Skip to content
hacking news Page 51

hacking news

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry

Aug 06, 2024Ravie LakshmananMalware / Windows Security The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems,… 

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Aug 06, 2024Ravie LakshmananMobile Security / Vulnerability Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been… 

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

Aug 06, 2024Ravie LakshmananEnterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve… 

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Aug 05, 2024Ravie LakshmananThreat Intelligence / Vulnerability Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising… 

Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks

Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks

Aug 05, 2024Ravie LakshmananNetwork Security / Threat Intelligence Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). “The program selling… 

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

Aug 05, 2024Ravie LakshmananNetwork Security / Vulnerability A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.… 

New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data

New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data

Aug 05, 2024Ravie LakshmananMobile Security / Financial Security Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information. “BlankBot features a range of malicious…