Three Russian-German Nationals Charged with Espionage for Russian Secret Service

02/01/2025 0 Comments 0 tags

German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused of working

Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT

02/01/2025 0 Comments 0 tags

Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites

01/01/2025 0 Comments 0 tags

Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has

Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics

01/01/2025 0 Comments 0 tags

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024

New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

31/12/2024 0 Comments 0 tags

The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation

31/12/2024 0 Comments 0 tags

Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents

31/12/2024 0 Comments 0 tags

The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents.  “On December 8, 2024,

When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions

30/12/2024 0 Comments 0 tags

News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions,

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips

30/12/2024 0 Comments 0 tags

Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it’s

New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits

30/12/2024 0 Comments 0 tags

The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients’ data