The Hacker News
⭐ Official THN Telegram Channel — A trusted, widely read, independent source for breaking news and tech coverage about cybersecurity and hacking. 📨 Contact: [email protected] 🌐 Website: https://thehackernews.com
Больше124 982
Подписчики
+2624 часа
+1407 дней
+38430 дней
Время активного постинга
Загрузка данных...
Find out who reads your channel
This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.
Анализ публикаций
| Посты | Просмотры | Поделились | Динамика просмотров |
01 🛑 Attention Developers and SysAdmins!
A new PHP flaw (CVE-2024-4577) affects all of its Windows versions, enabling remote code execution via CGI argument injection.
Learn more: https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html
Patch is available—update to PHP 8.3.8, 8.2.20, or 8.1.29 immediately. | 4 079 | 38 | Loading... |
02 Big news from Microsoft!
They’ve disabled the AI-powered Recall feature by default after backlash over #privacy concerns.
Recall now includes enhanced security like Windows Hello biometric scanning and encrypted databases.
Learn more: https://thehackernews.com/2024/06/microsoft-revamps-controversial-ai.html | 4 321 | 20 | Loading... |
03 Ransomware, DDoS, data breaches – 2023 was a tough year for cybersecurity.
The good news? Many of these attacks could have been prevented with better basic practices.
Learn more at our upcoming webinar: https://thehackernews.com/2024/06/ultimate-cyber-hygiene-guide-learn-how.html
SAVE YOUR SPOT NOW! | 6 348 | 5 | Loading... |
04 🚨 LightSpy, a malware framework, now targets macOS alongside iOS, Android, and Windows. It uses 10 plugins to gather extensive data from infected devices.
Learn more: https://thehackernews.com/2024/06/lightspy-spywares-macos-variant-found.html | 6 231 | 4 | Loading... |
05 Traditional SCA tools often miss critical vulnerabilities and create alert fatigue. Learn how to protect your software supply chain from emerging threats.
🔗 Download the guide for more insights: https://thehackernews.com/2024/06/cyber-landscape-is-evolving-so-should.html | 6 507 | 3 | Loading... |
06 Growing concerns over responsible 🤖 AI use:
✓ Google guides Android devs
✓ Meta faces EU privacy complaints
✓ Microsoft's Recall feature raises security red flags
Learn about the potential risks & how they could impact you: https://thehackernews.com/2024/06/the-ai-debate-googles-guidelines-metas.html | 6 772 | 5 | Loading... |
07 🔒 FBI has 7,000+ decryption keys for LockBit ransomware to help victims recover their data for free. If you're a victim, don't pay the ransom.
🔧 Here's how to unlock your data: https://thehackernews.com/2024/06/fbi-distributes-7000-lockbit-ransomware.html | 7 573 | 42 | Loading... |
08 🔒 Alert: CERT-UA warns of cyber-attacks on Ukraine's defense forces using the SPECTR malware in SickSync espionage campaign.
Learn more about the tactics used by the Vermin group: https://thehackernews.com/2024/06/spectr-malware-targets-ukraine-defense.html | 7 159 | 6 | Loading... |
09 Cybercriminals are exploiting vulnerabilities in Docker and ThinkPHP to deploy cryptominers and web shells.
Learn more about these cyberattacks - https://thehackernews.com/2024/06/commando-cat-cryptojacking-attacks.html
Secure your installations and update your applications to prevent attacks. | 7 199 | 7 | Loading... |
10 New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released and threat actors are updating their techniques continuously.
Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical.
Join Intruder’s webinar on June 12, 2024, to learn how to get started: https://thn.news/exposure-management-lessons
Can’t make it? Register for the webinar and a copy will be sent. | 8 242 | 10 | Loading... |
11 🚨 61% of U.S. businesses were hit by software supply chain attacks last year, causing data breaches, financial losses, and reputational harm.
🔒 Learn how to protect your organization from these critical threats: https://thehackernews.com/2024/06/third-party-cyber-attacks-threat-no-one.html | 7 528 | 6 | Loading... |
12 🤖 Muhstik botnet malware is now exploits CVE-2023-33246 in Apache RocketMQ, targeting IoT devices and Linux servers for DDoS attacks and cryptomining.
Find more details on this ongoing threat here: https://thehackernews.com/2024/06/muhstik-botnet-exploiting-apache.html | 7 760 | 8 | Loading... |
13 🔒 Password reuse can lead to devastating account takeovers.
Tom's story shows how reusing a strong password across different sites can still expose you to hackers.
Discover the best practices for preventing account takeover attacks: https://thehackernews.com/2024/06/prevent-account-takeover-with-better.html | 7 998 | 10 | Loading... |
14 🚨 Alert: Hackers are exploiting legitimate packer software like "BoxedApp" to distribute malware undetected, targeting financial institutions and government agencies.
Read the full story here - https://thehackernews.com/2024/06/hackers-exploit-legitimate-packer.html | 8 151 | 7 | Loading... |
15 Google Settles Location Tracking Allegations.
Starting Dec 1, 2024, Google Maps Timeline data will be stored locally on users' devices, boosting privacy.
Learn more: https://thehackernews.com/2024/06/google-maps-timeline-data-to-be-stored.html | 8 562 | 20 | Loading... |
16 🐍 Python developers beware! A malicious package named "crytic-compilers" was discovered on PyPI, designed to deliver the Lumma info stealer.
Learn more: https://thehackernews.com/2024/06/hackers-target-python-developers-with.html | 8 587 | 21 | Loading... |
17 🚨 Major communication platform faces backlash for using user data to train AI models without proper consent.
Is your organization's sensitive data at risk?
Learn about the growing threat of Shadow AI & how to combat it with automated SSPM solutions: https://thehackernews.com/2024/06/unpacking-2024s-saas-threat-predictions.html | 9 760 | 5 | Loading... |
18 🛡️ Chinese state-sponsored hackers target Southeast Asian government in cyber espionage campaign using new malware like PocoProxy and updated EAGERBEE, along with other known families.
Details here: https://thehackernews.com/2024/06/chinese-state-backed-cyber-espionage.html | 9 781 | 10 | Loading... |
19 🚨 ALERT: RansomHub, a rebranded Knight #ransomware, targets healthcare and major entities.
Using legitimate remote desktop tools and recruiting from shutdown groups, it shows evolving cybercriminal tactics.
Learn more: https://thehackernews.com/2024/06/rebranded-knight-ransomware-targeting.html | 9 446 | 5 | Loading... |
20 ⚠️ TikTok admits a security issue where zero-click hashtag#malware in DMs allowed hackers to hijack high-profile accounts without user interaction.
Find details here: https://thehackernews.com/2024/06/celebrity-tiktok-accounts-compromised.html | 10 185 | 41 | Loading... |
21 ⚡ Attention, Zyxel NAS Users!
Critical updates released for NAS326 and NAS542 devices address severe vulnerabilities that could allow unauthenticated attackers to execute OS commands.
Learn more: https://thehackernews.com/2024/06/zyxel-releases-patches-for-firmware.html
Update now to secure your data! | 9 539 | 7 | Loading... |
22 Decoy Dog malware, previously targeting Linux, now has a confirmed Windows variant. APT group HellHounds is using this new version to compromise high-value targets in Russia and maintain persistent access for years.
Learn more: https://thehackernews.com/2024/06/russian-power-companies-it-firms-and.html | 10 036 | 9 | Loading... |
23 The old way of protecting browsers is outdated. A new report reveals why Browser Isolation isn't enough anymore and how Secure Browser Extensions are stepping up to the challenge.
Learn more: https://thehackernews.com/2024/06/the-next-generation-of-rbi-remote.html | 9 572 | 7 | Loading... |
24 ⚠️ Critical security flaw discovered in Progress Telerik Report Server (CVE-2024-4358, CVSS 9.8/10).
Remote attackers could bypass authentication and create rogue admin users.
Learn more: https://thehackernews.com/2024/06/telerik-report-server-flaw-could-let.html
Update to version 2024 Q2 (10.1.24.514) ASAP. | 9 511 | 22 | Loading... |
25 Nudge Security has discovered over 500 unique GenAI apps in customer environments without the need for agents, browser plug-ins, or any prior knowledge of the apps in use.
See how you can discover, secure, and govern GenAI use with a free 14-day trial: https://thn.news/mitigate-genaI-risks | 9 035 | 7 | Loading... |
26 🕵️♀️ Threat intelligence decay is real, and it's putting your organization at risk. Learn how AI is exacerbating this challenge and what you can do to stay ahead.
🔗 Read this article for more insights: https://thehackernews.com/expert-insights/2024/06/leveraging-ai-as-tool-in-threat.html | 8 570 | 5 | Loading... |
27 A sophisticated cyber attack targeting Ukraine's endpoints has been discovered, aiming to deploy Cobalt Strike.
Learn how this multi-stage attack unfolds and the evasion techniques used by the attackers.
Read: https://thehackernews.com/2024/06/hackers-use-ms-excel-macro-to-launch.html | 8 710 | 5 | Loading... |
28 🚨 Red Alert: Snowflake customers must enable MFA now to prevent account compromise from stolen credentials 🔑 obtained through information-stealing malware.
Learn more: https://thehackernews.com/2024/06/snowflake-warns-targeted-credential.html
Act immediately to protect your organization. | 8 833 | 9 | Loading... |
29 🚨 DarkGate shifts from AutoIt to AutoHotkey, highlighting its continuous evolution to evade detection.
Latest version packs new commands but drops some old ones. Learn more: https://thehackernews.com/2024/06/darkgate-malware-replaces-autoit-with.html | 9 233 | 7 | Loading... |
30 🚨 Alert - CISA has added a critical flaw in Oracle WebLogic Server to its KEV catalog due to active exploitation.
Details: https://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html
This OS command injection vulnerability (CVE-2017-3506) could allow attackers to take control of affected servers. | 9 284 | 25 | Loading... |
31 Imagine if you could focus on the 20% of vulnerabilities that actually matter and see an 80% improvement in your security posture.
Or, gain 80% more time to focus on activities critical to keeping your business secure…
Join Intruder’s webinar on June 12, 2024 to find out how to achieve this today.
Can’t make it? Register for the webinar and a copy will be sent: https://thn.news/exposure-management-webinar | 10 174 | 6 | Loading... |
32 🕵️♂️ Attention developers!
A new suspicious package named "glup-debugger-log" has been discovered on the npm registry, designed to drop a RAT on compromised systems.
Learn more: https://thehackernews.com/2024/06/researchers-uncover-rat-dropping-npm.html | 35 738 | 13 | Loading... |
33 Cato's SASE Threat Report uncovers critical enterprise and network threats through extensive data analysis.
Security professionals: Don't miss these crucial findings and insights!
👉 Click to learn more: https://thehackernews.com/2024/06/sase-threat-report-8-key-findings-for.html | 38 080 | 8 | Loading... |
34 🌍 Operation Endgame!
Odd, the elusive cybercriminal behind Emotet, has been identified with multiple aliases. Law enforcement seeks your help to uncover his network.
Learn more: https://thehackernews.com/2024/06/authorities-ramp-up-efforts-to-capture.html | 37 234 | 10 | Loading... |
35 🔒 Researcher uncovered authorization bypass issues in Cox modems, allowing attackers to run malicious commands and remotely access PII from millions of devices.
Read more: https://thehackernews.com/2024/06/researcher-uncovers-flaws-in-cox-modems.html | 39 176 | 8 | Loading... |
36 🚨 Attention South Korean businesses!
Andariel group targets educational institutes, manufacturing firms, and construction companies with new Golang-based backdoor Dora RAT.
Learn more: https://thehackernews.com/2024/06/andariel-hackers-target-south-korean.html | 10 732 | 8 | Loading... |
37 🚨 Beware of fake browser updates! Cybercriminals are using this tactic to deliver RATs and info stealers like BitRAT and Lumma Stealer.
Find out how this affordable malware is enabling cybercriminals to steal sensitive data: https://thehackernews.com/2024/06/beware-fake-browser-updates-deliver.html
#cybersecurity #hacking | 40 414 | 20 | Loading... |
38 Hugging Face detected unauthorized access to its Spaces platform. A subset of secrets might have been accessed without authorization. Hugging Face is revoking compromised tokens and advising users to switch to fine-grained access tokens.
https://thehackernews.com/2024/06/ai-company-hugging-face-notifies-users.html | 40 864 | 18 | Loading... |
39 ⚡ Over 600,000 SOHO routers were bricked and taken offline in a massive, destructive cyberattack targeting a single U.S. internet service provider.
