News

The Hacker News15h
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
New BeyondTrust research shows statistical models outperform heuristics in detecting Kerberoasting attacks. Better accuracy, ...
The Hacker News13h
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
Coyote malware uses Windows UI Automation to target 75 banks and crypto sites in Brazil, risking credential theft.
The Hacker News17h
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ...
The Hacker News13h
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
CISA flags Microsoft SharePoint flaws under active attack by Chinese hackers. U.S. agencies must patch by July 23 ...
The Hacker News20h
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
The cybersecurity firm noted that the vulnerabilities could allow attackers to inject unsafe XML entities into the web ...
The Hacker News20h
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.
The Hacker News9h
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day security flaws in various web applications to deploy cryptocurrency miners.