TheHackerNews
-
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
In what's a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake...
-
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook...
-
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and...
-
Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as a trick to evade detection and deploy an...
-
THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
Any app that can improve business operations is quickly added to the SaaS stack. However, employees don't realize that this SaaS-to-SaaS...
-
GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations "out of an...
-
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing...
-
Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites
Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000...
-
Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts
Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to...
-
Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct...
-
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage....
-
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set...
-
German and South Korean Agencies Warn of Kimsuky's Expanding Cyber Attack Tactics
German and South Korean government agencies have warned about cyber attacks mounted by a threat actor tracked as Kimsuky using rogue browser...
-
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released eight Industrial Control Systems (ICS) advisories on Tuesday, warning...
-
ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
The North Korean advanced persistent threat (APT) actor dubbed ScarCruft is using weaponized Microsoft Compiled HTML Help (CHM) files to download...