The Hacker News7 小时
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Three critical vulnerabilities in WGS-804HPT switches, including two CVSS 9.8 flaws, allow remote code execution.
The Hacker News9 小时
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Millions of PHP servers compromised by Python bots using GSocket to target Indonesian users with gambling redirects.
The Hacker News11 小时
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their ...
The Hacker News17 小时
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Noyb files GDPR complaints against TikTok, AliExpress, and others for illegal EU-China data transfers, citing risks of ...
The Hacker News11 小时
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
New Sneaky 2FA phishing kit targets Microsoft 365 accounts, bypassing 2FA using QR codes and anti-analysis measures.
The Hacker News19 小时
Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign
Star Blizzard shifts to WhatsApp spear-phishing, using QR codes to target diplomats and Ukraine aid. Campaign ended November ...
The Hacker News1 天
Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action
Simplify trust management with DigiCert ONE: centralize control, automate operations, and ensure compliance in hybrid ...
The Hacker News1 天
Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
Threat actors embed malware like VIP Keylogger in images via phishing emails and Base64 encoding, leveraging .NET loaders and ...
The Hacker News1 天
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
UEFI vulnerability CVE-2024-7344 allows unsigned code execution in Secure Boot systems. Microsoft revokes binaries; vendors ...
The Hacker News1 天
North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains
North Korean hackers stole $1.34 billion in 2024, targeting cryptocurrency exchanges and blockchain firms globally.
The Hacker News1 天
Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws
Python backdoor delivers RansomHub ransomware after SocGholish exploits outdated WordPress SEO plugins. Impact: lateral ...
The Hacker News1 天
Zero Trust Security, Why It's Essential In Today's Threat Landscape
Zero Trust prevents breaches with direct-to-app access and contextual policies, enabling secure digital transformation.