Learn: https://thehackernews.com/2024/05/mysterious-cyber-attack-takes-down.html
This unprecedented event required hardware replacement for all affected devices. | 41 347 | 36 | Loading... |
40 Attackers are evolving faster than defenses. From polymorphic viruses to sandbox evasion, the cybersecurity landscape is ever-changing.
It's time to rethink our strategies.
Discover how Everfox leads in prevention-based security: https://thehackernews.com/2024/05/beyond-threat-detection-race-to-digital.html | 43 105 | 11 | Loading... |
🛑 Attention Developers and SysAdmins!
A new PHP flaw (CVE-2024-4577) affects all of its Windows versions, enabling remote code execution via CGI argument injection.
Learn more: https://thehackernews.com/2024/06/new-php-vulnerability-exposes-windows.html
Patch is available—update to PHP 8.3.8, 8.2.20, or 8.1.29 immediately.
🔥 18👍 10🤯 8
Big news from Microsoft!
They’ve disabled the AI-powered Recall feature by default after backlash over #privacy concerns.
Recall now includes enhanced security like Windows Hello biometric scanning and encrypted databases.
Learn more: https://thehackernews.com/2024/06/microsoft-revamps-controversial-ai.html
😁 14👍 10⚡ 4🤔 3
Ransomware, DDoS, data breaches – 2023 was a tough year for cybersecurity.
The good news? Many of these attacks could have been prevented with better basic practices.
Learn more at our upcoming webinar: https://thehackernews.com/2024/06/ultimate-cyber-hygiene-guide-learn-how.html
SAVE YOUR SPOT NOW!
🤔 12👍 5🔥 3⚡ 2
🚨 LightSpy, a malware framework, now targets macOS alongside iOS, Android, and Windows. It uses 10 plugins to gather extensive data from infected devices.
Learn more: https://thehackernews.com/2024/06/lightspy-spywares-macos-variant-found.html
👍 8⚡ 7🔥 3
Traditional SCA tools often miss critical vulnerabilities and create alert fatigue. Learn how to protect your software supply chain from emerging threats.
🔗 Download the guide for more insights: https://thehackernews.com/2024/06/cyber-landscape-is-evolving-so-should.html
🔥 6👍 5🤔 5😱 3⚡ 1
Growing concerns over responsible 🤖 AI use:
✓ Google guides Android devs
✓ Meta faces EU privacy complaints
✓ Microsoft's Recall feature raises security red flags
Learn about the potential risks & how they could impact you: https://thehackernews.com/2024/06/the-ai-debate-googles-guidelines-metas.html
👍 13🔥 9⚡ 1
🔒 FBI has 7,000+ decryption keys for LockBit ransomware to help victims recover their data for free. If you're a victim, don't pay the ransom.
🔧 Here's how to unlock your data: https://thehackernews.com/2024/06/fbi-distributes-7000-lockbit-ransomware.html
👍 23👏 6🤯 5🔥 2😁 2⚡ 1
🔒 Alert: CERT-UA warns of cyber-attacks on Ukraine's defense forces using the SPECTR malware in SickSync espionage campaign.
Learn more about the tactics used by the Vermin group: https://thehackernews.com/2024/06/spectr-malware-targets-ukraine-defense.html
👍 7🔥 6🤯 4
Cybercriminals are exploiting vulnerabilities in Docker and ThinkPHP to deploy cryptominers and web shells.
Learn more about these cyberattacks - https://thehackernews.com/2024/06/commando-cat-cryptojacking-attacks.html
Secure your installations and update your applications to prevent attacks.
👍 13🔥 5🤯 2
New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released and threat actors are updating their techniques continuously.
Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical.
Join Intruder’s webinar on June 12, 2024, to learn how to get started: https://thn.news/exposure-management-lessons
Can’t make it? Register for the webinar and a copy will be sent.
Focus on what matters most! Exposure management and your attack surface
Your business, attack surface and the threat landscape are not static - they are constantly changing. Knowing where and how to prioritize your security resources to achieve the greatest impact with the least time invested is critical. Join us to find out how to get started.
👍 9🔥 8