The hacker new
-
Credential Theft Is (Still) A Top Attack Method
Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication,...
-
Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
A now-removed rogue package pushed to the official third-party software repository for Python has been found to deploy cryptominers on Linux...
-
Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer
Dutch authorities on Friday announced the arrest of a software developer in Amsterdam who is alleged to be working for Tornado Cash, days after the...
-
Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users
A pair of reports from cybersecurity firms SEKOIA and Trend Micro sheds light on a new campaign undertaken by a Chinese threat actor named Lucky...
-
Researchers Warn of Ongoing Mass Exploitation of Zimbra RCE Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two flaws to its Known Exploited Vulnerabilities Catalog, citing...
-
Conti Cybercrime Cartel Using 'BazarCall' Phishing Attacks as Initial Attack Vector
A trio of offshoots from the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to...
-
Hackers Behind Cuba Ransomware Attacks Using New RAT Malware
Threat actors associated with the Cuba ransomware have been linked to previously undocumented tactics, techniques and procedures (TTPs), including...
-
GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions
Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help...
-
Hackers Behind Twilio Breach Also Targeted Cloudflare Employees
Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal...
-
U.S. Sanctions Virtual Currency Mixer Tornado Cash for Alleged Use in Laundering
The U.S. Treasury Department on Monday placed sanctions against crypto mixing service Tornado Cash, citing its use by the North Korea-backed...
-
CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its...
-
Microsoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack
As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix...