The Hacker News2h
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
The probe has also uncovered two security flaws in Privileged Remote Access (PRA) and Remote Support (RS) products ...
The Hacker News2h
Dozens of Chrome Extensions Hacked, Exposing Millions of Users to Data Theft
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and ...
The Hacker News1d
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow ...
The Hacker News20h
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy
New DoJ rule halts sensitive data sales to adversaries like China, effective in 90 days, ensuring robust penalties and protections.
The Hacker News1d
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
HHS proposes new HIPAA rules to combat rising cyber threats, including 72-hour data restoration, encryption mandates, and ...
The Hacker News1d
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions
Over 2 million users exposed to malicious browser extensions targeting GenAI, VPNs, and productivity tools. Audit now!
The Hacker News1d
âš¡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Both the companies said they don't detect any malicious activity at this point, and that the attacks singled out a "small ...
The Hacker News1d
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
CVE-2024-12856 flaw in Four-Faith routers enables OS command injection via default credentials, exposing over 15,000 devices ...
The Hacker News4d
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
OtterCookie, a new JavaScript malware by North Korean hackers, steals data via Socket.IO and funds nuclear programs.
The Hacker News5d
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
D-Link vulnerabilities power Mirai and Kaiten botnets, spreading globally. CAPSAICIN botnet targets East Asia with intense ...
The Hacker News5d
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java ...
The Hacker News6d
Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware ...