This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:08:03+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes - and that\'s exactly what we saw in last week\'s activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flags. Just quiet entry through small gaps - like a misconfigured pipeline, a trusted browser feature,]]> 2025-04-21T15:40:00+00:00 https://thehackernews.com/2025/04/thn-weekly-recap-ios-zero-days-4chan.html www.secnews.physaphae.fr/article.php?IdArticle=8665641 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a surge in "mass scanning, credential brute-forcing, and exploitation attempts" originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week.  "Net]]> 2025-04-21T12:31:00+00:00 https://thehackernews.com/2025/04/hackers-abuse-russian-bulletproof-host.html www.secnews.physaphae.fr/article.php?IdArticle=8665562 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that\'s targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. "While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool]]> 2025-04-20T10:28:00+00:00 https://thehackernews.com/2025/04/apt29-deploys-grapeloader-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8665148 False Malware,Tool,Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils (132 downloads) node-telegram-bots-api (82 downloads) node-telegram-util (73 downloads) According to supply chain]]> 2025-04-19T20:41:00+00:00 https://thehackernews.com/2025/04/rogue-npm-packages-mimic-telegram-bot.html www.secnews.physaphae.fr/article.php?IdArticle=8664949 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10.0. "An improper authentication control vulnerability exists in certain ASUS router firmware series,"]]> 2025-04-19T14:22:00+00:00 https://thehackernews.com/2025/04/asus-confirms-critical-flaw-in-aicloud.html www.secnews.physaphae.fr/article.php?IdArticle=8664826 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that\'s been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by \'Wang Duo Yu,\'" Cisco Talos researchers Azim Khodjibaev, Chetan]]> 2025-04-18T20:45:00+00:00 https://thehackernews.com/2025/04/chinese-smishing-kit-behind-widespread.html www.secnews.physaphae.fr/article.php?IdArticle=8664540 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution," Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign. The]]> 2025-04-18T17:33:00+00:00 https://thehackernews.com/2025/04/multi-stage-malware-attack-uses-jse-and.html www.secnews.physaphae.fr/article.php?IdArticle=8664477 False Malware,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Your employees didn\'t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into Salesforce. No big deal-until it is. If this sounds familiar, you\'re not alone. Most security teams are already behind in detecting how AI tools are quietly reshaping their SaaS environments. And]]> 2025-04-18T15:15:00+00:00 https://thehackernews.com/2025/04/webinar-ai-is-already-inside-your-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8664414 False Tool,Cloud ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. "From 2020 to 2023, the XorDDoS trojan has increased significantly in prevalence," Cisco Talos researcher Joey Chen said in a Thursday analysis. ]]> 2025-04-18T12:40:00+00:00 https://thehackernews.com/2025/04/experts-uncover-new-xorddos-controller.html www.secnews.physaphae.fr/article.php?IdArticle=8664372 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure]]> 2025-04-18T09:59:00+00:00 https://thehackernews.com/2025/04/cve-2025-24054-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8664323 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a new lateral movement]]> 2025-04-17T20:52:00+00:00 https://thehackernews.com/2025/04/mustang-panda-targets-myanmar-with.html www.secnews.physaphae.fr/article.php?IdArticle=8664108 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,]]> 2025-04-17T17:02:00+00:00 https://thehackernews.com/2025/04/state-sponsored-hackers-weaponize.html www.secnews.physaphae.fr/article.php?IdArticle=8664038 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Talking about AI: Definitions Artificial Intelligence (AI) - AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as decision-making and problem-solving. AI is the broadest concept in this field, encompassing various technologies and methodologies, including Machine Learning (ML) and Deep Learning. Machine]]> 2025-04-17T16:56:00+00:00 https://thehackernews.com/2025/04/artificial-intelligence-whats-all-fuss.html www.secnews.physaphae.fr/article.php?IdArticle=8664039 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools, could the technology one day replace passwords? How blockchain works  Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions.]]> 2025-04-17T16:00:00+00:00 https://thehackernews.com/2025/04/blockchain-offers-security-benefits-but.html www.secnews.physaphae.fr/article.php?IdArticle=8664016 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions. The vulnerability, tracked as CVE-2025-32433, has been given the maximum CVSS score of 10.0. "The vulnerability allows an attacker with network access to an Erlang/OTP SSH]]> 2025-04-17T14:41:00+00:00 https://thehackernews.com/2025/04/critical-erlangotp-ssh-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8663973 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like Binance or]]> 2025-04-17T14:27:00+00:00 https://thehackernews.com/2025/04/nodejs-malware-campaign-targets-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8663974 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection]]> 2025-04-17T11:14:00+00:00 https://thehackernews.com/2025/04/cisa-flags-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8663887 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild. The vulnerabilities in question are listed below - CVE-2025-31200 (CVSS score: 7.5) - A memory corruption vulnerability in the Core Audio framework that could allow code execution when processing an audio]]> 2025-04-17T09:03:00+00:00 https://thehackernews.com/2025/04/apple-patches-two-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8663847 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered in a binary named "schtasks.exe," which enables an administrator to create, delete, query, change,]]> 2025-04-16T21:48:00+00:00 https://thehackernews.com/2025/04/experts-uncover-four-new-privilege.html www.secnews.physaphae.fr/article.php?IdArticle=8663669 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Wednesday revealed that it suspended over 39.2 million advertiser accounts in 2024, with a majority of them identified and blocked by its systems before it could serve harmful ads to users. In all, the tech giant said it stopped 5.1 billion bad ads, restricted 9.1 billion ads, and blocked or restricted ads on 1.3 billion pages last year. It also suspended over 5 million accounts for]]> 2025-04-16T18:18:00+00:00 https://thehackernews.com/2025/04/google-blocked-51b-harmful-ads-and.html www.secnews.physaphae.fr/article.php?IdArticle=8663558 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages. "Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal," Abnormal Security researchers Hinman Baron and Piotr Wojtyla said in]]> 2025-04-16T17:14:00+00:00 https://thehackernews.com/2025/04/ai-powered-gamma-used-to-host-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8663520 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected]]> 2025-04-16T16:56:00+00:00 https://thehackernews.com/2025/04/from-third-party-vendors-to-us-tariffs.html www.secnews.physaphae.fr/article.php?IdArticle=8663521 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024. "The controller could open a reverse shell," Trend Micro researcher Fernando Mercês said in a technical report published earlier in]]> 2025-04-16T16:07:00+00:00 https://thehackernews.com/2025/04/new-bpfdoor-controller-enables-stealthy.html www.secnews.physaphae.fr/article.php?IdArticle=8663470 False Prediction,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May 2024 XM Cyber report, identity and]]> 2025-04-16T16:00:00+00:00 https://thehackernews.com/2025/04/product-walkthrough-look-inside-wing.html www.secnews.physaphae.fr/article.php?IdArticle=8663471 False Hack,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024. While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point to]]> 2025-04-16T13:04:00+00:00 https://thehackernews.com/2025/04/chinese-android-phones-shipped-with.html www.secnews.physaphae.fr/article.php?IdArticle=8663407 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem. The 25-year-old CVE program is a valuable tool for vulnerability management, offering a de facto standard to]]> 2025-04-16T10:36:00+00:00 https://thehackernews.com/2025/04/us-govt-funding-for-mitres-cve-ends.html www.secnews.physaphae.fr/article.php?IdArticle=8663377 False Tool,Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this case, plausibly blend in with the pool of]]> 2025-04-15T19:36:00+00:00 https://thehackernews.com/2025/04/chinese-hackers-target-linux-systems.html www.secnews.physaphae.fr/article.php?IdArticle=8663120 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and including 6.1.4.]]