Author: [email protected] (The Hacker News)

Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-25012, carries a CVSS score of 9.9 out of a maximum of 10.0. It has been described as a case of prototype pollution. … Read More “Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution  – The Hacker News” »

Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach that provides real-time insights into how attackers move through their environment. This is where attack graphs come in. By mapping … Read More “Outsmarting Cyber Threats with Attack Graphs  – The Hacker News” »

Journey with us to Myanmar’s shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company’s mandatory hold time for tech support could lead to innocent users having their computers compromised. All this and more is discussed in the latest edition of the “Smashing … Read More “Smashing Security podcast #407: HP’s hold music, and human trafficking  – Graham Cluley” »

Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. “Creating four backdoors facilitates the attackers having multiple points of re-entry should one be detected and removed,” c/side researcher Himanshu Anand said in a Wednesday analysis. The malicious JavaScript code has been found to be served … Read More “Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access  – The Hacker News” »

The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), eight employees of an ostensibly private … Read More “U.S. Charges 12 Chinese Nationals in State-Backed Hacking Operations  – The Hacker News” »

The Justice Department on Wednesday indicted 12 Chinese nationals for their alleged involvement in an extensive nation-state-backed espionage campaign that included a spree of attacks on U.S. federal and state agencies, including the late 2024 attack targeting the Treasury Department.  Officials accused the Chinese individuals, including two officers of China’s Ministry of Public Security, eight … Read More “US indicts 12 Chinese nationals for vast espionage attack spree  – CyberScoop” »

Microsoft warns that Chinese espionage group Silk Typhoon now exploits IT tools like remote management apps and cloud services to breach networks.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Threat actors became increasingly efficient last year, rapidly achieving lateral movement and swiftly stealing data at a faster clip than ever before, according to multiple threat intelligence firms.  The reduced time frame is a clear indicator that cybercriminals are constantly improving their ability to be successful. With the abuse of legitimate system tools to help … Read More “Cybercriminals picked up the pace on attacks last year  – CyberScoop” »

The generative AI revolution is leading to an explosion of chatbot personas that are specifically designed to promote harmful behaviors like anorexia, suicidal ideation and pedophilia, according to a new report from Graphika. Graphika’s research focuses on three distinct chatbot personas that have become particularly popular online: those portraying sexualized minors, advocates for eating disorders … Read More “Anorexia coaches, self-harm buddies and sexualized minors: How online communities are using AI chatbots for harmful behavior   – CyberScoop” »

Open-source software security firm Chainguard announced Wednesday that it is now building FIPS-validated images for Apache Cassandra, achieving what it describes as a first-of-its-kind accomplishment in the open-source community.  The project enables organizations in regulated industries — including government, health care, and finance — to deploy Cassandra with cryptographic libraries compliant with the National Institute … Read More “Chainguard’s FIPS-compliant Cassandra addresses security demand of federal and regulated markets  – CyberScoop” »

Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim’s data and demands a ransom for a decryption key. Read more about it in my article on the Tripwire State of Security blog.  – Read More  – Graham Cluley 

The NSA’s former top cybersecurity official told Congress on Wednesday that the Trump administration’s attempts to mass fire probationary federal employees will be “devastating” for U.S. cybersecurity operations. In testimony to the House Select Committee on the Chinese Communist Party, Rob Joyce, the former NSA cybersecurity director who retired from government service last year, warned … Read More “Former top NSA cyber official: Probationary firings ‘devastating’ to cyber, national security  – CyberScoop” »

London, United Kingdom, 5th March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That’s according to new findings from the Microsoft Threat Intelligence team, which said the Silk … Read More “China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access  – The Hacker News” »

Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information. “These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations,” Google said. “And more phone calling scammers are using spoofing techniques to hide their real  – Read … Read More “Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud  – The Hacker News” »

The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024. The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.” “It … Read More “Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America  – The Hacker News” »

USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization’s reputation. An example is the Stuxnet worm discovered in 2010, a malware … Read More “Defending against USB drive attacks with Wazuh  – The Hacker News” »

Have you had a phone call from police about your cryptocurrency wallet? Be on your guard – you could be about to be scammed. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identity—the gateway to enterprise security and the number one … Read More “Identity: The New Cybersecurity Battleground  – The Hacker News” »

The threat actor known as Lotus Panda has been observed targeting government, manufacturing, telecommunications, and media sectors in the Philippines, Vietnam, Hong Kong, and Taiwan with updated versions of a known backdoor called Sagerunex. “Lotus Blossom has been using the Sagerunex backdoor since at least 2016 and is increasingly employing long-term persistence command shells and … Read More “Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants  – The Hacker News” »

Cofense uncovers new LinkedIn phishing scam delivering ConnectWise RAT. Learn how attackers bypass security with fake InMail emails…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Veriti Research reveals 40% of networks allow ‘any/any’ cloud access, exposing critical vulnerabilities. Learn how malware like XWorm…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Malicious hacking groups pay close attention to public documents related to criminal prosecutions, and the lack of standardized names for those groups hampers U.S. federal law enforcement, an investigator said in a recent speech. The investigator, who could not be named under the conditions of the speech, said those are just two of many problems … Read More “Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement  – CyberScoop” »

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. “The threat actor has published at least seven packages impersonating widely used Go libraries, including one (github[.]com/shallowmulti/hypert) that appears to target financial-sector developers  – Read More  … Read More “Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems  – The Hacker News” »

As Salt Typhoon and other hacking groups continue targeting U.S. telecoms, a bipartisan bill that cleared a key House panel Tuesday aims to formalize a more cyber-focused role for the federal agency focused on those wireless networks. The National Telecommunications and Information Administration Organization Act would establish an Office of Policy Development and Cybersecurity within … Read More “Congress eyes bigger cyber role for NTIA amid telecom attacks  – CyberScoop” »

Scammers are impersonating BianLian ransomware, and mailing fake ransom letters to businesses. Learn the red flags and how…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Boston and Tel Aviv, United States, 4th March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Unit 42 uncovers JavaGhost’s evolving AWS attacks. Learn how this threat actor uses phishing, IAM abuse, and advanced…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. “Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing … Read More “Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates  – The Hacker News” »

In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Simon Humbert and Guy Lederfein of the Trend Micro Research Team detail a recently patched code execution vulnerability in the Microsoft Windows Key Distribution Center (KDC) Proxy. This bug was originally discovered by k0shl and Wei in Kunlun Lab with Cyber KunLun. Successful … Read More “CVE-2024-43639: Remote Code Execution in Microsoft Windows KDC Proxy  – Zero Day Initiative – Blog” »