In The News

PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 22, 2025

A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, …


Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 22, 2025

Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is …


Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 21, 2025

Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported …


Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 21, 2025

Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant …


13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 21, 2025

A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered …


Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 21, 2025

A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization …


HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 21, 2025

Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security …


PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 20, 2025

Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT. The attacks …


CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 20, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim …


Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers The Hacker Newsinfo@thehackernews.com (The Hacker News)
January 20, 2025

New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's …