> 2025-04-15T19:14:00+00:00 https://thehackernews.com/2025/04/critical-apache-roller-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8663121 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package Index (PyPI) repository that\'s designed to reroute trading orders placed on the MEXC cryptocurrency exchange to a malicious server and steal tokens. The package, ccxt-mexc-futures, purports to be an extension built on top of a popular Python library named ccxt (short for CryptoCurrency eXchange Trading),]]> 2025-04-15T18:50:00+00:00 https://thehackernews.com/2025/04/malicious-pypi-package-targets-mexc.html www.secnews.physaphae.fr/article.php?IdArticle=8663122 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Everybody knows browser extensions are embedded into nearly every user\'s daily workflow, from spell checkers to GenAI tools. What most IT and security people don\'t know is that browser extensions\' excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the first and only report to merge]]> 2025-04-15T16:55:00+00:00 https://thehackernews.com/2025/04/majority-of-browser-extensions-can.html www.secnews.physaphae.fr/article.php?IdArticle=8663067 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment. The activity has been attributed by Palo Alto Networks Unit 42 to a hacking group it tracks as Slow Pisces, which is also known as Jade Sleet, PUKCHONG,]]> 2025-04-15T14:40:00+00:00 https://thehackernews.com/2025/04/crypto-developers-targeted-by-python.html www.secnews.physaphae.fr/article.php?IdArticle=8663026 False Malware,Hack,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised to date. Tracked as CVE-2025-30406 (CVSS score: 9.0), the vulnerability refers to the use of a hard-coded cryptographic key that could expose internet-accessible servers to remote code execution attacks]]> 2025-04-15T10:09:00+00:00 https://thehackernews.com/2025/04/gladinets-triofox-and-centrestack-under.html www.secnews.physaphae.fr/article.php?IdArticle=8662956 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has announced that it will begin to train its artificial intelligence (AI) models using public data shared by adults across its platforms in the European Union, nearly a year after it paused its efforts due to data protection concerns from Irish regulators. "This training will better support millions of people and businesses in Europe, by teaching our generative AI models to better]]> 2025-04-15T09:40:00+00:00 https://thehackernews.com/2025/04/meta-resumes-eu-ai-training-using.html www.secnews.physaphae.fr/article.php?IdArticle=8662957 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a report shared with The]]> 2025-04-14T21:39:00+00:00 https://thehackernews.com/2025/04/resolverrat-campaign-targets-healthcare.html www.secnews.physaphae.fr/article.php?IdArticle=8662764 False Threat,Medical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to a new type of credential phishing scheme that ensures that the stolen information is associated with valid online accounts. The technique has been codenamed precision-validating phishing by Cofense, which it said employs real-time email validation so that only a select set of high-value targets are served the fake login screens. "This tactic not]]> 2025-04-14T18:54:00+00:00 https://thehackernews.com/2025/04/phishing-campaigns-use-real-time-checks.html www.secnews.physaphae.fr/article.php?IdArticle=8662729 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers aren\'t waiting for patches anymore - they are breaking in before defenses are ready. Trusted security tools are being hijacked to deliver malware. Even after a breach is detected and patched, some attackers stay hidden. This week\'s events show a hard truth: it\'s not enough to react after an attack. You have to assume that any system you trust today could fail tomorrow. In a world]]> 2025-04-14T16:49:00+00:00 https://thehackernews.com/2025/04/weekly-recap-windows-0-day-vpn-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8662677 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AI is changing cybersecurity faster than many defenders realize. Attackers are already using AI to automate reconnaissance, generate sophisticated phishing lures, and exploit vulnerabilities before security teams can react. Meanwhile, defenders are overwhelmed by massive amounts of data and alerts, struggling to process information quickly enough to identify real threats. AI offers a way to]]> 2025-04-14T16:00:00+00:00 https://thehackernews.com/2025/04/cybersecurity-in-ai-era-evolve-faster.html www.secnews.physaphae.fr/article.php?IdArticle=8662641 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT. The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking an expansion of the hacking crew\'s]]> 2025-04-14T12:25:00+00:00 https://thehackernews.com/2025/04/pakistan-linked-hackers-expand-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8662587 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762. "A threat actor used a known]]> 2025-04-11T23:25:00+00:00 https://thehackernews.com/2025/04/fortinet-warns-attackers-retain.html www.secnews.physaphae.fr/article.php?IdArticle=8661817 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul. The activity, which took place between July and December 2024, singled out organizations in the mass media, telecommunications, construction, government entities, and energy sectors, Kaspersky said in a new report published Thursday. Paper Werewolf, also known]]> 2025-04-11T18:39:00+00:00 https://thehackernews.com/2025/04/paper-werewolf-deploys-powermodul.html www.secnews.physaphae.fr/article.php?IdArticle=8661749 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What are IABs? Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like social engineering and brute-force attacks.  By selling access, they significantly mitigate the]]> 2025-04-11T16:00:00+00:00 https://thehackernews.com/2025/04/initial-access-brokers-shift-tactics.html www.secnews.physaphae.fr/article.php?IdArticle=8661694 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has revealed that it\'s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity targeting its appliances. "Our teams are observing evidence of activity consistent with password-related attacks, such as brute-force login attempts, which does not indicate exploitation of a]]> 2025-04-11T14:23:00+00:00 https://thehackernews.com/2025/04/palo-alto-networks-warns-of-brute-force.html www.secnews.physaphae.fr/article.php?IdArticle=8661662 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead. "The threat actor utilized a]]> 2025-04-11T13:43:00+00:00 https://thehackernews.com/2025/04/spynote-badbazaar-moonshine-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8661663 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. "The]]> 2025-04-11T10:28:00+00:00 https://thehackernews.com/2025/04/ottokit-wordpress-plugin-admin-creation.html www.secnews.physaphae.fr/article.php?IdArticle=8661604 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) vulnerability that could lead to a container escape attack and allow for]]> 2025-04-10T19:43:00+00:00 https://thehackernews.com/2025/04/incomplete-patch-in-nvidia-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8661408 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are continuing to upload malicious packages to the npm registry so as to tamper with already-installed local versions of legitimate libraries to execute malicious code in what\'s seen as a sneakier attempt to stage a software supply chain attack. The newly discovered package, named pdf-to-office, masquerades as a utility for converting PDF files to Microsoft Word documents. But, in]]> 2025-04-10T18:28:00+00:00 https://thehackernews.com/2025/04/malicious-npm-package-targets-atomic.html www.secnews.physaphae.fr/article.php?IdArticle=8661392 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Overview of the PlayPraetor Masquerading Party Variants CTM360 has now identified a much larger extent of the ongoing Play Praetor campaign. What started with 6000+ URLs of a very specific banking attack has now grown to 16,000+ with multiple variants. This research is ongoing, and much more is expected to be discovered in the coming days.  As before, all the newly discovered play]]> 2025-04-10T16:55:00+00:00 https://thehackernews.com/2025/04/playpraetor-reloaded-ctm360-uncovers.html www.secnews.physaphae.fr/article.php?IdArticle=8661364 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AI agents have rapidly evolved from experimental technology to essential business tools. The OWASP framework explicitly recognizes that Non-Human Identities play a key role in agentic AI security. Their analysis highlights how these autonomous software entities can make decisions, chain complex actions together, and operate continuously without human intervention. They\'re no longer just tools,]]> 2025-04-10T16:30:00+00:00 https://thehackernews.com/2025/04/the-identities-behind-ai-agents-deep.html www.secnews.physaphae.fr/article.php?IdArticle=8661365 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as Gamaredon (aka Shuckworm) has been attributed to a cyber attack targeting a foreign military mission based in Ukraine with an aim to deliver an updated version of a known malware called GammaSteel. The group targeted the military mission of a Western country, per the Symantec Threat Hunter team, with first signs of the malicious activity detected on]]> 2025-04-10T16:23:00+00:00 https://thehackernews.com/2025/04/gamaredon-uses-infected-removable.html www.secnews.physaphae.fr/article.php?IdArticle=8661366 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Law enforcement authorities have announced that they tracked down the customers of the SmokeLoader malware and detained at least five individuals. "In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as \'Superstar,\' faced consequences such as arrests, house searches, arrest warrants or \'knock and talks,\'" Europol said in a]]> 2025-04-10T15:25:00+00:00 https://thehackernews.com/2025/04/europol-arrests-five-smokeloader.html www.secnews.physaphae.fr/article.php?IdArticle=8661350 False Malware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of an artificial intelligence (AI) powered platform called AkiraBot that\'s used to spam website chats, comment sections, and contact forms to promote dubious search engine optimization (SEO) services such as Akira and ServicewrapGO. "AkiraBot