The Hacker News

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

March 8, 2023 add comment
A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems. The flaws, tracked as CVE-2023-27898 and CVE-2023-27905,... Read more »

Syxsense Platform: Unified Security and Endpoint Management

March 8, 2023 add comment
As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize to handle endpoint security and management. This can leave... Read more »

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

March 8, 2023 add comment
The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While... Read more »

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

March 8, 2023 add comment
High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The... Read more »

CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

March 8, 2023 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is below... Read more »

SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms

March 7, 2023 add comment
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors. “The threat actors behind the campaign are targeting Facebook... Read more »

Why Healthcare Can’t Afford to Ignore Digital Identity

March 7, 2023 add comment
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare’s bottom line. — by Gus Malezis, CEO of Imprivata Digitalization has created immeasurable opportunities for businesses over the... Read more »

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps

March 7, 2023 add comment
A suspected Pakistan-aligned advanced persistent threat (APT) group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT.... Read more »

Shein’s Android App Caught Transmitting Clipboard Data to Remote Servers

March 7, 2023 add comment
An older version of Shein’s Android application suffered from a bug that periodically captured and transmitted clipboard contents to a remote server. The Microsoft 365 Defender Research Team said it discovered the problem... Read more »

LastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data Breach

March 7, 2023 add comment
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home computer, in what’s a sobering reminder of the dangers... Read more »
Subscribe to our Newsletter