The Hacker News1h
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
LockBit's developer charged for enabling global ransomware attacks netting $500M; U.S. leads extradition effort.
The Hacker News1h
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a ...
The Hacker News1h
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
CVE-2024-53677: Critical 9.5 CVSS Apache Struts flaw enables remote code execution; patch now in version 6.4.0.
The Hacker News1d
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
Lazarus Group's CookiePlus malware targets nuclear engineers, showcasing DPRK's evolving arsenal and $1.34B in 2024 crypto ...
The Hacker News1d
HubPhish Abuses HubSpot Tools to Target 20,000 European Users for Credential Theft
Phishers exploit HubSpot Free Forms to target 20,000 European users, compromising Azure accounts and bypassing security ...
The Hacker News1d
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
The security vendor said CVE-2024-12727 impacts about 0.05% of devices, whereas CVE-2024-12728 affects approximately 0.5% of ...
The Hacker News1d
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
Fortinet EMS flaw (CVE-2023-48788, CVSS 9.3) exploited globally, dropping remote access tools and stealing credentials.
The Hacker News1d
The Hacker News | #1 Trusted Cybersecurity News Site — Index Page
The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of ...
The Hacker News1d
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Default passwords on Juniper SSR devices exploited by Mirai botnet malware for DDoS attacks. Update credentials and audit ...
The Hacker News1d
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
CISA lists CVE-2024-12356, a critical BeyondTrust flaw, as actively exploited. Update on-prem systems to patch ...
The Hacker News1d
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
UAC-0125 uses Cloudflare Workers to distribute fake Army+ malware, targeting Ukraine's military for remote access ...
The Hacker News1d
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Fortinet patches critical flaws in FortiWLM and FortiManager. CVE-2023-34990 risks sensitive data, while CVE-2024-48889 ...