has targeted more than 400,000 websites and successfully spammed at least 80,000 websites since September]]> 2025-04-10T12:45:00+00:00 https://thehackernews.com/2025/04/akirabot-targets-420000-sites-with.html www.secnews.physaphae.fr/article.php?IdArticle=8661317 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to set up lookalike credential harvesting pages. "As a purpose-built tool for creating and deploying web apps, its capabilities line up perfectly]]> 2025-04-09T19:58:00+00:00 https://thehackernews.com/2025/04/lovable-ai-found-most-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8661170 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Chinese-affiliated threat actor known for its cyber-attacks in Asia has been observed exploiting a security flaw in security software from ESET to deliver a previously undocumented malware codenamed TCESB. "Previously unseen in ToddyCat attacks, [TCESB] is designed to stealthily execute payloads in circumvention of protection and monitoring tools installed on the device," Kaspersky said in an]]> 2025-04-09T17:08:00+00:00 https://thehackernews.com/2025/04/new-tcesb-malware-found-in-active.html www.secnews.physaphae.fr/article.php?IdArticle=8661117 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian\'s State of Secrets Sprawl report for 2025 reveals the alarming scale of secrets exposure in modern software environments. Driving this is the rapid growth of non-human identities (NHIs), which have been outnumbering human users for years. We need to get ahead of it and prepare security measures and governance for these machine identities as they continue to be deployed, creating an]]> 2025-04-09T16:00:00+00:00 https://thehackernews.com/2025/04/explosive-growth-of-non-human.html www.secnews.physaphae.fr/article.php?IdArticle=8661118 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that a now-patched security flaw impacting the Windows Common Log File System (CLFS) was exploited as a zero-day in ransomware attacks aimed at a small number of targets. "The targets include organizations in the information technology (IT) and real estate sectors of the United States, the financial sector in Venezuela, a Spanish software company, and the retail sector in]]> 2025-04-09T13:34:00+00:00 https://thehackernews.com/2025/04/pipemagic-trojan-exploits-windows-clfs.html www.secnews.physaphae.fr/article.php?IdArticle=8661096 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Gladinet CentreStack to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2025-30406 (CVSS score: 9.0), concerns a case of a hard-coded cryptographic key that could be abused to achieve remote]]> 2025-04-09T13:30:00+00:00 https://thehackernews.com/2025/04/cisa-warns-of-centrestacks-hard-coded.html www.secnews.physaphae.fr/article.php?IdArticle=8661097 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in severity. Forty-nine of these vulnerabilities are classified as privilege escalation, 34 as remote code]]> 2025-04-09T12:36:00+00:00 https://thehackernews.com/2025/04/microsoft-patches-126-flaws-including.html www.secnews.physaphae.fr/article.php?IdArticle=8661083 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read and code execution. Of the 30 flaws in the product, 11 are rated Critical in severity - CVE-2025-24446 (CVSS score: 9.1) - An improper input validation vulnerability that could result in an]]> 2025-04-09T08:42:00+00:00 https://thehackernews.com/2025/04/adobe-patches-11-critical-coldfusion.html www.secnews.physaphae.fr/article.php?IdArticle=8661054 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. "An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a remote unauthenticated attacker to modify]]> 2025-04-08T23:23:00+00:00 https://thehackernews.com/2025/04/fortinet-urges-fortiswitch-upgrades-to.html www.secnews.physaphae.fr/article.php?IdArticle=8660996 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution. The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,]]> 2025-04-08T22:26:00+00:00 https://thehackernews.com/2025/04/amazon-ec2-ssm-agent-flaw-patched-after.html www.secnews.physaphae.fr/article.php?IdArticle=8660986 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. "One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a]]> 2025-04-08T21:37:00+00:00 https://thehackernews.com/2025/04/cryptocurrency-miner-and-clipper.html www.secnews.physaphae.fr/article.php?IdArticle=8660987 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the term “AI” often blurs crucial distinctions. Not all AI is built equal, especially in the SOC. Many]]> 2025-04-08T16:30:00+00:00 https://thehackernews.com/2025/04/agentic-ai-in-soc-dawn-of-autonomous.html www.secnews.physaphae.fr/article.php?IdArticle=8660923 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware. The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine\'s eastern border, the agency said. The attacks involve