In The News

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List The Hacker [email protected] (The Hacker News)
February 18, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, …


How Phished Data Turns into Apple & Google Wallets Krebs on SecurityBrianKrebs
February 18, 2025

Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure …


New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now The Hacker [email protected] (The Hacker News)
February 18, 2025

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, …


Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks The Hacker [email protected] (The Hacker News)
February 18, 2025

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a …


New FrigidStealer Malware Targets macOS Users via Fake Browser Updates The Hacker [email protected] (The Hacker News)
February 18, 2025

Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented …


Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication The Hacker [email protected] (The Hacker News)
February 18, 2025

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack …


Debunking the AI Hype: Inside Real Hacker Tactics The Hacker [email protected] (The Hacker News)
February 18, 2025

Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs’ Red Report 2025 which …


Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign The Hacker [email protected] (The Hacker News)
February 18, 2025

The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The …


New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials The Hacker [email protected] (The Hacker News)
February 18, 2025

Security vulnerabilities have been disclosed in Xerox VersaLink C7025 Multifunction printers (MFPs) that could allow attackers to capture authentication credentials via pass-back attacks via Lightweight Directory Access Protocol (LDAP) and …


Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers The Hacker [email protected] (The Hacker News)
February 17, 2025

Cybersecurity researchers have flagged a credit card stealing malware campaign that has been observed targeting e-commerce sites running Magento by disguising the malicious content within image tags in HTML code …