North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
The North Korean threat actor linked to the Contagious Interview campaign has been observed merging some of the functionality of two of its malware programs,…
Category: TheHackerNews
Your First and Last Line of Defense
Oct 17, 2025The Hacker NewsArtificial Intelligence / Identity Security The danger isn’t that AI agents have bad days — it’s that they never do. They…
Your First and Last Line of Defense
Oct 17, 2025The Hacker NewsArtificial Intelligence / Identity Security The danger isn’t that AI agents have bad days — it’s that they never do. They…
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
Oct 17, 2025Ravie LakshmananVulnerability / VPN Security Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow…
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Oct 17, 2025Ravie LakshmananMalware / Cybercrime Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as…
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets
Oct 16, 2025Ravie LakshmananVulnerability / Malware An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a…
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such…
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
Oct 16, 2025Ravie LakshmananMalware / Blockchain A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging…
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks
Oct 16, 2025Ravie LakshmananVulnerability / Linux Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS…
Beware the Hidden Costs of Pen Testing
Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and…
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack
Oct 16, 2025Ravie LakshmananVulnerability / Data Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience…
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months
A threat actor with ties to China has been attributed to a five-month-long intrusion targeting a Russian IT service provider, marking the hacking group’s expansion…