distributing phishing emails]]> 2025-04-08T15:42:00+00:00 https://thehackernews.com/2025/04/uac-0226-deploys-giftedcrook-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8660924 False Malware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild. The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. It has]]> 2025-04-08T13:41:00+00:00 https://thehackernews.com/2025/04/cisa-adds-crushftp-vulnerability-to-kev.html www.secnews.physaphae.fr/article.php?IdArticle=8660901 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below - CVE-2024-53150 (CVSS score: 7.8) - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure CVE-2024-53197 (CVSS score: 7.8) - A privilege escalation flaw in the USB sub-component of Kernel]]> 2025-04-08T09:35:00+00:00 https://thehackernews.com/2025/04/google-releases-android-update-to-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8660872 False Vulnerability,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel. "\'Fast flux\' is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System (DNS)]]> 2025-04-07T19:10:00+00:00 https://thehackernews.com/2025/04/cisa-and-fbi-warn-fast-flux-is-powering.html www.secnews.physaphae.fr/article.php?IdArticle=8660753 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps - but in job offers, hardware, and cloud services we rely on every day. Hackers don\'t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week,]]> 2025-04-07T16:55:00+00:00 https://thehackernews.com/2025/04/weekly-recap-vpn-exploits-oracles.html www.secnews.physaphae.fr/article.php?IdArticle=8660729 False Malware,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I\'ve learned that looking busy isn\'t the same as being secure.  It\'s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we\'re expending - how many vulnerabilities we patched, how fast we]]> 2025-04-07T16:30:00+00:00 https://thehackernews.com/2025/04/security-theater-vanity-metrics-keep.html www.secnews.physaphae.fr/article.php?IdArticle=8660717 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims\' digital wallets. "Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack," Silent Push said in an]]> 2025-04-07T12:59:00+00:00 https://thehackernews.com/2025/04/poisonseed-exploits-crm-accounts-to.html www.secnews.physaphae.fr/article.php?IdArticle=8660680 False Spam,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming]]> 2025-04-05T21:20:00+00:00 https://thehackernews.com/2025/04/microsoft-credits-encrypthub-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8660432 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. "These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation]]> 2025-04-05T19:53:00+00:00 https://thehackernews.com/2025/04/north-korean-hackers-deploy-beavertail.html www.secnews.physaphae.fr/article.php?IdArticle=8660424 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a]]> 2025-04-05T14:08:00+00:00 https://thehackernews.com/2025/04/malicious-python-packages-on-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8660393 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. "The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for]]> 2025-04-04T17:58:00+00:00 https://thehackernews.com/2025/04/spotbugs-access-token-theft-identified.html www.secnews.physaphae.fr/article.php?IdArticle=8660237 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There\'s a virtuous cycle in technology that pushes the boundaries of what\'s being built and how it\'s being used. A new technology development emerges and captures the world\'s attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation\'s potential. These use cases generate significant value, fueling demand for the next iteration of]]> 2025-04-04T16:27:00+00:00 https://thehackernews.com/2025/04/have-we-reached-distroless-tipping-point.html www.secnews.physaphae.fr/article.php?IdArticle=8660216 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems. "A stack-based buffer overflow in Ivanti Connect]]> 2025-04-04T11:37:00+00:00 https://thehackernews.com/2025/04/critical-ivanti-flaw-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8660179 False Malware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect[.]com hosted on Proton66 that masqueraded as an antivirus service. The threat intelligence firm said it]]> 2025-04-04T11:36:00+00:00 https://thehackernews.com/2025/04/opsec-failure-exposes-coquetttes.html www.secnews.physaphae.fr/article.php?IdArticle=8660217 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links pointing to legitimate]]> 2025-04-04T10:24:00+00:00 https://thehackernews.com/2025/04/cert-ua-reports-cyberattacks-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8660165 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A maximum severity security vulnerability has been disclosed in Apache Parquet\'s Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances. Apache Parquet is a free and open-source