Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability The Hacker [email protected] (The Hacker News)
January 28, 2025

Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild. "Attackers can leverage this vulnerability to execute arbitrary commands …


PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks The Hacker [email protected] (The Hacker News)
January 28, 2025

A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The …


OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking The Hacker [email protected] (The Hacker News)
January 28, 2025

Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. "By exploiting this flaw, attackers can gain unauthorized access …


AI SOC Analysts: Propelling SecOps into the future The Hacker [email protected] (The Hacker News)
January 28, 2025

Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation strategies with AI has emerged …


Ransomware Targets ESXi Systems via Stealthy SSH Tunnels for C2 Operations The Hacker [email protected] (The Hacker News)
January 28, 2025

Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control (C2) infrastructure and …


How Long Does It Take Hackers to Crack Modern Hashing Algorithms? The Hacker [email protected] (The Hacker News)
January 28, 2025

While passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST …


E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries The Hacker [email protected] (The Hacker News)
January 28, 2025

The Council of the European Union has sanctioned three individuals for allegedly carrying out "malicious cyber activities" against Estonia. The three Russian nationals – Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy …


Top-Rated Chinese AI App DeepSeek Limits Registrations Amid Cyberattacks The Hacker [email protected] (The Hacker News)
January 27, 2025

DeepSeek, the Chinese AI startup that has captured much of the artificial intelligence (AI) buzz in recent days, said it's restricting registrations on the service, citing malicious attacks. "Due to large-scale …


Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More The Hacker [email protected] (The Hacker News)
January 27, 2025

Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-24085, …


A Tumultuous Week for Federal Cybersecurity Efforts Krebs on SecurityBrianKrebs
January 27, 2025

President Trump last week issued a flurry of executive orders that upended a number of government initiatives focused on improving the nation's cybersecurity posture. The president fired all advisors from …