The Hacker News36 分钟
XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
Cybersecurity experts discover a year-long npm attack stealing sensitive data and mining cryptocurrency via hidden ...
The Hacker News17 小时
Wanted Russian Cybercriminal Linked to Hive and LockBit Ransomware Has Been Arrested
A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law ...
The Hacker News1 天
Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks
Rockstar 2FA phishing kit bypasses MFA, stealing Microsoft 365 credentials via AitM attacks and trusted platforms.
The Hacker News1 天
Protecting Tomorrow's World: Shaping the Cyber-Physical Future
Threats now span beyond cyberspace. As we've mentioned, they now include physical security breaches (e.g., open doors to ...
The Hacker News1 天
Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks
Microsoft patches four critical security flaws, including an exploited privilege escalation vulnerability in Partner Center.
The Hacker News1 天
U.S. Citizen Sentenced for Spying on Behalf of China's Intelligence Agency
A 59-year-old U.S. citizen who immigrated from the People's Republic of China (PRC) has been sentenced to four years in ...
The Hacker News2 天
Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware
"Cybercriminals have been taking advantage of Godot Engine to execute crafted GDScript code which triggers malicious commands ...
The Hacker News3 天
Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels
Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and ...
The Hacker News4 天
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks
RomCom exploits Firefox and Windows zero-day flaws to deliver malware via fake websites in Europe and North America.
The Hacker News2 天
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP
Advantech patches critical flaws in industrial Wi-Fi devices enabling remote code execution and persistent access.
The Hacker News3 天
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages ...
The Hacker News7 天
Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites
Microsoft and Google expose China-based cyber threats Storm-2077 and GLASSBRIDGE, targeting U.S. agencies and amplifying ...