columnar data file format that\'s designed for efficient data processing and retrieval, providing support for complex data, high-performance]]> 2025-04-04T09:08:00+00:00 https://thehackernews.com/2025/04/critical-flaw-in-apache-parquet-allows.html www.secnews.physaphae.fr/article.php?IdArticle=8660166 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection," Microsoft said in a report shared with The]]> 2025-04-03T23:09:00+00:00 https://thehackernews.com/2025/04/microsoft-warns-of-tax-themed-email.html www.secnews.physaphae.fr/article.php?IdArticle=8660100 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by]]> 2025-04-03T17:52:00+00:00 https://thehackernews.com/2025/04/lazarus-group-targets-job-seekers-with.html www.secnews.physaphae.fr/article.php?IdArticle=8660049 False Malware,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it\'s also giving cybercriminals smarter ways to attack. They\'re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here\'s the harsh truth: If your security strategy hasn\'t evolved with AI in mind, you\'re already behind. But you\'re not alone-and]]> 2025-04-03T16:55:00+00:00 https://thehackernews.com/2025/04/ai-threats-are-evolving-fast-learn.html www.secnews.physaphae.fr/article.php?IdArticle=8660039 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security]]> 2025-04-03T16:04:00+00:00 https://thehackernews.com/2025/04/ai-adoption-in-enterprise-breaking.html www.secnews.physaphae.fr/article.php?IdArticle=8660026 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a new vulnerability impacting Google\'s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target\'s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by]]> 2025-04-03T13:51:00+00:00 https://thehackernews.com/2025/04/google-patches-quick-share.html www.secnews.physaphae.fr/article.php?IdArticle=8659999 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. "More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia," Kaspersky said in a report. The infections were recorded between March 13 and 27, 2025.  Triada is the]]> 2025-04-03T13:04:00+00:00 https://thehackernews.com/2025/04/triada-malware-preloaded-on-counterfeit.html www.secnews.physaphae.fr/article.php?IdArticle=8659988 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. "This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect," Jscrambler researchers Pedro]]> 2025-04-03T10:15:00+00:00 https://thehackernews.com/2025/04/legacy-stripe-api-exploited-to-validate.html www.secnews.physaphae.fr/article.php?IdArticle=8659963 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). "A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025," Europol said in a statement. "On March 11, 2025, the server, which contained around 72,000 videos at the time, was seized by]]> 2025-04-03T09:28:00+00:00 https://thehackernews.com/2025/04/europol-dismantles-kidflix-with-72000.html www.secnews.physaphae.fr/article.php?IdArticle=8659964 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. "The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull private Google Artifact]]> 2025-04-02T19:18:00+00:00 https://thehackernews.com/2025/04/google-fixed-cloud-run-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8659841 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction As the cybersecurity landscape evolves, service providers play an increasingly vital role in safeguarding sensitive data and maintaining compliance with industry regulations. The National Institute of Standards and Technology (NIST) offers a comprehensive set of frameworks that provide a clear path to achieving robust cybersecurity practices. For service providers, adhering to NIST]]> 2025-04-02T16:55:00+00:00 https://thehackernews.com/2025/04/helping-your-clients-achieve-nist.html www.secnews.physaphae.fr/article.php?IdArticle=8659811 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on an "auto-propagating" cryptocurrency mining botnet called Outlaw (aka Dota) that\'s known for targeting SSH servers with weak credentials. "Outlaw is a Linux malware that relies on SSH brute-force attacks, cryptocurrency mining, and worm-like propagation to infect and maintain control over systems," Elastic Security Labs said in a new analysis]]> 2025-04-02T16:13:00+00:00 https://thehackernews.com/2025/04/outlaw-group-uses-ssh-brute-force-to.html www.secnews.physaphae.fr/article.php?IdArticle=8659812 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When assessing an organization\'s external attack surface, encryption-related issues (especially SSL misconfigurations) receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited.  