Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. […]
RedGolf Hackers Linked to Fortinet Zero-Day Exploits and Cyber Attack Tools
Security researchers have linked the notorious RedGolf hacking group to…
Hackers Bypassed Windows Defender Policies Using WinDbg Preview via Microsoft Store
A newly documented technique reveals how attackers can exploit the…
Hackers Claim to Sell ‘Baldwin Killer’ Malware That Evades AV and EDR
A notorious threat actor has allegedly begun selling “Baldwin Killer,”…
5 Reasons Device Management Isn’t Device Trust
The problem is simple: all breaches start with initial access,…
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Can a harmless click really lead to a full-blown cyberattack?…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
RedGolf Hackers Linked to Fortinet Zero-Day Exploits and Cyber Attack Tools
Security researchers have linked the notorious RedGolf hacking group to…
⚡ THN Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Can a harmless click really lead to a full-blown cyberattack?…
5 Reasons Device Management Isn’t Device Trust
The problem is simple: all breaches start with initial access,…
Hackers Claim to Sell ‘Baldwin Killer’ Malware That Evades AV and EDR
A notorious threat actor has allegedly begun selling “Baldwin Killer,”…
Hackers Bypassed Windows Defender Policies Using WinDbg Preview via Microsoft Store
A newly documented technique reveals how attackers can exploit the…
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
The China-linked threat actor known as UNC5174 has been attributed…
Medusa Rides Momentum From Ransomware-as-a-Service Pivot
Shifting to a RaaS business model has accelerated the group's…
DeepSeek Generating Fully Working Keyloggers & Data Exfiltration Tools
Security researchers at Unit 42 have successfully prompted DeepSeek, a…
Orion Security Startup Tackles Insider Threats With AI
The data loss prevention company emerges from stealth with an…
Hackers Could Drop Teams Malware via Browser’s Cache Smuggling
A novel attack vector combining browser cache exploitation and DLL…
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans […]
Chinese Hacker Group Mustang Panda Bypass EDR Detection With New Hacking Tools
The China-sponsored hacking group, Mustang Panda, has been uncovered by Zscaler ThreatLabz to employ new techniques and tools, including the updated backdoor ToneShell and a […]
CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports of possible unauthorized access to a legacy Oracle Cloud environment. While […]
Critical Flaw in PHP’s extract() Function Enables Arbitrary Code Execution
A critical vulnerability in PHP’s extract() function has been uncovered, enabling attackers to execute arbitrary code by exploiting memory corruption flaws. The issue affects PHP versions 5.x, […]
Intel Sells 51% Stake in Altera to Silver Lake in $8.75 Billion Deal
Intel Corporation has announced the divestiture of a 51% stake in its Altera division to Silver Lake, valuing the programmable logic company at $8.75 billion. […]
Agent Tesla Malware Uses Multi-Stage Attacks with PowerShell Scripts
Researchers from Palo Alto Networks have uncovered a series of malicious spam campaigns leveraging the notorious Agent Tesla malware through intricate, multi-stage infection vectors. The […]
Middle East, North Africa Security Spending to Top $3B
Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth. The original […]
Google Removes 5.5 Billion Malicious Ads, Suspends 700,000+ Offending Advertisers
Google has announced the removal of 5.5 billion malicious advertisements and the suspension of over 700,000 offending advertiser accounts in 2024, according to its recently […]
Hacker Leaks 33,000 Employee Records in Third-Party API Breach
A hacker has exposed the personal records of over 33,000 employees after discovering unrestricted endpoints belonging to a major technology service provider. The breach, first […]