The Hacker News2h
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code ...
The Hacker News1h
PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
Signs of malicious activity were first spotted in version 0.1.13 of the library, which included a change to the Python script ...
The Hacker News1h
Google's New Restore Credentials Tool Simplifies App Login After Android Migration
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps ...
The Hacker News4h
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)
From state-sponsored hacks targeting telecom giants to critical vulnerabilities putting thousands at risk, this week’s news ...
The Hacker News3h
Flying Under the Radar - Security Evasion Techniques
Discover how modern phishing attacks use advanced evasion techniques to bypass security and target sensitive data.
The Hacker News2d
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Microsoft and Google expose China-based cyber threats Storm-2077 and GLASSBRIDGE, targeting U.S. agencies and amplifying ...
The Hacker News2d
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of ...
The Hacker News2d
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
APT-K-47, aka Mysterious Elephant, exploits Hajj themes and Asyncshell malware in Pakistan-targeted cyberattacks.
The Hacker News3d
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
TAG-110's use of HATVIBE and CHERRYSPY was first documented by CERT-UA back in late May 2023 in connection with a cyber ...
The Hacker News4d
Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects
Google’s AI tool OSS-Fuzz uncovers 26 vulnerabilities, including a decades-old OpenSSL flaw, boosting open-source security.
The Hacker News3d
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
Palo Alto Networks, which is tracking the initial zero-day exploitation of the flaws under the name Operation Lunar Peek, ...
The Hacker News5d
China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks
China-linked "Liminal Panda" exploits telecom vulnerabilities in South Asia and Africa, using advanced malware for espionage ...