The Hacker News1d
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
CVE-2024-43405 in Nuclei allows signature bypass, enabling arbitrary code execution. Update to version 3.3.7 for critical ...
The Hacker News2d
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations
Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users ...
The Hacker News1d
U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns
U.S. sanctions Integrity Technology Group for aiding Flax Typhoon's state-sponsored hacks, targeting U.S. systems since 2021.
The Hacker News1d
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
PLAYFULGHOST malware mimics Gh0st RAT with advanced spyware features, targeting users via phishing and SEO poisoning ...
The Hacker News1d
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
The CVE-2024-49113 PoC devised by SafeBreach Labs, codenamed LDAPNightmare, is designed to crash any unpatched Windows Server ...
The Hacker News3d
Three Russian-German Nationals Charged with Espionage for Russian Secret Service
German prosecutors charged three Russian-German nationals for espionage and sabotage, targeting German-U.S. military ...
The Hacker News2d
New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%
New Likert-scale-based AI jailbreak technique boosts attack success rates by 60%, highlighting urgent safety challenges.
The Hacker News5d
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow ...
The Hacker News2d
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Malicious npm package 'ethereumvulncontracthandler' delivers Quasar RAT to Windows systems, bypassing sandbox defenses, with ...
The Hacker News2d
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Three patched Dynamics 365 and Power Apps vulnerabilities exposed sensitive data, highlighting risks of API flaws.
The Hacker News5d
âš¡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Both the companies said they don't detect any malicious activity at this point, and that the attacks singled out a "small ...
The Hacker News6d
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
HHS proposes new HIPAA rules to combat rising cyber threats, including 72-hour data restoration, encryption mandates, and ...