Category: TheHackerNews

Roundcube Webmail Bug
03
Jun
2025

Critical 10-Year-Old Roundcube Webmail Bug Allows Authenticated Users Run Malicious Code

Jun 03, 2025Ravie LakshmananEmail Security / Vulnerability Cybersecurity researchers have disclosed details of a critical security flaw in the Roundcube…

Understanding Help Desk Scams and How to Defend Your Organization
03
Jun
2025

Understanding Help Desk Scams and How to Defend Your Organization

In the wake of high-profile attacks on UK retailers Marks & Spencer and Co-op, Scattered Spider has been all over…

Android Trojan Crocodilus
03
Jun
2025

Android Trojan Crocodilus Now Active in 8 Countries, Targeting Banks and Crypto Wallets

Jun 03, 2025Ravie LakshmananMobile Security / Malware A growing number of malicious campaigns have leveraged a recently discovered Android banking…

Threat Actor Glossary
03
Jun
2025

Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion

Jun 03, 2025Ravie LakshmananThreat Intelligence / Cyber Threats Microsoft and CrowdStrike have announced that they are teaming up to align…

Certificate Authorities
03
Jun
2025

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

Jun 03, 2025Ravie LakshmananWeb Security / Digital Identity Google has revealed that it will no longer trust digital certificates issued…

Chrome Zero-Day
03
Jun
2025

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

Jun 03, 2025Ravie LakshmananBrowser Security / Vulnerability Google on Monday released out-of-band fixes to address three security issues in its…

Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
02
Jun
2025

Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN

Jun 02, 2025Ravie LakshmananMobile Security / Vulnerability Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from…

Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
02
Jun
2025

Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub

Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with…

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
02
Jun
2025

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

Jun 02, 2025Ravie LakshmananSpyware / Vulnerability Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have…

The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
02
Jun
2025

The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats

The evolution of cyber threats has forced organizations across all industries to rethink their security strategies. As attackers become more…

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
02
Jun
2025

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called Netbird to target…

U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation
31
May
2025

U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation

May 31, 2025Ravie LakshmananMalware / Cyber Crime A multinational law enforcement operation has resulted in the takedown of an online…