ch
Feedback
TECHZONE™

TECHZONE™

前往频道在 Telegram

TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news

显示更多
595
订阅者
无数据24 小时
-17
-1030
帖子存档
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse https://thehackernews.com/2025/05/go-based-malware-deploys-xmrig-miner-on.html Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that's targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs. "RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,"

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts https://thehackernews.com/2025/05/malicious-pypi-packages-exploit.html Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below - checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300 downloads)

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access https://thehackernews.com/2025/05/ransomware-gangs-use-skitnet-malware.html Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. "Skitnet has been sold on underground forums like RAMP since April 2024," Swiss cybersecurity company PRODAFT told The Hacker News. "However, since early 2025, we have observed multiple ransomware operators using it

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer https://thehackernews.com/2025/05/rvtools-official-site-hacked-to-deliver.html The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement posted on its website. "Robware.net and RVTools.com are the only authorized and supported websites for

Why CTEM is the Winning Bet for CISOs in 2025 https://thehackernews.com/2025/05/why-ctem-is-winning-bet-for-cisos-in.html Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk. At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards https://thehackernews.com/2025/05/firefox-patches-2-zero-days-exploited.html Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below - CVE-2025-4918 - An out-of-bounds access vulnerability when resolving Promise objects that could allow an

⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More https://thehackernews.com/2025/05/weekly-recap-zero-day-exploits-insider.html Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow.  Just fixing problems isn’t enough anymore—resilience needs to be built into everything from the ground up.

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors https://thehackernews.com/2025/05/new-httpbot-botnet-launches-200.html Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. "Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks," NSFOCUS said in a report published this week. "By

Top 10 Best Practices for Effective Data Protection https://thehackernews.com/2025/05/top-10-best-practices-for-effective.html Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework? In this article, we'll explore data protection best practices from meeting

Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks https://thehackernews.com/2025/05/researchers-expose-new-intel-cpu-flaws.html Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to as Branch Privilege Injection (BPI), "can be exploited to misuse the prediction

Sednit abuses XSS flaws to hit gov't entities, defense companies https://www.welivesecurity.com/en/videos/sednit-xss-govt-entities-defense-companies/ Operation RoundPress targets webmail software to steal secrets from email accounts belonging mainly to governmental organizations in Ukraine and defense contractors in the EU

Operation RoundPress https://www.welivesecurity.com/en/eset-research/operation-roundpress/ ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks https://thehackernews.com/2025/05/fileless-remcos-rat-delivered-via-lnk.html Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. "Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents," Qualys security researcher Akshay Thorve said in a technical report. "The attack chain leverages mshta.exe for

[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications https://thehackernews.com/2025/05/from-code-to-cloud-to-soc-learn-smarter.html Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don’t wait. They exploit vulnerabilities within hours. Yet most organizations take days to respond to critical cloud alerts. That delay isn’t

Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit https://thehackernews.com/2025/05/meta-to-train-ai-on-eu-user-data-from.html Austrian privacy non-profit noyb (none of your business) has sent Meta's Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users' data for training its artificial intelligence (AI) models without an explicit opt-in. The move comes weeks after the social media behemoth announced its plans to train its AI models

Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails https://thehackernews.com/2025/05/coinbase-agents-bribed-data-of-1-users.html Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. "Criminals targeted our customer support agents overseas," the company said in a statement. "They used cash offers to convince a small group of insiders to copy data in our customer support tools for less than 1% of Coinbase monthly

Pen Testing for Compliance Only? It's Time to Change Your Approach https://thehackernews.com/2025/05/pen-testing-for-compliance-only-its.html Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gaining access to customer data weeks before being finally detected. This situation isn't theoretical: it

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy https://thehackernews.com/2025/05/new-chrome-vulnerability-enables-cross.html Google on Wednesday released updates to address four security issues in its Chrome web browser, including one for which it said there exists an exploit in the wild. The high-severity vulnerability, tracked as CVE-2025-4664 (CVSS score: 4.3), has been characterized as a case of insufficient policy enforcement in a component called Loader. "Insufficient policy enforcement in Loader in Google

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit https://thehackernews.com/2025/05/samsung-patches-cve-2025-4632-used-to.html Samsung has released software updates to address a critical security flaw in MagicINFO 9 Server that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-4632 (CVSS score: 9.8), has been described as a path traversal flaw. "Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan https://thehackernews.com/2025/05/bianlian-and-ransomexx-exploit-sap.html At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the RansomExx ransomware