Skip to content
hacking news Page 147

hacking news

New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It

New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It

Mar 27, 2025The Hacker NewsBrowser Security / Data Protection Whether it’s CRMs, project management tools, payment processors, or lead management tools – your workforce is using SaaS applications by the pound. Organizations often rely on… 

Read More »New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms

150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms

Mar 27, 2025Ravie LakshmananMalware / Website Security An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. “The threat actor… 

Read More »150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices

Mar 27, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog,… 

Read More »CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems

NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems

Mar 27, 2025Ravie LakshmananVulnerability / Enterprise Security A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that’s used to manage data… 

Read More »NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations

New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations

Mar 26, 2025Ravie LakshmananMalware / Vulnerability The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to… 

Read More »New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware

Mar 26, 2025Ravie LakshmananWindows Security / Vulnerability The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and… 

Read More »EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

Mar 26, 2025The Hacker NewsRansomware / Endpoint Security The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor’s tradecraft. The activity,… 

Read More »RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks

Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks

Mar 26, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply… 

Read More »Malicious npm Package Modifies Local ‘ethers’ Library to Launch Reverse Shell Attacks