The Hacker News6h
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Three patched Dynamics 365 and Power Apps vulnerabilities exposed sensitive data, highlighting risks of API flaws.
The Hacker News7h
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
The probe has also uncovered two security flaws in Privileged Remote Access (PRA) and Remote Support (RS) products ...
The Hacker News12h
Three Russian-German Nationals Charged with Espionage for Russian Secret Service
German prosecutors charged three Russian-German nationals for espionage and sabotage, targeting German-U.S. military ...
The Hacker News12h
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Malicious npm package 'ethereumvulncontracthandler' delivers Quasar RAT to Windows systems, bypassing sandbox defenses, with ...
The Hacker News12h
Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics
The federal agency said the entities – a subordinate organization of Iran's Islamic Revolutionary Guard Corps and a ...
The Hacker News2d
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow ...
The Hacker News1d
New "DoubleClickjacking" Exploit Bypasses Clickjacking Protections on Major Websites
New "DoubleClickjacking" attack bypasses clickjacking protections by exploiting double-click timing gaps, enabling account takeovers.
The Hacker News3d
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
HHS proposes new HIPAA rules to combat rising cyber threats, including 72-hour data restoration, encryption mandates, and ...
The Hacker News2d
âš¡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Both the companies said they don't detect any malicious activity at this point, and that the attacks singled out a "small ...
The Hacker News3d
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions
Over 2 million users exposed to malicious browser extensions targeting GenAI, VPNs, and productivity tools. Audit now!
The Hacker News6d
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java ...
The Hacker News6d
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
OtterCookie, a new JavaScript malware by North Korean hackers, steals data via Socket.IO and funds nuclear programs.