Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives The Hacker [email protected] (The Hacker News)
February 20, 2025

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. "The legitimate application used …


Microsoft’s End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now The Hacker [email protected] (The Hacker News)
February 20, 2025

For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes …


Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability The Hacker [email protected] (The Hacker News)
February 19, 2025

Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions. The vulnerability, tracked …


Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability The Hacker [email protected] (The Hacker News)
February 19, 2025

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below …


Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes The Hacker [email protected] (The Hacker News)
February 19, 2025

Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique …


New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection The Hacker [email protected] (The Hacker News)
February 19, 2025

A new variant of the Snake Keylogger malware is being used to actively target Windows users located in China, Turkey, Indonesia, Taiwan, and Spain. Fortinet FortiGuard Labs said the new version …


The Ultimate MSP Guide to Structuring and Selling vCISO Services The Hacker [email protected] (The Hacker News)
February 19, 2025

The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) to offer virtual Chief Information Security Officer …


Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack The Hacker [email protected] (The Hacker News)
February 19, 2025

Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity …


CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List The Hacker [email protected] (The Hacker News)
February 18, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, …


How Phished Data Turns into Apple & Google Wallets Krebs on SecurityBrianKrebs
February 18, 2025

Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure …