Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

The Hacker News

20 articles

The Hacker News Supply Chain Oracle Intel Jun 17

144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artifi...

T1195

The Hacker News →

The Hacker News CVE Jun 17

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S.

1 IOC

The Hacker News →

The Hacker News General Google Palo Alto Networks Jun 16

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload an...

The Hacker News →

The Hacker News Malware Jun 16

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemki...

The Hacker News →

The Hacker News Malware Google Jun 16

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs...

The Hacker News →

The Hacker News General Intel Jun 16

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, an...

The Hacker News →

The Hacker News CVE Amazon Fortinet Intel Jun 16

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared o...

3 IOCs

The Hacker News →

The Hacker News Malware Microsoft Linux Jun 16

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The W...

The Hacker News →

The Hacker News Campaigns Microsoft Jun 16

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account...

T1566

The Hacker News →

The Hacker News CVE Cisco Jun 16

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The v...

1 IOC

The Hacker News →

The Hacker News CVE Jun 16

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

The U.S.

T1548 1 IOC

The Hacker News →

The Hacker News Malware Google Jun 15

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive r...

T1041

The Hacker News →

The Hacker News Campaigns Proofpoint Jun 15

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagi...

T1566

The Hacker News →

The Hacker News Vulnerability Disclosure Jun 15

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsid...

The Hacker News →

The Hacker News Phishing Microsoft Jun 15

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterpris...

T1566 T1041 T1598

The Hacker News →

The Hacker News Phishing Google Apple Jun 15

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

Stuff broke again. Not in a movie way.

T1566 T1598

The Hacker News →

The Hacker News General Jun 15

The Onboarding Password Mistake That Creates Unnecessary Risk

Employee onboarding is a busy time for IT teams. New starters need devices, accounts, access permissions, and passwords, all delivered within a tight timeframe.

The Hacker News →

The Hacker News General Google Jun 15

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially un...

The Hacker News →

The Hacker News General Oracle WordPress Jun 15

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way t...

The Hacker News →

The Hacker News General Jun 15

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

Cybersecurity researchers have disclosed details of fraudulent activity targeting users across the Middle East and North Africa by employing various fraudule...

The Hacker News →

«Previous page 1 ... 8 9 10 11 12 ... 24 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA