Don’t Overlook These 6 Critical Okta Security Configurations
Feb 10, 2025The Hacker NewsIdentity Security / Data Protection Given Okta’s role as a critical part of identity infrastructure, strengthening...
Read more →Category: TheHackerNews
DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects
Feb 10, 2025Ravie LakshmananMalware / Web Security Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia...
Read more →
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
Feb 10, 2025Ravie LakshmananVulnerability / Data Protection Zimbra has released software updates to address critical security flaws in its Collaboration...
Read more →
XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells
Feb 10, 2025Ravie LakshmananVulnerability / Malware Threat actors have been observed exploiting multiple security flaws in various software products, including...
Read more →
Malicious ML Models Found on Hugging Face Exploit “Broken” Pickle Files to Evade Detection
Feb 08, 2025Ravie LakshmananArtificial Intelligence / Supply Chain Security Cybersecurity researchers have uncovered two malicious machine learning (ML) models on...
Read more →
DeepSeek App Transmits Sensitive User and Device Data Without Encryption
Feb 07, 2025Ravie LakshmananMobile Security / Artificial Intelligence A new audit of DeepSeek’s mobile app for the Apple iOS operating...
Read more →
CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
Feb 07, 2025The Hacker NewsVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security...
Read more →
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Feb 07, 2025Ravie LakshmananCloud Security / Web Security Microsoft is warning of an insecure practice wherein software developers are incorporating...
Read more →
AI-Powered Social Engineering: Reinvented Threats
The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It’s the...
Read more →
India’s RBI Introduces Exclusive “bank.in” Domain to Combat Digital Banking Fraud
Feb 07, 2025Ravie LakshmananFinancial Security / Regulatory Compliance India’s central bank, the Reserve Bank of India (RBI), said it’s introducing...
Read more →
Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
Feb 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp’s Remote...
Read more →
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Feb 06, 2025Ravie LakshmananCybercrime / Ransomware Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline...
Read more →