
2023

Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms

Oct 25, 2023Newsroom Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such…

Roundcube Webmail Software
25
Oct
2023

Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software

Oct 25, 2023NewsroomThreat Intelligence / Vulnerability The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw…

CloudTrail
25
Oct
2023

How to Identify and Combat It

Oct 25, 2023The Hacker NewsRansomware/ Malware Threat In today’s digital landscape, around 60% of corporate data now resides in the…

vCenter Server RCE Vulnerability
25
Oct
2023

VMware Releases Patch for Critical vCenter Server RCE Vulnerability

Oct 25, 2023NewsroomVulnerability / Cyber Threat VMware has released security updates to address a critical flaw in the vCenter Server…