Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
Jun 04, 2025Ravie Lakshmanan Threat Intelligence / Data Breach Google has disclosed details of a financially motivated threat cluster that...
Read more →Category: TheHackerNews
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Jun 04, 2025Ravie LakshmananLinux / Malware Threat hunters are calling attention to a new variant of a remote access trojan...
Read more →
Why Traditional DLP Solutions Fail in the Browser Era
Jun 04, 2025The Hacker NewsBrowser Security / Enterprise Security Traditional data leakage prevention (DLP) tools aren’t keeping pace with the...
Read more →
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets,...
Read more →
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Jun 04, 2025The Hacker NewsVulnerability / DevOps Hewlett Packard Enterprise (HPE) has released security updates to address as many as...
Read more →
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
Jun 03, 2025Ravie LakshmananUnited States Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting...
Read more →
Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code
Jun 03, 2025Ravie LakshmananEmail Security / Vulnerability Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube...
Read more →
Understanding Help Desk Scams and How to Defend Your Organization
In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over...
Read more →
Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets
Jun 03, 2025Ravie LakshmananMobile Security / Malware A growing number of malicious campaigns have leveraged a recently discovered Android banking...
Read more →
Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion
Jun 03, 2025Ravie LakshmananThreat Intelligence / Cyber Threats Microsoft and CrowdStrike have announced that they are teaming up to align...
Read more →
Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues
Jun 03, 2025Ravie LakshmananWeb Security / Digital Identity Google has revealed that it will no longer trust digital certificates issued...
Read more →
New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch
Jun 03, 2025Ravie LakshmananBrowser Security / Vulnerability Google on Monday released out-of-band fixes to address three security issues in its...
Read more →