The Hacker News1h
CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
CISA flags Array Networks flaw CVE-2023-28461 for active exploitation; agencies urged to patch by December 16.
The Hacker News17h
Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks
Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code ...
The Hacker News16h
PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot
Signs of malicious activity were first spotted in version 0.1.13 of the library, which included a change to the Python script ...
The Hacker News16h
Google's New Restore Credentials Tool Simplifies App Login After Android Migration
Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps ...
The Hacker News19h
Flying Under the Radar - Security Evasion Techniques
Discover how modern phishing attacks use advanced evasion techniques to bypass security and target sensitive data.
The Hacker News13h
Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future
Verizon DBIR shows 180% surge in vulnerability exploits. Learn Zero Trust principles to counter modern threats.
The Hacker News19h
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18 - Nov 24)
From state-sponsored hacks targeting telecom giants to critical vulnerabilities putting thousands at risk, this week’s news ...
The Hacker News2d
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Microsoft and Google expose China-based cyber threats Storm-2077 and GLASSBRIDGE, targeting U.S. agencies and amplifying ...
The Hacker News2d
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of ...
The Hacker News4d
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
Cybersecurity researchers have discovered two malicious packages uploaded to the Python Package Index (PyPI) repository that ...
The Hacker News3d
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
APT-K-47, aka Mysterious Elephant, exploits Hajj themes and Asyncshell malware in Pakistan-targeted cyberattacks.
The Hacker News5d
Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
Critical Ubuntu needrestart flaws allow local root privilege escalation; update immediately to safeguard systems.