Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces

14/01/2025 0 Comments 0 tags

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. “The campaign involved unauthorized administrative logins

Illicit HuiOne Telegram Market Surpasses Hydra, Hits $24 Billion in Crypto Transactions

14/01/2025 0 Comments 0 tags

The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit

4 Reasons Your SaaS Attack Surface Can No Longer be Ignored

14/01/2025 0 Comments 0 tags

What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks

14/01/2025 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

13/01/2025 0 Comments 0 tags

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm

Ransomware on ESXi: The mechanization of virtualized attacks

13/01/2025 0 Comments 0 tags

In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]

13/01/2025 0 Comments 0 tags

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but

Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems

13/01/2025 0 Comments 0 tags

No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per

WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables

13/01/2025 0 Comments 0 tags

Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the

Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation

11/01/2025 0 Comments 0 tags

Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence