hacker news

Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages

Mar 20, 2025Ravie LakshmananCybercrime / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat). The campaign, detected earlier…

Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners

Mar 19, 2025Ravie LakshmananThreat Intelligence / Cryptojacking Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier…

Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia

Mar 19, 2025Ravie LakshmananCybercrime / Threat Intelligence The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities. The…

Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen

Mar 19, 2025The Hacker NewsIdentity Security / Webinar In today’s digital world, security breaches are all too common. Despite the many security tools and training programs available, identity-based attacks—like phishing, adversary-in-the-middle, and MFA bypass—remain a…

ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers

Mar 19, 2025Ravie LakshmananCloud Security / Web Security The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures to trick users into downloading malware such as Lumma Stealer…

5 Identity Threat Detection & Response Must-Haves for Super SaaS Security

Mar 19, 2025The Hacker NewsSaaS Security / Threat Detection Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on…

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems

Mar 19, 2025Ravie LakshmananVulnerability / Network Security Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could…

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise

Mar 19, 2025Ravie LakshmananVulnerability / DevSecOps The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities…

New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors

Mar 18, 2025Ravie LakshmananAI Security / Software Security Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and…

Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017

Mar 18, 2025Ravie LakshmananVulnerability / Windows Security An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and…

« Previous
1
…
152
153
154
155
156
…
357
Next »