The Hacker News4h
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) ...
The Hacker News5h
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Salt Typhoon
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity ...
The Hacker News2d
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
New Sneaky 2FA phishing kit targets Microsoft 365 accounts, bypassing 2FA using QR codes and anti-analysis measures.
The Hacker News2d
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Three critical vulnerabilities in WGS-804HPT switches, including two CVSS 9.8 flaws, allow remote code execution.
The Hacker News3d
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024
Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester). Stolen ...
The Hacker News3d
Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions
Misconfigured on-prem applications bypass Microsoft's NTLMv1 block in Active Directory, exposing sensitive data risks.
The Hacker News2d
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Millions of PHP servers compromised by Python bots using GSocket to target Indonesian users with gambling redirects.
The Hacker News3d
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks
Patch critical SimpleHelp vulnerabilities, including CVE-2024-57727 and CVE-2024-57728, to prevent admin credential theft and ...
The Hacker News4d
North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains
North Korean hackers stole $1.34 billion in 2024, targeting cryptocurrency exchanges and blockchain firms globally.
The Hacker News4d
Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware
Sekoia said the HATVIBE attack sequence demonstrates targeting and technical overlaps with APT28-related Zebrocy campaigns, ...
The Hacker News3d
Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager
Ivanti patches four EPM vulnerabilities (CVSS 9.8) and updates Avalanche and Application Control Engine. No exploitation ...
The Hacker News3d
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their ...