Category: TheHackerNews

MITRE's CVE Database
16
Apr
2025

U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert

Apr 16, 2025Ravie LakshmananVulnerability Management / Incident Response The U.S. government funding for non-profit research giant MITRE to operate and…

Malicious PyPI Package Targets
15
Apr
2025

Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders

Apr 15, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package…

Critical Apache Roller Vulnerability
15
Apr
2025

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Apr 15, 2025Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based…

Chinese Hackers Target Linux
15
Apr
2025

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

Apr 15, 2025Ravie LakshmananLinux / Malware The China-linked threat actor known as UNC5174 has been attributed to a new campaign…

Browser Extensions Can Access Sensitive Enterprise Data
15
Apr
2025

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Apr 15, 2025The Hacker NewsData Privacy / Enterprise Security Everybody knows browser extensions are embedded into nearly every user’s daily…

Python Malware Disguised as Coding Challenges
15
Apr
2025

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to…

Meta Resumes E.U. AI Training
15
Apr
2025

Meta Resumes E.U. AI Training Using Public User Data After Regulator Approval

Apr 15, 2025Ravie LakshmananArtificial Intelligence / Data Privacy Meta has announced that it will begin to train its artificial intelligence…

Critical RCE Vulnerability
15
Apr
2025

Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability

Apr 15, 2025Ravie LakshmananVulnerability / Endpoint Security A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote…

ResolverRAT Campaign
14
Apr
2025

ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading

Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare…

Phishing Campaigns Use Real-Time Checks
14
Apr
2025

Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft

Apr 14, 2025Ravie LakshmananEmail Security / Cyber Attack Cybersecurity researchers are calling attention to a new type of credential phishing…

Cybersecurity in the AI Era
14
Apr
2025

Evolve Faster Than the Threats or Get Left Behind

Apr 14, 2025The Hacker NewsCybersecurity / Security Training AI is changing cybersecurity faster than many defenders realize. Attackers are already…

Pakistan-Linked Hackers
14
Apr
2025

Pakistan-Linked Hackers Expand Targets in India with CurlBack RAT and Spark RAT

Apr 14, 2025Ravie LakshmananCyber Attack / Malware A threat actor with ties to Pakistan has been observed targeting various sectors…