The Hacker News16m
CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
CISA flags Array Networks flaw CVE-2023-28461 for active exploitation; agencies urged to patch by December 16.
The Hacker News16h
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code ...
The Hacker News15h
PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
Signs of malicious activity were first spotted in version 0.1.13 of the library, which included a change to the Python script ...
The Hacker News14h
Google's New Restore Credentials Tool Simplifies App Login After Android Migration
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps ...
The Hacker News11h
Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future
Verizon DBIR shows 180% surge in vulnerability exploits. Learn Zero Trust principles to counter modern threats.
The Hacker News18h
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)
From state-sponsored hacks targeting telecom giants to critical vulnerabilities putting thousands at risk, this week’s news ...
The Hacker News17h
Flying Under the Radar - Security Evasion Techniques
Discover how modern phishing attacks use advanced evasion techniques to bypass security and target sensitive data.
The Hacker News2d
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of ...
The Hacker News2d
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Microsoft and Google expose China-based cyber threats Storm-2077 and GLASSBRIDGE, targeting U.S. agencies and amplifying ...
The Hacker News3d
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
APT-K-47, aka Mysterious Elephant, exploits Hajj themes and Asyncshell malware in Pakistan-targeted cyberattacks.
The Hacker News4d
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
Palo Alto Networks, which is tracking the initial zero-day exploitation of the flaws under the name Operation Lunar Peek, ...
The Hacker News5d
Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
Critical Ubuntu needrestart flaws allow local root privilege escalation; update immediately to safeguard systems.