The Hacker News34 分钟
Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts
Junior Barros De Oliveira, 29, of Curitiba, Brazil has been charged with four counts of extortionate threats involving ...
The Hacker News1 天
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
Apache Traffic Control 8.0.2 fixes CVE-2024-45387, a critical 9.9 CVSS SQL injection flaw targeting privileged users.
The Hacker News1 天
Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks
Claroty's research also found that it's easy to break MQTT authentication by simply knowing the device's serial number ...
The Hacker News1 天
Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware ...
The Hacker News2 天
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
CISA adds CVE-2021-44207 to KEV catalog for active exploitation risk. Agencies must patch by Jan 13, 2025, to mitigate remote ...
The Hacker News2 天
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
PyPI packages "Zebo" and "Cometlogger" downloaded 280+ times, exfiltrate data with obfuscation and anti-detection.
The Hacker News2 天
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
LLMs can create 10,000 malware variants evading detection with 88% success, degrading ML classifiers and risking AI model ...
The Hacker News3 天
Top 10 Cybersecurity Trends to Expect in 2025
The trends shaping 2025 show the importance of adopting forward-thinking strategies to address evolving threats. From ...
The Hacker News2 天
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks
Apache releases a security update for CVE-2024-56337, addressing RCE risks in Tomcat servers with critical configuration ...
The Hacker News6 天
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
Lazarus Group's CookiePlus malware targets nuclear engineers, showcasing DPRK's evolving arsenal and $1.34B in 2024 crypto ...
The Hacker News3 天
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Hackers are using everyday tools in harmful ways, hiding spyware in trusted apps, and finding new ways to take advantage of ...
The Hacker News3 天
Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service
Rockstar2FA disruption on November 11 spurred FlowerStorm phishing surge, targeting 10 countries and service sectors.