This highlights how important your SSL configurations are in maintaining your web application security and]]> 2025-04-02T15:30:00+00:00 https://thehackernews.com/2025/04/how-ssl-misconfigurations-impact-your.html www.secnews.physaphae.fr/article.php?IdArticle=8659800 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actor known as FIN7 has been linked to a Python-based backdoor called Anubis (not to be confused with an Android banking trojan of the same name) that can grant them remote access to compromised Windows systems. "This malware allows attackers to execute remote shell commands and other system operations, giving them full control over an infected machine," Swiss]]> 2025-04-02T12:22:00+00:00 https://thehackernews.com/2025/04/fin7-deploys-anubis-backdoor-to-hijack.html www.secnews.physaphae.fr/article.php?IdArticle=8659770 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of a malware loader called Hijack Loader that implements new features to evade detection and establish persistence on compromised systems. "Hijack Loader released a new module that implements call stack spoofing to hide the origin of function calls (e.g., API and system calls)," Zscaler ThreatLabz researcher Muhammed Irfan V A said in]]> 2025-04-02T11:25:00+00:00 https://thehackernews.com/2025/04/new-malware-loaders-use-call-stack.html www.secnews.physaphae.fr/article.php?IdArticle=8659756 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign has been attributed to a threat actor Wiz tracks as]]> 2025-04-01T22:38:00+00:00 https://thehackernews.com/2025/04/over-1500-postgresql-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8659668 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) On the 21st birthday of Gmail, Google has announced a major update that allows enterprise users to send end-to-end encrypted (E2EE) to any user in any email inbox in a few clicks. The feature is rolling out starting today in beta, allowing users to send E2EE emails to Gmail users within an organization, with plans to send E2EE emails to any Gmail inbox in the coming weeks and to any email inbox]]> 2025-04-01T21:04:00+00:00 https://thehackernews.com/2025/04/enterprise-gmail-users-can-now-send-end.html www.secnews.physaphae.fr/article.php?IdArticle=8659656 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new sophisticated phishing-as-a-service (PhaaS) platform called Lucid has targeted 169 entities in 88 countries using smishing messages propagated via Apple iMessage and Rich Communication Services (RCS) for Android. Lucid\'s unique selling point lies in its weaponizing of legitimate communication platforms to sidestep traditional SMS-based detection mechanisms. "Its scalable,]]> 2025-04-01T19:48:00+00:00 https://thehackernews.com/2025/04/lucid-phaas-hits-169-targets-in-88.html www.secnews.physaphae.fr/article.php?IdArticle=8659631 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below - CVE-2025-24085 (CVSS score: 7.3) - A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate]]> 2025-04-01T16:58:00+00:00 https://thehackernews.com/2025/04/apple-backports-critical-fixes-for-3.html www.secnews.physaphae.fr/article.php?IdArticle=8659590 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals. "This pattern suggests a coordinated effort to probe network defenses and identify exposed or vulnerable systems, potentially as a precursor to targeted exploitation," threat]]> 2025-04-01T16:47:00+00:00 https://thehackernews.com/2025/04/nearly-24000-ips-target-pan-os.html www.secnews.physaphae.fr/article.php?IdArticle=8659591 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Are your security tokens truly secure? Explore how Reflectiz helped a giant retailer to expose a Facebook pixel that was covertly tracking sensitive CSRF tokens due to human error misconfigurations. Learn about the detection process, response strategies, and steps taken to mitigate this critical issue. Download the full case study here.  By implementing Reflectiz\'s recommendations, the]]> 2025-04-01T16:33:00+00:00 https://thehackernews.com/2025/04/new-case-study-global-retailer.html www.secnews.physaphae.fr/article.php?IdArticle=8659593 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new China-linked threat actor called Earth Alux that has targeted various key sectors such as government, technology, logistics, manufacturing, telecommunications, IT services, and retail in the Asia-Pacific (APAC) and Latin American (LATAM) regions. "The first sighting of its activity was in the second quarter of 2023; back then, it was]]> 2025-04-01T16:33:00+00:00 https://thehackernews.com/2025/04/china-linked-earth-alux-uses-vargeit.html www.secnews.physaphae.fr/article.php?IdArticle=8659592 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has been hit with a fine of €150 million ($162 million) by France\'s competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it\'s imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS devices between April 26, 2021 and July 25,]]> 2025-04-01T11:17:00+00:00 https://thehackernews.com/2025/04/apple-fined-150-million-by-french.html www.secnews.physaphae.fr/article.php?IdArticle=8659536 False Mobile None 3.0000000000000000