The Hacker New – Page 233

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

20/12/2024 0 Comments 0 tags

The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging

Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

20/12/2024 0 Comments 0 tags

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

20/12/2024 0 Comments 0 tags

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions.

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

20/12/2024 0 Comments 0 tags

A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

20/12/2024 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

19/12/2024 0 Comments 0 tags

Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

19/12/2024 0 Comments 0 tags

Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

19/12/2024 0 Comments 0 tags

Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability, tracked as CVE-2023-34990, carries

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

19/12/2024 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

19/12/2024 0 Comments 0 tags

The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data