TECHZONE™
Відкрити в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Показати більше595
Підписники
Немає даних24 години
-27 днів
-1130 день
Архів дописів
595
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
https://thehackernews.com/2025/04/google-releases-android-update-to-patch.html
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.
The two high-severity vulnerabilities are listed below -
CVE-2024-53150 (CVSS score: 7.8) - An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure
CVE-2024-53197 (CVSS score: 7.8) - A privilege escalation flaw in the USB sub-component of Kernel
595
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
https://thehackernews.com/2025/04/cisa-and-fbi-warn-fast-flux-is-powering.html
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel.
"'Fast flux' is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System (DNS)
595
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Comeback and More
https://thehackernews.com/2025/04/weekly-recap-vpn-exploits-oracles.html
Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day.
Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough.
This week,
595
Security Theater: Vanity Metrics Keep You Busy - and Exposed
https://thehackernews.com/2025/04/security-theater-vanity-metrics-keep.html
After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure.
It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending - how many vulnerabilities we patched, how fast we
595
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
https://thehackernews.com/2025/04/poisonseed-exploits-crm-accounts-to.html
A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims' digital wallets.
"Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack," Silent Push said in an
595
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
https://thehackernews.com/2025/04/microsoft-credits-encrypthub-hacker.html
A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime.
In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming
595
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
https://thehackernews.com/2025/04/north-korean-hackers-deploy-beavertail.html
The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader.
"These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation
595
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
https://thehackernews.com/2025/04/malicious-python-packages-on-pypi.html
Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information.
Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a
595
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
https://thehackernews.com/2025/04/spotbugs-access-token-theft-identified.html
The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs.
"The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for
595
Have We Reached a Distroless Tipping Point?
https://thehackernews.com/2025/04/have-we-reached-distroless-tipping-point.html
There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how it’s being used. A new technology development emerges and captures the world's attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation's potential. These use cases generate significant value, fueling demand for the next iteration of
595
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
https://thehackernews.com/2025/04/critical-ivanti-flaw-actively-exploited.html
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems.
"A stack-based buffer overflow in Ivanti Connect
595
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
https://thehackernews.com/2025/04/cert-ua-reports-cyberattacks-targeting.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data.
The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links pointing to legitimate
595
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
https://thehackernews.com/2025/04/critical-flaw-in-apache-parquet-allows.html
A maximum severity security vulnerability has been disclosed in Apache Parquet's Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances.
Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and retrieval, providing support for complex data, high-performance
595
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
https://thehackernews.com/2025/04/microsoft-warns-of-tax-themed-email.html
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials.
"These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection," Microsoft said in a report shared with The
595
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware
https://thehackernews.com/2025/04/lazarus-group-targets-job-seekers-with.html
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems.
The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by
595
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar
https://thehackernews.com/2025/04/ai-threats-are-evolving-fast-learn.html
The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it's also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed.
And here's the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind.
But you’re not alone—and
595
AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock
https://thehackernews.com/2025/04/ai-adoption-in-enterprise-breaking.html
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles.
Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security
595
Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent
https://thehackernews.com/2025/04/google-patches-quick-share.html
Cybersecurity researchers have disclosed details of a new vulnerability impacting Google's Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target's device without their approval.
The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by
595
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
https://thehackernews.com/2025/04/triada-malware-preloaded-on-counterfeit.html
Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada.
"More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia," Kaspersky said in a report. The infections were recorded between March 13 and 27, 2025.
Triada is the
595
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
https://thehackernews.com/2025/04/legacy-stripe-api-exploited-to-validate.html
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration.
"This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect," Jscrambler researchers Pedro
Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
