News

The Hacker News4h
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
China-linked hackers use compromised SOHO devices in espionage campaign, targeting Taiwan, the U.S., and Southeast Asia.
The Hacker News5h
PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack
The executable, as observed in prior Mustang Panda attacks, leverages DLL side-loading to launch a malicious DLL dubbed ...
The Hacker News12h
MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted
Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer ...
The Hacker News9h
Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit
A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and ...
The Hacker News15h
CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet
CISA adds 3 critical vulnerabilities to KEV catalog, affecting AMI MegaRAC, D-Link, and Fortinet, urging mitigations by July ...
The Hacker News14h
OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors
ClickOnce is offered by Microsoft as a way to install and update Windows-based applications with minimal user interaction. It ...
The Hacker News1d
Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
Iranian hackers linked to APT35 target Israeli professionals using AI-driven phishing, fake Gmail pages, and 2FA bypass.
The Hacker News1d
Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa
SaaS platforms lack comprehensive data protection, exposing organizations to data loss, compliance risks, and cyberthreats.
The Hacker News2d
North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages
Contagious Interview, first publicly documented by Palo Alto Networks Unit 42 in late 2023, is an ongoing campaign undertaken ...
The Hacker News2d
Beware the Hidden Risk in Your Entra Environment
Guest users in Entra ID may exploit billing roles to create and control subscriptions, escalating access undetected.
The Hacker News1d
Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks
A critical vulnerability in Open VSX Registry could allow attackers to control VS Code extensions, threatening millions of developers.
The Hacker News1d
WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews
Private Processing is designed to process AI requests within a secure environment called the confidential virtual machine ...