RansomHub Becomes 2024’s Top Ransomware Group, Hitting 600+ Organizations Globally The Hacker [email protected] (The Hacker News)
February 14, 2025

The threat actors behind the RansomHub ransomware-as-a-service (RaaS) scheme have been observed leveraging now-patched security flaws in Microsoft Active Directory and the Netlogon protocol to escalate privileges and gain unauthorized …


PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks The Hacker [email protected] (The Hacker News)
February 13, 2025

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously …


Nearly a Year Later, Mozilla is Still Promoting OneRep Krebs on SecurityBrianKrebs
February 13, 2025

In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it …


Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners The Hacker [email protected] (The Hacker News)
February 13, 2025

A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial …


North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks The Hacker [email protected] (The Hacker News)
February 13, 2025

A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors. The attack campaign, dubbed DEEP#DRIVE by Securonix, …


Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams The Hacker [email protected] (The Hacker News)
February 13, 2025

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides …


Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack The Hacker [email protected] (The Hacker News)
February 13, 2025

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, …


AI and Security – A New Puzzle to Figure Out The Hacker [email protected] (The Hacker News)
February 13, 2025

AI is everywhere now, transforming how businesses operate and how users engage with apps, devices, and services. A lot of applications now have some Artificial Intelligence inside, whether supporting a …


Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software The Hacker [email protected] (The Hacker News)
February 13, 2025

Palo Alto Networks has addressed a high-severity security flaw in its PAN-OS software that could result in an authentication bypass. The vulnerability, tracked as CVE-2025-0108, carries a CVSS score of 7.8 …


FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux The Hacker [email protected] (The Hacker News)
February 13, 2025

Threat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The …