News

The Hacker News5h
Manufacturing Security: Why Default Passwords Must Go
Default passwords like "1111" put critical infrastructure at risk. CISA urges manufacturers to fix this vulnerability.
The Hacker News11h
Automation ≠ Autopilot: Rethinking AI in Corporate Security and Compliance
AI accelerates security but needs human oversight to prevent risks like misconfigurations and compliance errors. Ensure AI ...
The Hacker News11h
TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors
The activity has been attributed by Recorded Future's Insikt Group to a threat actor tracked as TAG-140, which it said ...
The Hacker News1d
Alert: Exposed JDWP Interfaces Lead to Crypto Mining, Hpingbot Targets SSH for DDoS
Threat actors leverage exposed JDWP interfaces for code execution and cryptocurrency mining, with global scanning activity ...
The Hacker News2d
Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties
Taiwan NSB warns of security risks from Chinese apps, citing excessive data collection and sharing with China.
The Hacker News2d
Massive Android Fraud Operations Uncovered: IconAds, Kaleidoscope, SMS Malware, NFC Scams
It's worth noting that IconAds is a variant of a threat that's also tracked by other cybersecurity vendors under the names ...
The Hacker News3d
Google Ordered to Pay $314M for Misusing Android Users' Cellular Data Without Permission
Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android ...
The Hacker News3d
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
Two critical vulnerabilities in Sudo command-line tool allow privilege escalation for local attackers on Linux systems ...
The Hacker News2d
NightEagle APT Exploits Microsoft Exchange Flaw to Target China's Military and Tech Sectors
Cybersecurity researchers uncover NightEagle APT exploiting zero-day in Microsoft Exchange servers, targeting government, ...
The Hacker News4d
North Korean Hackers Target Web3 with Nim Malware and Use ClickFix in BabyShark Campaign
North Korean cyber group targets Web3 businesses with Nim-based malware, exploiting AppleScript and Telegram for persistent ...
The Hacker News4d
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms
Chinese hackers exploited Ivanti CSA zero-days, targeting French government, media, and telecom sectors in September 2024.
The Hacker News5d
Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits
Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic ...