News

The Hacker News6h
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web ...
The Hacker News8h
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and ...
The Hacker News12h
The Secret Defense Strategy of Four Critical Industries Combating Advanced Cyber Threats
Government agencies are continuously targeted by advanced persistent threats (APTs) from nation-state adversaries, requiring ...
The Hacker News8h
Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU
Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, ...
The Hacker News17h
Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions
Cybersecurity researchers have warned of a new spear-phishing campaign that uses a legitimate remote access tool called ...
The Hacker News11h
⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More
"When used together, CAV and crypting services allow criminals to obfuscate malware, making it undetectable and enabling ...
The Hacker News13h
Identity-First Security: A Multilayered Approach to Reducing Identity Attack Risk
Identities are today’s top attack vector. Here's how to build a layered security approach that reduces privilege risk across ...
The Hacker News2d
U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation
To that effect, the U.S. Department of Justice (DoJ) said it seized four domains and their associated server facilitated the ...
The Hacker News3d
New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data
New Rust-based EDDIESTEALER spreads via fake CAPTCHA pages, stealing credentials and bypassing Chrome encryption.
The Hacker News4d
DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints
DragonForce exploited three SimpleHelp CVEs to hijack an MSP’s RMM tool, steal data, and deploy ransomware on customer ...
The Hacker News3d
U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud
The U.S. Department of Treasury's Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based ...
The Hacker News3d
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access — Even When Uploading Just One File
Cybersecurity researchers have discovered a security flaw in Microsoft's OneDrive File Picker that, if successfully exploited ...