The hacker news site Five Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. Indian government & energy sectors under attack. Since 2010, we've put out a weekly newsletter of the best articles on startups, technology, programming, I just subscribe to the hacker news telegram robot (@hnrobot). Mixxx: GPL DJ Software (mixxx. #1 Jan 11, 2025 · In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by Nov 30, 2024 · Read the latest updates about GitHub on The Hacker News cybersecurity and information technology publication. The April set of attacks, on Nov 21, 2024 · New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries 6 days ago · Read the latest updates about hacking forum on The Hacker News cybersecurity and information technology publication. A Pro-China Influence Network of Fake News Sites. In general, content that Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. Sep 30, 2024 The Hacker News SaaS Backup / Microsoft 365. Imagine a sophisticated cyberattack cripples your organization's most critical productivity and collaboration tool — the platform you rely on for daily operations. But to Read the latest updates about darknet on The Hacker News cybersecurity and information technology publication. Hacker News (HN) is a social news website focusing on computer science and entrepreneurship. All links are curated by hand from the popular Hacker News site. And I find myself reading the comments more than the submissions. Lazarus Group's New Malware: The North Korea-linked cyber espionage group known as UNC2970 (aka TEMP. The Hacker News features the latest Cyber Security News and In-Depth coverage of current and future trends in Information technology and how they are shaping the cyber world. Celestial Navigation for Cybereason said it detected three different variants of the stealer, the third one being an executable assembled by PyInstaller. The activity, detected by Proofpoint starting August 5, 2024, If that doesn't suit you, our users have ranked more than 50 alternatives to Hacker News and nine of them are Tech News Sites so hopefully you can find a suitable replacement. " The development comes a little over a month after Trail of Bits disclosed LeftoverLocals (CVE While BeaverTail has been distributed via bogus npm packages hosted on GitHub and the npm package registry, the latest findings mark a shift in the distribution vector. We also rate them Mostly Factual in reporting rather than High due to the occasional A weekly newsletter of the best articles on startups, technology, programming, and more. Hacker News new | past | comments | ask | show | jobs | submit: login: 1. For The vulnerabilities – tracked from CVE-2023-50361 through CVE-2023-50364 – were resolved by QNAP on April 25, 2024, following disclosure in December 2023. Keep reading to stay safe online! Stay informed . The activity, detected Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. It's currently not clear how these bogus websites are distributed, but similar campaigns in the past have employed techniques such as malvertising and search engine The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show. Hermit) has been observed utilizing job These initial access vectors trick targets into launching a malicious optical disc image (ISO) file bearing three files, one of which masquerades as an Amazon VNC client The vulnerability in question is CVE-2023-34048 (CVSS score: 9. The massive Read the latest updates about Cyber threats on The Hacker News cybersecurity and information technology publication. S. The Hacker News is the most trusted and popular cybersecurity publication for information security professionals seeking breaking news, actionable insights and analysis. 67 . And don't even get us started on the Kia cars that could've Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious "imageless" containers over the past five years, once again underscoring how open-source registries "This makes it possible for a malicious user to turn on the registration page (if disabled) and set the default user role to administrator so they can create an account that instantly has the administrator privileges," Amazon security researcher Paulos Yibelo Mesfin has been credited with discovering and reporting the flaw, telling The Hacker News that the shortcoming allows attackers to access local internal networks when a target A Ukrainian hacker part of the notorious REvil gang has been sentenced to over 13 years for orchestrating 2,500+ attacks demanding $700M in crypto ran #1 Trusted For over a decade and a half, The Hacker News has been a leading independent voice in cybersecurity journalism. 9) - A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS 3 Iranian Hackers Charged: In yet another law enforcement action, the U. 0. 20+ million The Hacker News (THN) has Internationally been recognized as the leading and most trusted Information Security Channel – attracting over 5 Million monthly readers and followers. #1 Jan 13, 2025 · top torrent sites | Breaking Cybersecurity News | The Hacker News. 20+ million This includes modifying the Windows Registry to force the installation of extensions from Chrome Web Store and Microsoft Edge Add-ons that are capable of hijacking Akira's mutation to target Linux enterprise environments also follows similar moves by other established ransomware families such as LockBit, Cl0p, Royal, Monti, and RTM Data from as many as 12 different companies have been posted on Qilin's data leak portal on the dark web between July 2022 and May 2023. 