CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks The Hacker [email protected] (The Hacker News)
January 13, 2025

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited …


Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners The Hacker [email protected] (The Hacker News)
January 13, 2025

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz …


⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] The Hacker [email protected] (The Hacker News)
January 13, 2025

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but …


Ransomware on ESXi: The mechanization of virtualized attacks The Hacker [email protected] (The Hacker News)
January 13, 2025

In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet …


WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables The Hacker [email protected] (The Hacker News)
January 12, 2025

Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the …


Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems The Hacker [email protected] (The Hacker News)
January 12, 2025

No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per …


Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation The Hacker [email protected] (The Hacker News)
January 11, 2025

Microsoft has revealed that it's pursuing legal action against a "foreign-based threat–actor group" for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence …


DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering The Hacker [email protected] (The Hacker News)
January 10, 2025

The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich …


Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs The Hacker [email protected] (The Hacker News)
January 10, 2025

Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen …


AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics The Hacker [email protected] (The Hacker News)
January 10, 2025

Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to …