Welcome, Guest
You have to register before you can post on our site.

Username/Email:
  

Password
  





Search Forums

(Advanced Search)

Online Users
There are currently 45 online users.
» 0 Member(s) | 43 Guest(s)
Bing, Google

Latest Threads
Mysterious Kill Switch Di...
Forum: The Hacker News
Last Post: yazrozzarn
01-10-2026, 04:36 AM
» Replies: 1
» Views: 865
UAW drops unfair labor pr...
Forum: Other Automakers
Last Post: BillyMum
06-16-2025, 09:15 PM
» Replies: 2
» Views: 2,557
Uber's Ex-CISO Appeals Co...
Forum: Dark Reading.com
Last Post: BillyMum
06-15-2025, 05:26 AM
» Replies: 2
» Views: 3,809
2021 Hyundai Ioniq SEL
Forum: Kia USB Entry
Last Post: HackMaster
03-31-2025, 07:17 AM
» Replies: 0
» Views: 456
Vulnerability of Remote K...
Forum: Keyless entry
Last Post: HackMaster
03-31-2025, 07:14 AM
» Replies: 0
» Views: 355
The (In)Security of Autom...
Forum: Keyless entry
Last Post: HackMaster
03-31-2025, 07:12 AM
» Replies: 0
» Views: 336
Relay Attacks on Passive ...
Forum: Keyless entry
Last Post: HackMaster
03-31-2025, 07:07 AM
» Replies: 0
» Views: 327
Hacking Tesla from Wirele...
Forum: Tesla
Last Post: HackMaster
03-31-2025, 06:58 AM
» Replies: 0
» Views: 365
Hacking Tesla from Wirele...
Forum: Tesla
Last Post: HackMaster
03-31-2025, 06:22 AM
» Replies: 0
» Views: 351
Schematics and Datasheets
Forum: Schematics
Last Post: HackMaster
02-27-2025, 12:26 AM
» Replies: 0
» Views: 312

 
  Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT

Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT.
"Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity," enterprise security firm Proofpoint said in a report shared with The

https://thehackernews.com/2023/09/sophis...gn_20.html

Print this item

  Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys

Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server.
Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, @am-fe/watermark-core,

https://thehackernews.com/2023/09/fresh-...kages.html

Print this item

  Do You Really Trust Your Web Application Supply Chain?
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Do You Really Trust Your Web Application Supply Chain?

Well, you shouldn’t. It may already be hiding vulnerabilities.
It's the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web components, JS frameworks, and open-source tools to deliver all the different functionalities that keep their customers happy, but this chain of dependencies is also what makes them so vulnerable.
Many of

https://thehackernews.com/2023/09/do-you...r-web.html

Print this item

  Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Critical Security Flaws Exposed in Nagios XI Network Monitoring Software

Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure.
The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on August 4, 2023, They have been patched as of September 11, 2023, with

https://thehackernews.com/2023/09/critic...ed-in.html

Print this item

  Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022.
"The site operated as a hidden service in the encrypted TOR network," the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday. "The site has been used in anonymous criminal activities such as narcotics trade."
The agency

https://thehackernews.com/2023/09/finnis...rious.html

Print this item

  Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with Venom RAT

A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware.
"The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited a SQL injection vulnerability in an application called GeoServer, which is tracked

https://thehackernews.com/2023/09/beware...inrar.html

Print this item

  Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software.
"It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software," it said in an alert last week. "Only a small subset of users, specifically

https://thehackernews.com/2023/09/ukrain...ehind.html

Print this item

  Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware.
SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant).
"This financially motivated

https://thehackernews.com/2023/09/cyber-...lling.html

Print this item

  China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries.
In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on

https://thehackernews.com/2023/09/china-...cyber.html

Print this item

  The Rise of the Malicious App
Posted by: The Hacker News - 09-21-2023, 06:13 AM - Forum: The Hacker News - No Replies

The Rise of the Malicious App

Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace, or Microsoft 365. Security concerns center on the permission scopes that are granted to the third party apps, and the potential

https://thehackernews.com/2023/09/the-ri...s-app.html

Print this item