The Hacker News4h
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully ...
The Hacker News4h
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
Mustang Panda exploits MAVInject.exe to evade ESET detection, using EA files to sideload TONESHELL backdoor for persistent ...
The Hacker News6h
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates
TA2726, per the enterprise security firm, acts as a TDS for TA2727 and another threat actor called TA569, which is ...
The Hacker News7h
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
"An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow ...
The Hacker News10h
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
Winnti’s RevivalStone campaign exploited an ERP SQL flaw to deploy upgraded malware, breaching an MSP and infecting multiple ...
The Hacker News12h
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
Xerox VersaLink MFP vulnerabilities (CVE-2024-12510, CVE-2024-12511) enable credential theft via LDAP and SMB/FTP. Patch now ...
The Hacker News14h
Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers
MageCart hackers are using image tags to hide JavaScript skimmers, stealing credit card data from Magento checkout pages while bypassing security scan ...
The Hacker News14h
âš¡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
It's time for a new security approach. Replace traditional security technology that exposes your attack surface and allows ...