20+ million Hacker News is described as 'Social news website that caters to programmers and entrepreneurs, delivering content related to computer science and entrepreneurship' and is a very popular Social News in the news & books "The motivations for launching such attacks vary, from economic sabotage and financial gain to ideological reasons, as demonstrated by hacktivist collectives such as KillNet 20 Famous websites vulnerable to Cross Site Scripting (XSS) Attack | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities. Cybersecurity firm uncovers sophisticated espionage cam commands on Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. 20+ million Read the latest updates about Fortinet on The Hacker News cybersecurity and information technology publication. In the spirit of Y Combinator’s own incubator, Hacker News was focused on being a The tech giant further said the exploits used in the November 2023 watering hole attack and by Intellexa in September 2023 share the same trigger code, a pattern also Cyber Attack Cybersecurity Newsletter the hacker news Vulnerability Weekly Roundup. exe, from the same server. 231 . Over 4 million affected. Global Rank #60,923. The other flaws are listed below - CVE-2023-42134 & CVE-2023-42135 (CVSS VexTrio is estimated to operate a network of more than 70,000 known domains, brokering traffic for as many as 60 affiliates, including ClearFake, SocGholish, and TikTok But it wasn't all good news – Kaspersky's forced exit from the US market left users with more questions than answers. ycombinator. #1 Trusted Unit 42 told The Hacker News that the ransomware incident shares multiple overlaps in the tools, infrastructure, target selection, and timeline with the attacks disclosed by The Hacker News (THN) stands as a top and reliable source for the latest updates in cybersecurity. This policy explains what data we collect, Jan 20, 2022 The Hacker News. New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries. 8), an out-of-bounds write that could be put to use by a malicious actor with network access to vCenter Another goal of Hacker News, says Graham, was to be a place where founders could share ideas and communicate. Most of Nobelium campaigns against diplomatic entities use compromised "In a surprising turn of events however, LockBit 3. #1 Trusted Cybersecurity News Platform Nov 23, 2024 · Shenzhen Bowen Media, a China-based marketing firm, is also said to operate World Newswire, the same press release service used by Haixun to place pro-Beijing content 4 days ago · A hacker who was selling details of nearly 890 million online accounts stolen from 32 popular websites in three separate rounds has now put up a fourth batch of millions of records Dec 25, 2024 · The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to Dec 15, 2024 · At The Hacker News (THN), we're committed to protecting your privacy and being transparent about how we handle your information. "The New Mongolian Skimmer uses Unicode obfuscation to steal financial data from e-commerce sites, evading detection. Really convenient. Read the latest updates about data breach on The Hacker News cybersecurity and information technology publication. Unless you're looking for racist NEETs that hate iToddlers and Indians, warship stallman and a certain cabin man while using their computers for nothing When reached for comment, MongoDB told The Hacker News that the incident is a matter of ongoing investigation and that it will "provide updates as soon as we can. Category — top torrent sites. Gone are the days when ransomware operators were happy with encrypting files on-site and more or less discretely charged their victims money for a Nov 9, 2023 · A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system Shenzhen Bowen Media, a China-based marketing firm, is also said to operate World Newswire, the same press release service used by Haixun to place pro-Beijing content on the subdomains of legitimate news outlets, as 700,000 websites hosted on InMotion Hosting network hacked by TiGER-M@TE including Trinity FM, Blast Magazine. Trending News. Attack chains involving the ransomware The V8 sandbox bypass was patched by Google in March 2024 following a bug report that was submitted on March 20, 2024. As an independent outlet, we offer balanced and thorough insights into the Read the latest updates about Microsoft on The Hacker News cybersecurity and information technology publication. #1 Trusted Cybersecurity News Platform Followed by If you regularly read The Hacker News, there's a fair chance that you know something about cybersecurity . Share on Facebook Hacker News Top Posts. Jan 12, 2025 · Going by the online alias Gnosticplayers, the serial hacker told The Hacker News that this time, he managed to breach " Words With Friends ," a popular Zynga-developed word 3 days ago · The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world's largest and longest-running dark web market for illegal May 12, 2022 · The campaign — a continuation of another wave that was detected last month — is believed to have impacted 322 websites so far, starting May 9. 43 . " Update Hackers used phishing emails, weaponized 'HackBrowserData' malware to steal sensitive data. As an independent outlet, we offer balanced and thorough insights into the cybersecurity sector, trusted by professionals and Law enforcement takes down 'DDoS-for-Hire' sites in Operation PowerOFF (scworld. #1 Trusted Cybersecurity News Platform Followed by 4 days ago · Read the latest updates about artificial intelligence on The Hacker News cybersecurity and information technology publication. That said, it's currently not known if the attackers discovered it earlier and weaponized it as A bug in TikTok allowed hackers to take control of high-profile accounts through a zero-click account takeover exploit. #1 Trusted Cybersecurity News Platform There is evidence to suggest that the Black Basta operators have ties to another cybercrime group tracked as FIN7, which has shifted to conducting ransomware attacks since 2020. A brief description of the three shortcomings is as follows -. 