Skip to content
hacker news Page 19

hacker news

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform

Nov 15, 2024Ravie LakshmananArtificial Intelligence / Vulnerability Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models… 

Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia

Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia

Nov 15, 2024Ravie LakshmananMalware / Credential Theft A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer.… 

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Nov 15, 2024Ravie LakshmananVulnerability / Database Security Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code… 

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering .5 Billion in Bitcoin

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday. Lichtenstein was charged for his… 

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

Nov 15, 2024Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition have come under active exploitation in the… 

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme

Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. The findings come from… 

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Nov 14, 2024Ravie LakshmananArtificial Intelligence / Cryptocurrency Google has revealed that bad actors are leveraging techniques like landing page cloaking to conduct scams by impersonating legitimate sites. “Cloaking is specifically designed to prevent moderation systems…