This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T20:25:21+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to pay the U.S. state of Texas nearly $1.4 billion to settle two lawsuits that accused the company of tracking users\' personal location and maintaining their facial recognition data without consent. The $1.375 billion payment dwarfs the fines the tech giant has paid to settle similar lawsuits brought by other U.S. states. In November 2022, it paid $391 million to a group of 40]]> 2025-05-10T12:24:00+00:00 https://thehackernews.com/2025/05/google-pays-1375-billion-to-texas-over.html www.secnews.physaphae.fr/article.php?IdArticle=8674003 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Germany\'s Federal Criminal Police Office (aka Bundeskriminalamt or BKA) has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on April 30, 2025, authorities said, adding they also confiscated 8 terabytes worth of data and cryptocurrency assets]]> 2025-05-10T12:17:00+00:00 https://thehackernews.com/2025/05/germany-shuts-down-exch-over-19b.html www.secnews.physaphae.fr/article.php?IdArticle=8674004 False Legislation None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that\'s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors. In conjunction with the domain seizure, Russian nationals, Alexey Viktorovich Chertkov, 37, Kirill Vladimirovich]]> 2025-05-09T21:58:00+00:00 https://thehackernews.com/2025/05/breaking-7000-device-proxy-botnet-using.html www.secnews.physaphae.fr/article.php?IdArticle=8673788 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actors behind the Contagious Interview campaign have been observed using updated versions of a cross-platform malware called OtterCookie with capabilities to steal credentials from web browsers and other files. NTT Security Holdings, which detailed the new findings, said the attackers have "actively and continuously" updated the malware, introducing versions v3 and v4 in]]> 2025-05-09T21:55:00+00:00 https://thehackernews.com/2025/05/ottercookie-v4-adds-vm-detection-and.html www.secnews.physaphae.fr/article.php?IdArticle=8673789 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of a new campaign that\'s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. "The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos]]> 2025-05-09T17:10:00+00:00 https://thehackernews.com/2025/05/initial-access-brokers-target-brazil.html www.secnews.physaphae.fr/article.php?IdArticle=8673657 False Spam,Commercial None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AI agents are changing the way businesses work. They can answer questions, automate tasks, and create better user experiences. But with this power comes new risks - like data leaks, identity theft, and malicious misuse. If your company is exploring or already using AI agents, you need to ask: Are they secure? AI agents work with sensitive data and make real-time decisions. If they\'re not]]> 2025-05-09T16:41:00+00:00 https://thehackernews.com/2025/05/deploying-ai-agents-learn-to-secure.html www.secnews.physaphae.fr/article.php?IdArticle=8673658 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a popular artificial intelligence (AI)-powered source code editor. "Disguised as developer tools offering \'the cheapest Cursor API,\' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor\'s]]> 2025-05-09T16:27:00+00:00 https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html www.secnews.physaphae.fr/article.php?IdArticle=8673659 False Tool,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Vulnerability Treadmill The reactive nature of vulnerability management, combined with delays from policy and process, strains security teams. Capacity is limited and patching everything immediately is a struggle. Our Vulnerability Operation Center (VOC) dataset analysis identified 1,337,797 unique findings (security issues) across 68,500 unique customer assets. 32,585 of them were distinct]]> 2025-05-09T15:30:00+00:00 https://thehackernews.com/2025/05/beyond-vulnerability-management-cves.html www.secnews.physaphae.fr/article.php?IdArticle=8673638 False Vulnerability,Patching None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Thursday announced it\'s rolling out new artificial intelligence (AI)-powered countermeasures to combat scams across Chrome, Search, and Android. The tech giant said it will begin using Gemini Nano, its on-device large language model (LLM), to improve Safe Browsing in Chrome 137 on desktops. "The on-device approach provides instant insight on risky websites and allows us to offer]]> 2025-05-09T12:43:00+00:00 https://thehackernews.com/2025/05/google-rolls-out-on-device-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8673565 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical SAP NetWeaver flaw]]> 2025-05-09T09:59:00+00:00 https://thehackernews.com/2025/05/chinese-hackers-exploit-sap-rce-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8673508 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have exposed what they say is an "industrial-scale, global cryptocurrency phishing operation" engineered to steal digital assets from cryptocurrency wallets for several years. The campaign has been codenamed FreeDrain by threat intelligence firms SentinelOne and Validin. "FreeDrain uses SEO manipulation, free-tier web services (like gitbook.io, webflow.io, and github.io]]> 2025-05-08T20:53:00+00:00 https://thehackernews.com/2025/05/38000-freedrain-subdomains-found.html www.secnews.physaphae.fr/article.php?IdArticle=8673308 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SonicWall has released patches to address three security flaws affecting SMA 100 Secure Mobile Access (SMA) appliances that could be fashioned to result in remote code execution. The vulnerabilities are listed below - CVE-2025-32819 (CVSS score: 8.8) - A vulnerability in SMA100 allows a remote authenticated attacker with SSL-VPN user privileges to bypass the path traversal checks and delete an]]> 2025-05-08T19:26:00+00:00 https://thehackernews.com/2025/05/sonicwall-patches-3-flaws-in-sma-100.html www.secnews.physaphae.fr/article.php?IdArticle=8673286 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with ties to the Qilin ransomware family have leveraged malware known as SmokeLoader along with a previously undocumented .NET compiled loader codenamed NETXLOADER as part of a campaign observed in November 2024. "NETXLOADER is a new .NET-based loader that plays a critical role in cyber attacks," Trend Micro researchers Jacob Santos, Raymart Yambot, John Rainier Navato, Sarah Pearl]]> 2025-05-08T19:17:00+00:00 https://thehackernews.com/2025/05/qilin-leads-april-2025-ransomware-spike.html www.secnews.physaphae.fr/article.php?IdArticle=8673237 False Ransomware,Malware,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 61% of security leaders reported suffering a breach due to failed or misconfigured controls over the past 12 months. This is despite having an average of 43 cybersecurity tools in place. This massive rate of security failure is clearly not a security investment problem. It is a configuration problem. Organizations are beginning to understand that a security control installed or deployed is not]]> 2025-05-08T16:30:00+00:00 https://thehackernews.com/2025/05/security-tools-alone-dont-protect-you.html www.secnews.physaphae.fr/article.php?IdArticle=8673188 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The nation-state threat actor known as MirrorFace has been observed deploying malware dubbed ROAMINGMOUSE as part of a cyber espionage campaign directed against government agencies and public institutions in Japan and Taiwan. The activity, detected by Trend Micro in March 2025, involved the use of spear-phishing lures to deliver an updated version of a backdoor called ANEL. "The ANEL file from]]> 2025-05-08T16:02:00+00:00 https://thehackernews.com/2025/05/mirrorface-targets-japan-and-taiwan.html www.secnews.physaphae.fr/article.php?IdArticle=8673189 False Malware,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as COLDRIVER has been observed distributing a new malware called LOSTKEYS as part of an espionage-focused campaign using ClickFix-like social engineering lures. "LOSTKEYS is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker," the Google Threat]]> 2025-05-08T12:27:00+00:00 https://thehackernews.com/2025/05/russian-hackers-using-clickfix-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8673091 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system. The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system. "This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an]]> 2025-05-08T10:27:00+00:00 https://thehackernews.com/2025/05/cisco-patches-cve-2025-20188-100-cvss.html www.secnews.physaphae.fr/article.php?IdArticle=8673071 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world. In connection with the operation, Polish authorities have arrested four individuals and the United States has seized nine domains that are associated with the now-defunct platforms. "The suspects are believed to be behind six separate]]> 2025-05-07T19:24:00+00:00 https://thehackernews.com/2025/05/europol-shuts-down-six-ddos-for-hire.html www.secnews.physaphae.fr/article.php?IdArticle=8672785 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82.  "This is due to the create_wp_connection() function missing a capability check and]]> 2025-05-07T19:14:00+00:00 https://thehackernews.com/2025/05/ottokit-wordpress-plugin-with-100k.html www.secnews.physaphae.fr/article.php?IdArticle=8672786 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is]]> 2025-05-07T17:01:00+00:00 https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8672729 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified connectivity, and consistent policy control across users and devices. But there\'s a problem: they stop short of where the most sensitive user activity actually happens-the browser. This isn\'t a small omission. It\'s a structural]]> 2025-05-07T16:26:00+00:00 https://thehackernews.com/2025/05/reevaluating-sses-technical-gap.html www.secnews.physaphae.fr/article.php?IdArticle=8672730 False Legislation,Cloud,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States. The attack, per the Symantec Threat Hunter Team, part of Broadcom, leveraged CVE-2025-29824, a privilege escalation flaw in the Common Log File System (CLFS) driver. It was patched by]]> 2025-05-07T16:14:00+00:00 https://thehackernews.com/2025/05/play-ransomware-exploited-windows-cve.html www.secnews.physaphae.fr/article.php?IdArticle=8672700 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan. The package in question is discordpydebug, which was uploaded to PyPI on March 21, 2022. It has been downloaded 11,574 times and continues to be available on the open-source registry.]]> 2025-05-07T13:07:00+00:00 https://thehackernews.com/2025/05/researchers-uncover-malware-in-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8672656 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting over 1,400 individuals globally. WhatsApp originally filed the lawsuit against NSO Group in 2019,]]> 2025-05-07T11:52:00+00:00 https://thehackernews.com/2025/05/nso-group-fined-168m-for-targeting-1400.html www.secnews.physaphae.fr/article.php?IdArticle=8672607 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. The activity, first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025, involves the exploitation of two operating system command]]> 2025-05-06T21:03:00+00:00 https://thehackernews.com/2025/05/hackers-exploit-samsung-magicinfo.html www.secnews.physaphae.fr/article.php?IdArticle=8672357 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity through traffic distribution systems (TDSes). The activity clusters have been codenamed Reckless Rabbit and Ruthless Rabbit by DNS threat intelligence firm Infoblox. The attacks have been observed to lure victims with bogus]]> 2025-05-06T19:06:00+00:00 https://thehackernews.com/2025/05/new-investment-scams-use-facebook-ads.html www.secnews.physaphae.fr/article.php?IdArticle=8672311 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It wasn\'t ransomware headlines or zero-day exploits that stood out most in this year\'s Verizon 2025 Data Breach Investigations Report (DBIR) - it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine credential abuse. According to the 2025 DBIR, third-party involvement in breaches doubled]]> 2025-05-06T16:55:00+00:00 https://thehackernews.com/2025/05/third-parties-and-machine-credentials.html www.secnews.physaphae.fr/article.php?IdArticle=8672281 False Ransomware,Data Breach,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data. "While these \'plug-and-play\' options greatly simplify the setup process, they often prioritize ease of use over security," Michael Katchinskiy and Yossi Weizman from the Microsoft Defender for Cloud Research team]]> 2025-05-06T16:35:00+00:00 https://thehackernews.com/2025/05/microsoft-warns-default-helm-charts-for.html www.secnews.physaphae.fr/article.php?IdArticle=8672256 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role - managing authentication, enforcing policy, and connecting users across distributed environments. That prominence also]]> 2025-05-06T15:30:00+00:00 https://thehackernews.com/2025/05/entra-id-data-protectionessential-or.html www.secnews.physaphae.fr/article.php?IdArticle=8672235 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local code execution without requiring any additional execution privileges. "The most severe of]]> 2025-05-06T11:16:00+00:00 https://thehackernews.com/2025/05/google-fixes-actively-exploited-android.html www.secnews.physaphae.fr/article.php?IdArticle=8672163 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-3248, carries a CVSS score of 9.8 out of a maximum of 10.0. "Langflow contains a missing]]> 2025-05-06T09:54:00+00:00 https://thehackernews.com/2025/05/critical-langflow-flaw-added-to-cisa.html www.secnews.physaphae.fr/article.php?IdArticle=8672142 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple\'s AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo. "These vulnerabilities can be chained by]]> 2025-05-05T22:36:00+00:00 https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8671938 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE-2025-34028 (CVSS score: 10.0), a path traversal bug that affects 11.38 Innovation Release, from versions]]> 2025-05-05T21:31:00+00:00 https://thehackernews.com/2025/05/commvault-cve-2025-34028-added-to-cisa.html www.secnews.physaphae.fr/article.php?IdArticle=8671939 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What if attackers aren\'t breaking in-they\'re already inside, watching, and adapting? This week showed a sharp rise in stealth tactics built for long-term access and silent control. AI is being used to shape opinions. Malware is hiding inside software we trust. And old threats are returning under new names. The real danger isn\'t just the breach-it\'s not knowing who\'s still lurking in your]]> 2025-05-05T16:59:00+00:00 https://thehackernews.com/2025/05/weekly-recap-nation-state-hacks-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8671823 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Let\'s be honest: if you\'re one of the first (or the first) security hires at a small or midsize business, chances are you\'re also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. You\'re not running a security department. You are THE security department. You\'re getting pinged about RFPs in one area, and reviewing phishing alerts in another, all while sifting]]> 2025-05-05T16:30:00+00:00 https://thehackernews.com/2025/05/perfection-is-myth-leverage-isnt-how.html www.secnews.physaphae.fr/article.php?IdArticle=8671824 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting continued development efforts to fine-tune and diversify their arsenal. "TerraStealerV2 is designed to collect browser credentials, cryptocurrency wallet data, and browser extension information," Recorded Future Insikt Group said. "TerraLogger, by contrast]]> 2025-05-05T11:09:00+00:00 https://thehackernews.com/2025/05/golden-chickens-deploy-terrastealerv2.html www.secnews.physaphae.fr/article.php?IdArticle=8671701 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system\'s primary disk and render it unbootable. The names of the packages are listed below - github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp github[.]com/steelpoor/tlsproxy "Despite appearing legitimate,]]> 2025-05-03T20:01:00+00:00 https://thehackernews.com/2025/05/malicious-go-modules-deliver-disk.html www.secnews.physaphae.fr/article.php?IdArticle=8671070 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future]]> 2025-05-03T15:03:00+00:00 https://thehackernews.com/2025/05/iranian-hackers-maintain-2-year-access.html www.secnews.physaphae.fr/article.php?IdArticle=8670979 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami Khaled Ahmed of Sana\'a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one]]> 2025-05-03T12:36:00+00:00 https://thehackernews.com/2025/05/us-charges-yemeni-hacker-behind-black.html www.secnews.physaphae.fr/article.php?IdArticle=8670925 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ireland\'s Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users\' data to China. "TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements," the DPC said in a statement. "]]> 2025-05-02T17:55:00+00:00 https://thehackernews.com/2025/05/tiktok-slammed-with-530-million-gdpr.html www.secnews.physaphae.fr/article.php?IdArticle=8670572 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform\'s Community Edition. A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike]]> 2025-05-02T16:00:00+00:00 https://thehackernews.com/2025/05/how-to-automate-cve-and-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8670533 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future\'s Insikt Group said in a report shared with The Hacker News. "The malware employs sandbox and virtual machine evasion techniques, a domain]]> 2025-05-02T14:27:00+00:00 https://thehackernews.com/2025/05/mintsloader-drops-ghostweaver-via.html www.secnews.physaphae.fr/article.php?IdArticle=8670507 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be \'passwordless by default,\'" Microsoft\'s Joy Chik and Vasu Jakkal said. "New users will have several passwordless options for]]> 2025-05-02T12:10:00+00:00 https://thehackernews.com/2025/05/microsoft-sets-passkeys-default-for-new.html www.secnews.physaphae.fr/article.php?IdArticle=8670461 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name "WP-antymalwary-bot.php," comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. "Pinging functionality that can report back to a command-and-control (C&C) server]]> 2025-05-01T21:17:00+00:00 https://thehackernews.com/2025/05/fake-security-plugin-on-wordpress.html www.secnews.physaphae.fr/article.php?IdArticle=8670150 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,]]> 2025-05-01T16:55:00+00:00 https://thehackernews.com/2025/05/why-top-soc-teams-are-shifting-to.html www.secnews.physaphae.fr/article.php?IdArticle=8670116 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an "influence-as-a-service" operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating a]]> 2025-05-01T16:32:00+00:00 https://thehackernews.com/2025/05/claude-ai-exploited-to-operate-100-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8670117 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its place, a new reality took hold-one defined by alert fatigue and overwhelmed teams. According to OX]]> 2025-05-01T15:14:00+00:00 https://thehackernews.com/2025/05/new-research-reveals-95-of-appsec-fixes.html www.secnews.physaphae.fr/article.php?IdArticle=8670109 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian companies have been targeted as part of a large-scale phishing campaign that\'s designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said. The activity is assessed to be the work of a]]> 2025-05-01T14:57:00+00:00 https://thehackernews.com/2025/05/darkwatchman-sheriff-malware-hit-russia.html www.secnews.physaphae.fr/article.php?IdArticle=8670110 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. "This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide assistance," the company]]> 2025-05-01T13:41:00+00:00 https://thehackernews.com/2025/05/commvault-confirms-hackers-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8670098 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed below - CVE-2023-44221 (CVSS score: 7.2) - Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to]]> 2025-05-01T11:52:00+00:00 https://thehackernews.com/2025/05/sonicwall-confirms-active-exploitation.html www.secnews.physaphae.fr/article.php?IdArticle=8670082 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable. MCP, launched by Anthropic in November 2024, is a framework designed to connect]]> 2025-04-30T21:29:00+00:00 https://thehackernews.com/2025/04/experts-uncover-critical-mcp-and-a2a.html www.secnews.physaphae.fr/article.php?IdArticle=8670009 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How Many Gaps Are Hiding in Your Identity System? It\'s not just about logins anymore. Today\'s attackers don\'t need to “hack” in-they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage-all without]]> 2025-04-30T16:56:00+00:00 https://thehackernews.com/2025/04/free-webinar-guide-to-securing-your.html www.secnews.physaphae.fr/article.php?IdArticle=8669957 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. "Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and]]> 2025-04-30T16:35:00+00:00 https://thehackernews.com/2025/04/chinese-hackers-abuse-ipv6-slaac-for.html www.secnews.physaphae.fr/article.php?IdArticle=8669958 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Everyone has cybersecurity stories involving family members. Here\'s a relatively common one. The conversation usually goes something like this:  “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I\'ve never seen]]> 2025-04-30T15:54:00+00:00 https://thehackernews.com/2025/04/customer-account-takeovers-multi.html www.secnews.physaphae.fr/article.php?IdArticle=8669911 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom "employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging]]> 2025-04-30T15:50:00+00:00 https://thehackernews.com/2025/04/nebulous-mantis-targets-nato-linked.html www.secnews.physaphae.fr/article.php?IdArticle=8669983 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have revealed that RansomHub\'s online infrastructure has "inexplicably" gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that "disclosures on its DLS [data leak site] have doubled since]]> 2025-04-30T15:45:00+00:00 https://thehackernews.com/2025/04/ransomhub-went-dark-april-1-affiliates.html www.secnews.physaphae.fr/article.php?IdArticle=8669912 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield. PromptGuard 2 is designed to detect direct]]> 2025-04-30T12:38:00+00:00 https://thehackernews.com/2025/04/meta-launches-llamafirewall-framework.html www.secnews.physaphae.fr/article.php?IdArticle=8669833 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high court in the Indian state of Karnataka has ordered the blocking of end-to-end encrypted email provider Proton Mail across the country. The High Court of Karnataka, on April 29, said the ruling was in response to a legal complaint filed by M Moser Design Associated India Pvt Ltd in January 2025. The complaint alleged its staff had received e-mails containing obscene, abusive]]> 2025-04-30T10:15:00+00:00 https://thehackernews.com/2025/04/indian-court-orders-action-to-block.html www.secnews.physaphae.fr/article.php?IdArticle=8669787 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence (AI) capabilities in a privacy-preserving manner. "Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or editing help – while preserving WhatsApp\'s core privacy promise," the Meta-owned service said in a]]> 2025-04-29T22:52:00+00:00 https://thehackernews.com/2025/04/whatsapp-launches-private-processing-to.html www.secnews.physaphae.fr/article.php?IdArticle=8669572 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content. The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which can then be adapted into a second scenario within the first one where there exists no safety]]> 2025-04-29T21:48:00+00:00 https://thehackernews.com/2025/04/new-reports-uncover-jailbreaks-unsafe.html www.secnews.physaphae.fr/article.php?IdArticle=8669573 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. "We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees," security]]> 2025-04-29T18:37:00+00:00 https://thehackernews.com/2025/04/sentinelone-uncovers-chinese-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=8669502 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Find out how Reco keeps Microsoft 365 Copilot safe by spotting risky prompts, protecting data, managing user access, and identifying threats - all while keeping productivity high. Microsoft 365 Copilot promises to boost productivity by turning natural language prompts into actions. Employees can generate reports, comb through data, or get instant answers just by asking Copilot.  