The Hacker News2h
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit ...
The Hacker News4h
Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks
Docker API servers are under attack as hackers deploy SRBMiner to mine XRP illicitly. Learn more about this threat.
The Hacker News7h
Finding Service Accounts in Active Directory
Learn how to locate and secure service accounts in Active Directory, and discover Silverfort’s automated protection.
The Hacker News12h
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way ...
The Hacker News13h
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ...
The Hacker News8h
Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies
Malware families Bumblebee and Latrodectus resurface in phishing campaigns targeting personal data and financial sectors.
The Hacker News9h
Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor
This is not the first time rogue packages with similar functionality have been discovered in the npm registry. In August 2023 ...
The Hacker News1d
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
Critical cryptographic flaws in top E2EE cloud platforms risk user data, allowing file tampering and injection.
The Hacker News1d
Guide: The Ultimate Pentest Checklist for Full-Stack Security
Creating a detailed pentest checklist is essential for performing thorough and effective security assessments. This first ...
The Hacker News2d
Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials
The attack chain, per Positive Technologies, is an attempt to exploit CVE-2024-37383 (CVSS score: 6.1), a stored cross-site ...
The Hacker News1d
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)
Hackers are getting smarter, but so are we! From macOS flaws to TrickMo Android trojans, here's what you need to know to s ...
The Hacker News4d
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
North Korean IT workers posing as freelancers steal data from Western firms, demanding ransoms for its return.