The Hacker News4h
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
Critical vulnerability (CVE-2024-10924) in Really Simple Security plugin allows attackers admin access to WordPress sites.
The Hacker News4h
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit
NSO Group exploited WhatsApp to install Pegasus spyware even after Meta sued, controlling operations themselves, not clients, ...
The Hacker News2d
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Palo Alto Networks confirms active exploitation of a critical zero-day in PAN-OS firewalls; users urged to secure interfaces ...
The Hacker News3d
CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed
Palo Alto Networks addressed these shortcomings as part of security updates released on October 9, 2024. The company has ...
The Hacker News3d
Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin
Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five ...
The Hacker News2d
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
BrazenBamboo exploits an unpatched FortiClient flaw to steal VPN credentials using DEEPDATA malware. Fortinet users advised ...
The Hacker News2d
How AI Is Transforming IAM and Identity Security
AI revolutionizes IAM by enabling real-time monitoring, anomaly detection, and adaptive governance for better security.
The Hacker News4d
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
North Korean Lazarus Group uses extended macOS file attributes to deliver RustyAttr malware to unsuspecting users ...
The Hacker News2d
Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
WezRat is assessed to be the work of Cotton Sandstorm, an Iranian hacking group that's better known under the cover names ...
The Hacker News3d
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
Google exposes cloaking scams targeting users with fake sites and AI-driven fraud, bolstering defenses with real-time scam ...
The Hacker News3d
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that ...
The Hacker News4d
Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel
SameCoin is a bespoke wiper that was uncovered in February 2024 as used by a Hamas-affiliated threat actor to sabotage ...