the hacker news

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

Feb 26, 2025Ravie LakshmananEnterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited…

LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile

Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is…

Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware

Feb 25, 2025Ravie LakshmananMalware / Cyber Espionage Opposition activists in Belarus as well as Ukrainian military and government organizations are the target of a new campaign that employs malware-laced Microsoft Excel documents as lures to…

5 Active Malware Campaigns in Q1 2025

The first quarter of 2025 has been a battlefield in the world of cybersecurity. Cybercriminals continued launching aggressive new campaigns and refining their attack methods. Below is an overview of five notable malware families, accompanied…

2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT

Feb 25, 2025Ravie LakshmananWindows Security / Vulnerability A large-scale malware campaign has been found leveraging a vulnerable Windows driver associated with Adlice’s product suite to sidestep detection efforts and deliver the Gh0st RAT malware. “To…

GitVenom Malware Steals 6K in Bitcoin Using Fake GitHub Projects to Hijack Wallets

GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets

Feb 25, 2025Ravie LakshmananGaming / Threat Intelligence Cybersecurity researchers are calling attention to an ongoing campaign that’s targeting gamers and cryptocurrency investors under the guise of open-source projects hosted on GitHub. The campaign, which spans…

FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services

Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. “The threat was orchestrated by attackers using legitimate Chinese cloud content…

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA

Feb 25, 2025Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities…

New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer

Feb 24, 2025Ravie LakshmananEndpoint Security / Vulnerability Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab…

From .5B Crypto Heist to AI Misuse & Apple’s Data Dilemma

From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma

Feb 24, 2025Ravie Lakshmanan Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal…

« Previous
1
…
139
140
141
142
143
…
334
Next »