However,]]> 2025-04-29T16:30:00+00:00 https://thehackernews.com/2025/04/product-walkthrough-securing-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8669430 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023.  Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances. "Zero-day exploitation of browsers and mobile devices fell drastically, decreasing by about a third for browsers and by about half for]]> 2025-04-29T15:41:00+00:00 https://thehackernews.com/2025/04/google-reports-75-zero-days-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8669431 False Vulnerability,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a new campaign detected in March 2025, senior members of the World Uyghur Congress (WUC) living in exile have been targeted by a Windows-based malware that\'s capable of conducting surveillance. The spear-phishing campaign involved the use of a trojanized version of a legitimate open-source word processing and spell check tool called UyghurEdit++ developed to support the use of the Uyghur]]> 2025-04-29T11:13:00+00:00 https://thehackernews.com/2025/04/malware-attack-targets-world-uyghur.html www.secnews.physaphae.fr/article.php?IdArticle=8669338 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two high-severity security flaws impacting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-1976 (CVSS score: 8.6) - A code injection flaw]]> 2025-04-29T09:51:00+00:00 https://thehackernews.com/2025/04/cisa-adds-actively-exploited-broadcom.html www.secnews.physaphae.fr/article.php?IdArticle=8669318 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What happens when cybercriminals no longer need deep skills to breach your defenses? Today\'s attackers are armed with powerful tools that do the heavy lifting - from AI-powered phishing kits to large botnets ready to strike. And they\'re not just after big corporations. Anyone can be a target when fake identities, hijacked infrastructure, and insider tricks are used to slip past security]]> 2025-04-28T17:48:00+00:00 https://thehackernews.com/2025/04/weekly-recap-critical-sap-exploit-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8669011 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Not every security vulnerability is high risk on its own - but in the hands of an advanced attacker, even small weaknesses can escalate into major breaches. These five real vulnerabilities, uncovered by Intruder\'s bug-hunting team, reveal how attackers turn overlooked flaws into serious security incidents. 1. Stealing AWS Credentials with a Redirect Server-Side Request Forgery (SSRF) is a]]> 2025-04-28T16:30:00+00:00 https://thehackernews.com/2025/04/how-breaches-start-breaking-down-5-real.html www.secnews.physaphae.fr/article.php?IdArticle=8668950 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024. The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the]]> 2025-04-28T14:37:00+00:00 https://thehackernews.com/2025/04/earth-kurma-targets-southeast-asia-with.html www.secnews.physaphae.fr/article.php?IdArticle=8668906 False Malware,Tool,Threat,Prediction,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor instead. WordPress security company Patchstack described the activity as sophisticated and a variant of another campaign observed in December 2023 that employed a fake CVE ploy to breach sites running]]> 2025-04-28T13:36:00+00:00 https://thehackernews.com/2025/04/woocommerce-users-targeted-by-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8668877 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities - CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP]]> 2025-04-28T12:43:00+00:00 https://thehackernews.com/2025/04/hackers-exploit-critical-craft-cms.html www.secnews.physaphae.fr/article.php?IdArticle=8668855 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors," the Microsoft Threat Intelligence team said in an analysis. The tech giant noted that]]> 2025-04-27T10:32:00+00:00 https://thehackernews.com/2025/04/storm-1977-hits-education-clouds-with.html www.secnews.physaphae.fr/article.php?IdArticle=8668420 False Tool,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka HOLERUN). "LAGTOY can be]]> 2025-04-26T16:08:00+00:00 https://thehackernews.com/2025/04/toymaker-uses-lagtoy-to-sell-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8668080 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry-BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)-to spread]]> 2025-04-25T19:35:00+00:00 https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html www.secnews.physaphae.fr/article.php?IdArticle=8667699 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.  "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week. The cybersecurity]]> 2025-04-25T16:11:00+00:00 https://thehackernews.com/2025/04/sap-confirms-critical-netweaver-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8667608 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs).  At the top of mind when NHIs are mentioned, most security teams immediately think of Service Accounts.]]> 2025-04-25T16:00:00+00:00 https://thehackernews.com/2025/04/why-nhis-are-securitys-most-dangerous.html www.secnews.physaphae.fr/article.php?IdArticle=8667609 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below - CVE-2025-27610 (CVSS score: 7.5) - A path traversal]]> 2025-04-25T14:27:00+00:00 https://thehackernews.com/2025/04/researchers-identify-rackstatic.html www.secnews.physaphae.fr/article.php?IdArticle=8667585 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about a new malware called DslogdRAT that\'s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma]]> 2025-04-25T14:13:00+00:00 https://thehackernews.com/2025/04/dslogdrat-malware-deployed-via-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8667586 False Malware,Vulnerability,Threat,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea\'s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in]]> 2025-04-24T19:41:00+00:00 https://thehackernews.com/2025/04/lazarus-hits-6-south-korean-firms-via.html www.secnews.physaphae.fr/article.php?IdArticle=8667217 False Malware,Vulnerability,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure," VulnCheck said in a report shared with The Hacker News. This translates to 45 security flaws that have been weaponized]]> 2025-04-24T18:28:00+00:00 https://thehackernews.com/2025/04/159-cves-exploited-in-q1-2025-283.html www.secnews.physaphae.fr/article.php?IdArticle=8667187 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said in]]> 2025-04-24T18:28:00+00:00 https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html www.secnews.physaphae.fr/article.php?IdArticle=8667186 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News. "]]> 2025-04-24T16:57:00+00:00 https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8667153 False Threat,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Evolving Healthcare Cybersecurity Landscape  Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector]]> 2025-04-24T16:00:00+00:00 https://thehackernews.com/2025/04/automating-zero-trust-in-healthcare.html www.secnews.physaphae.fr/article.php?IdArticle=8667102 False Legislation,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028, carries a CVSS score of 9.0 out of a maximum of 10.0. "A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without]]> 2025-04-24T15:30:00+00:00 https://thehackernews.com/2025/04/critical-commvault-command-center-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8667103 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users to block participants from sharing the contents of a conversation in traditional chats and groups. "This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp said in a statement. The optional feature]]> 2025-04-24T09:33:00+00:00 https://thehackernews.com/2025/04/whatsapp-adds-advanced-chat-privacy-to.html www.secnews.physaphae.fr/article.php?IdArticle=8666969 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat activity clusters with ties to North Korea (aka Democratic People\'s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. "The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North Korea," Google-owned Mandiant said in]]> 2025-04-23T22:39:00+00:00 https://thehackernews.com/2025/04/dprk-hackers-steal-137m-from-tron-users.html www.secnews.physaphae.fr/article.php?IdArticle=8666764 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber espionage-related operations. The intrusion set is said to have distributed the malware through a "complex]]> 2025-04-23T18:38:00+00:00 https://thehackernews.com/2025/04/iran-linked-hackers-target-israel-with.html www.secnews.physaphae.fr/article.php?IdArticle=8666669 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have revealed that Russian military personnel are the target of a new malicious campaign that distributes Android spyware under the guise of the Alpine Quest mapping software. "The attackers hide this trojan inside modified Alpine Quest mapping software and distribute it in various ways, including through one of the Russian Android app catalogs," Doctor Web said in an]]> 2025-04-23T17:52:00+00:00 https://thehackernews.com/2025/04/android-spyware-disguised-as-alpine.html www.secnews.physaphae.fr/article.php?IdArticle=8666646 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before.  