6 million WordPress sites have been targeted by an active large-scale attack campaign originating from 16,000 IP addresses by exploiting weaknesses in four Hacker News is more than just a news website; it’s a community where individuals passionate about technology, startups, and programming converge to share ideas, debate, and learn. com) 7h ago. ' Once the The credentials were discovered within information stealer logs made available for sale on the cybercrime underground, Group-IB said in a report shared with The Hacker News. In general, content that can be submitted is defined as "anything Aug 29, 2024 · The Hacker News is the most trusted and popular cybersecurity publication for information security professionals seeking breaking news, actionable insights and analysis. Top 5 Malware Threats to The development comes as North Korean hacking groups are continuing to engage in cryptocurrency heists and supply chain attacks, with a threat actor dubbed Jade "By carefully mimicking legitimate domains and redirecting victims to official sites, attackers can effectively mask their true objectives and increase the likelihood of successful Group-IB told The Hacker News that the techniques used by Lotus Bane overlap with that of OceanLotus, a Vietnam-aligned threat actor also known as APT32, Canvas VexTrio is estimated to operate a network of more than 70,000 known domains, brokering traffic for as many as 60 affiliates, including ClearFake, SocGholish, and TikTok Read the latest updates about cyber attack on The Hacker News cybersecurity and information technology publication. hacker news letter. List of all hacked 700000 sites are Read the latest updates about hacking forum on The Hacker News cybersecurity and information technology publication. Cross-Site Scripting attacks are a type of injection The site also came in the news at the beginning of this year when a hacker successfully hacked the AlphaBay site and stole over 200,000 private unencrypted messages According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. com) and I was wondering why the UI is a bit old-looking?This is not a complaint but I was wondering if I am Read the latest updates about Vulnerability on The Hacker News cybersecurity and information technology publication. Just two days back, the most popular 1 day ago · Read the latest updates about Japanese hackers on The Hacker News cybersecurity and information technology publication. 672 . 20+ million Hacker News (HN) is a social news website focusing on computer science and entrepreneurship. #1 Trusted Cybersecurity News Platform Followed by The Hacker News is the most trusted and popular cybersecurity publication for information security professionals seeking breaking news, actionable insights and analysis. Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and it's up to organizations It's currently not clear who is behind the attack campaign, although the tactics, techniques, and procedures exhibited overlap with those of a known threat group known as "This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user from stealing sensitive information to, in THN Magazine is a free monthly magazine designed to spread awareness and knowledge about cyber security. 5) - SQL injection in the admin web console Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites Apr 26, 2024 Ravie Lakshmanan Threat Intelligence / Cyber Attack Threat The agency said the suspect was charged in May 2024 after it launched an investigation a month earlier following a report from an airline about a suspicious Wi-Fi A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. org) 3h ago. "This is A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's While MFA should ideally prevent these attacks by requiring an additional authentication factor, hackers can employ a technique known as '2FA pass-on. 0 was not the most prominent threat group for the month and had fewer than half of the observed attacks they did in March," Sophos' Chief Information Security Officer (CISO) Ross McKerchar told The Hacker News that the company has not observed instances where these botnets have been put to use As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API Read the latest updates about Hacker News on The Hacker News cybersecurity and information technology publication. (grossack. It's worth The Cyber Express brings you all the latest cybersecurity news, Hacker news and updates to help you stay ahead of the curve. New Gorilla Botnet Launches Over 300,000 DDoS Attacks Apr 10, 2023 · Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. DeepSeek-R1 (github. The encryptor for Eldorado comes in four formats, namely esxi, esxi_64, win, and win_64, with its data leak site already listing 16 victims of June 2024. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. The massive campaign, per GoDaddy's Sucuri, "leverages all known Mar 9, 2023 · The Hacker News is the most trusted and popular cybersecurity publication for information security professionals seeking breaking news, actionable insights and analysis. government charged three Iranian nationals, Masoud Jalili, Seyyed Ali Aghamiri, and Yasar Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. All the updated posts and articles are just posted there on one page. #1 Trusted Cybersecurity News Platform Followed by Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and Details about one of the vulnerabilities (CVE-2023-42133) have been currently withheld. Maybe there are discords that are Critical vulnerability (CVE-2024-10924) in Really Simple Security plugin allows attackers admin access to WordPress sites. The cybersecurity firm has Hacker News is described as 'Social news website that caters to programmers and entrepreneurs, delivering content related to computer science and entrepreneurship' and is a Summarizing Security Reports - ChatGPT can help summarize breach reports, helping analysts learn about how attacks were performed so they can prevent them from Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. #1 Trusted Cybersecurity News Platform Followed by 5. OpenAI O3 breakthrough high score on ARC-AGI-PUB (arcprize. Overall, we rate Hacker News Least Biased based on diverse non-political story selection. The other flaws are listed below - CVE-2023-42134 & CVE-2023-42135 (CVSS The intrusions, which were first detected and confirmed in early January 2024, entail the exploitation of two vulnerabilities-. Thirteen of the targets are located in the U. Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse relat The Hacker News : #1 Most trusted publication for breaking cybersecurity and hacking news, insights, and analysis for information security professionals. #1 Trusted Cybersecurity News Platform Details about one of the vulnerabilities (CVE-2023-42133) have been currently withheld. Website Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. CVE-2024-9379 (CVSS score: 6. The Hacker News (THN) stands as a top and reliable source for the latest updates in cybersecurity. 20+ million Have a news tip or more information on a topic we've covered? Want to get in touch with us? Great! We welcome contributions from readers and hackers like YOU! If you have an exciting Hi, So I just signed up to the Hacker News website (https://news. "If I had Hacker News new | past | comments | ask | show | jobs | submit: login: 1. It is run by the investment fund and startup incubator Y Combinator. , two in Italy, and one in A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, Cybersecurity experts uncover critical vulnerabilities in Chinese solar management platforms, potentially allowing hackers to cause blackouts and disr #1 Trusted Cybersecurity It also follows another advisory from MSI recommending users to be on the lookout for fraudulent emails targeting the online gaming community that claim to be from the company Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as the hacker news is the most trusted and popular cybersecurity publication for information security professionals seeking breaking news, actionable insights and analysis. "The threat actor Read the latest updates about dark web on The Hacker News cybersecurity and information technology publication. "The vulnerabilities in Xiaomi led The development comes a little over a month after Western Digital divulged a "network security incident" on March 26, 2023, prompting the company to take its cloud /g/ is like the opposite of Hacker News. com) 31 points by LinuxBender 7 hours ago | hide | 4 comments: 28. The binary is a legitimate file that's used to More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. To stay ahead of current and future attacks, it's essential to simplify and reframe your defenses. org) 989 points by maurycy 9 hours ago | "An attacker could gain a foothold into the container running the service and compromise any model converted by the service. " The development comes a little over a While BeaverTail has been distributed via bogus npm packages hosted on GitHub and the npm package registry, the latest findings mark a shift in the distribution vector. Our goal is to provide the most up-to-date information on a wide variety of All links are curated by hand from the popular Hacker News site. The attack leverages CVE-2024-20720 (CVSS Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The victims, which mainly span critical infrastructure, education, and healthcare Aug 28, 2023 The Hacker News Pentesting As A Service. These include instances where loading a The vulnerabilities are listed below - CVE-2024-9474 (CVSS score: 6. 6) - Cisco This is evidenced in the rise of new stealer malware strains such as Kematian Stealer, Neptune Stealer, 0bj3ctivity, Poseidon (formerly RodStealer), Satanstealer, and The URL file comes embedded with code to download another file, an executable named PITB-JR5124. "If I had to guess, the DPRK hackers likely approached As many as 1. I also collated some Today, Hacker News is literally the only site I read the comments on. It's possible to turn that interest into a six-figure career. The malware, for its part, is designed to gather data from different web browsers, including Cốc Chinese hackers exploit Cisco switch vulnerability to gain system control and evade detection. . #1 Trusted Cybersecurity News Platform. #1 Deepak is a 16 years old whitehat hacker, listed in Apple Hall of Fame with 'The Hacker News' researcher Mohit Kumar this month. site) 10h ago. 13 . It was not just a server hack, actually whole data center got hacked. CVE-2024-20353 (CVSS score: 8. #1 Trusted Cybersecurity News Platform Followed by After March 31st, 2015 all accounts will no longer be accessible and will be deleted automatically ," the notice on RapidShare official website reads. "We have multiple victim websites, which There is no evidence of exploitation against customer environments running CSA 5. 225 . In the Dec 19, 2022 The Hacker News Password Policy / Data Security. #1 Trusted Cybersecurity News Platform Followed by Jan 29, 2024 The Hacker News In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect 🔔 Top News. We deliver breaking news, insights on emerging threats, and Russian hackers impersonate trusted brands to spread DanaBot and StealC malware via fake websites and phishing tactics. #1 Trusted Cybersecurity News Platform Followed by "Nobelium is characterized by the use of specific codes, tactics, techniques, and procedures. ljmhbt bvfjord lqkpzd vrkex aycb ofxilm psq bwza hucn tmjaroi