LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
Jan 03, 2025Ravie LakshmananWindows Server / Threat Mitigation A proof-of-concept (PoC) exploit has been released for a now-patched security flaw...
Read more →Category: TheHackerNews
Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption
Jan 03, 2025Ravie LakshmananDevOps / Software Development Microsoft has announced that it’s making an “unexpected change” to the way .NET...
Read more →
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations
Jan 03, 2025Ravie LakshmananTechnology / Data Privacy Apple has agreed to pay $95 million to settle a proposed class action...
Read more →
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Jan 02, 2025Ravie LakshmananVulnerability / Data Protection Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power...
Read more →
Three Russian-German Nationals Charged with Espionage for Russian Secret Service
Jan 02, 2025Ravie LakshmananCyber Espionage / Hacking German prosecutors have charged three Russian-German nationals for acting as secret service agents...
Read more →
A Growing Threat to Modern Security and How to Combat Them
Jan 02, 2025The Hacker NewsCloud Security / Threat Intelligence In the past year, cross-domain attacks have gained prominence as an...
Read more →
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities...
Read more →
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites
Jan 01, 2025Ravie LakshmananWeb Security / Vulnerability Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a...
Read more →
Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics
Jan 01, 2025Ravie LakshmananGenerative AI / Election Interference The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday...
Read more →
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
Dec 31, 2024Ravie LakshmananData Security / Privacy The U.S. Department of Justice (DoJ) has issued a final rule carrying out...
Read more →
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
Dec 31, 2025Ravie LakshmananVulnerability / Incident Response The United States Treasury Department said it suffered a “major cybersecurity incident” that...
Read more →
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could...
Read more →