Attackers are increasingly leveraging identity-based techniques over software exploits, with phishing and stolen credentials (a byproduct of phishing) now the primary]]> 2025-04-23T16:30:00+00:00 https://thehackernews.com/2025/04/three-reasons-why-browser-is-best-for.html www.secnews.physaphae.fr/article.php?IdArticle=8666619 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025. The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code]]> 2025-04-23T16:19:00+00:00 https://thehackernews.com/2025/04/russian-hackers-exploit-microsoft-oauth.html www.secnews.physaphae.fr/article.php?IdArticle=8666620 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Ripple cryptocurrency npm JavaScript library named xrpl.js has been compromised by unknown threat actors as part of a software supply chain attack designed to harvest and exfiltrate users\' private keys. The malicious activity has been found to affect five different versions of the package: 4.2.1, 4.2.2, 4.2.3, 4.2.4, and 2.14.2. The issue has been addressed in versions 4.2.5 and 2.14.3.]]> 2025-04-23T12:47:00+00:00 https://thehackernews.com/2025/04/ripples-xrpljs-npm-package-backdoored.html www.secnews.physaphae.fr/article.php?IdArticle=8666520 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday revealed that it will no longer offer a standalone prompt for third-party cookies in its Chrome browser as part of its Privacy Sandbox initiative. "We\'ve made the decision to maintain our current approach to offering users third-party cookie choice in Chrome, and will not be rolling out a new standalone prompt for third-party cookies," Anthony Chavez, vice president of Privacy]]> 2025-04-23T10:49:00+00:00 https://thehackernews.com/2025/04/google-drops-cookie-prompt-in-chrome.html www.secnews.physaphae.fr/article.php?IdArticle=8666477 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed a malware campaign that\'s targeting Docker environments with a previously undocumented technique to mine cryptocurrency. The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly profit off the compute resources. This involves deploying a malware strain]]> 2025-04-22T22:16:00+00:00 https://thehackernews.com/2025/04/docker-malware-exploits-teneo-web3-node.html www.secnews.physaphae.fr/article.php?IdArticle=8666262 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that\'s based on Apache Airflow. "This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which]]> 2025-04-22T19:36:00+00:00 https://thehackernews.com/2025/04/gcp-cloud-composer-bug-let-attackers.html www.secnews.physaphae.fr/article.php?IdArticle=8666189 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for more than 70% of modern malware attacks. Keep Aware\'s recent State of Browser Security report highlights major concerns security leaders face with employees using the web browser for most of their work.]]> 2025-04-22T16:30:00+00:00 https://thehackernews.com/2025/04/5-major-concerns-with-employees-using.html www.secnews.physaphae.fr/article.php?IdArticle=8666111 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google\'s infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to note is that this is a valid, signed email – it really was sent from no-reply@google.com," Nick Johnson]]> 2025-04-22T16:20:00+00:00 https://thehackernews.com/2025/04/phishers-exploit-google-sites-and-dkim.html www.secnews.physaphae.fr/article.php?IdArticle=8666112 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it\'s also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and United States government clouds to]]> 2025-04-22T13:08:00+00:00 https://thehackernews.com/2025/04/microsoft-secures-msa-signing-with.html www.secnews.physaphae.fr/article.php?IdArticle=8666038 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. "Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company," the Symantec Threat Hunter Team said in a new report]]> 2025-04-22T09:59:00+00:00 https://thehackernews.com/2025/04/lotus-panda-hacks-se-asian-governments.html www.secnews.physaphae.fr/article.php?IdArticle=8665974 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). "In some systems, initial access was gained through]]> 2025-04-21T22:12:00+00:00 https://thehackernews.com/2025/04/kimsuky-exploits-bluekeep-rdp.html www.secnews.physaphae.fr/article.php?IdArticle=8665775 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to compromise payment card data, fraud prevention firm Cleafy said in an analysis. There is evidence to]]> 2025-04-21T20:43:00+00:00 https://thehackernews.com/2025/04/supercard-x-android-malware-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8665729 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we\'ll focus on the device threat vector. The risk they pose is significant, which is why device]]> 2025-04-21T16:55:00+00:00 https://thehackernews.com/2025/04/5-reasons-device-management-isnt-device.html www.secnews.physaphae.fr/article.php?IdArticle=8665640 False Threat None 2.0000000000000000