Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for…
PoC Exploit Released for Critical OpenSSH Vulnerability (CVE-2024-6387)
An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept (PoC) exploit targeting the critical vulnerability identified as CVE-2024-6387. This vulnerability, discovered by researchers at Qualys, allows remote unauthenticated attackers to execute arbitrary code on…
Privacy of Photos.app’s Enhanced Visual Search
Initial speculation about a new Apple feature. This article has been indexed from Schneier on Security Read the original article: Privacy of Photos.app’s Enhanced Visual Search
Is Your Car Spying on You? What It Means That Tesla Shared Data in the Las Vegas Explosion
Many cars know where you’ve been and where you are going, and also often have access to your contacts, call logs, texts and other sensitive information thanks to cell phone syncing. The post Is Your Car Spying on You? What…
Cybercriminals Target Ethereum Developers with Fake Hardhat npm Packages
Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat tool in order to steal sensitive data from developer systems. “By exploiting trust in open source plugins, attackers have infiltrated…
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. “Disguised as a fake ‘Telegram Premium’ app, it is…
From $22M in Ransom to +100M Stolen Records: 2025’s All-Star SaaS Threat Actors to Watch
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). SaaS…
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for…
Chinese Hackers Double Cyber-Attacks on Taiwan
Taiwan’s security service said government networks faced 2.4 million attacks in 2024, most of which are attributed to Chinese state actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Double Cyber-Attacks on Taiwan
US Sanctions Chinese Tech Company Over Infrastructure Hacks
US Treasury sanctions Beijing-based Integrity Tech over alleged links to state-backed hacking group ‘Flax Typhoon’ This article has been indexed from Silicon UK Read the original article: US Sanctions Chinese Tech Company Over Infrastructure Hacks
China’s BYD Regains Top EV Spot Amidst Tesla Decline
China EV giant BYD surpasses Tesla on worldwide EV deliveries in fourth quarter of 2024 as Tesla shows first full-year decline This article has been indexed from Silicon UK Read the original article: China’s BYD Regains Top EV Spot Amidst…
Microsoft To Spend $80bn On AI Infrastructure This Year
Microsoft planning to spend $80bn on data centres for AI and other cloud applications this fiscal year, as AI race heats up This article has been indexed from Silicon UK Read the original article: Microsoft To Spend $80bn On AI…
TikTok ‘Aware’ Livestream Feature Exploited Minors
Less-redacted Utah lawsuit says TikTok internal reviews found Live feature effectively incentivised abuse of minors for profit This article has been indexed from Silicon UK Read the original article: TikTok ‘Aware’ Livestream Feature Exploited Minors
Nick Clegg To Leave Meta, Hand Over Post To Republican
Former UK deputy prime minister Nick Clegg to leave global affairs post at Meta ahead of Donald Trump’s return to presidency This article has been indexed from Silicon UK Read the original article: Nick Clegg To Leave Meta, Hand Over…
US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure
The US Treasury has sanctioned Chinese company Integrity Technology for supporting state-sponsored group Flax Typhoon in hacking US critical infrastructure. The post US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure appeared first on SecurityWeek. This article…
DigiCert Open Sources Domain Control Validation Software
DigiCert has made available a Domain Control Validation (DCV) library under an open-source software license as part of a larger effort to enable certificate authorities (CAs) to reduce total costs. The post DigiCert Open Sources Domain Control Validation Software appeared…
New Infostealer Campaign Uses Discord Videogame Lure
Threat actors are tricking victims into downloading malware with the promise of testing a new videogame This article has been indexed from www.infosecurity-magazine.com Read the original article: New Infostealer Campaign Uses Discord Videogame Lure
IT Security News Hourly Summary 2025-01-06 12h : 11 posts
11 posts were published in the last hour 11:4 : Stimmen die Voraussetzungen, kann Schadcode auf Asus-Router gelangen 11:4 : Ransomware: Cyberangriff trifft Fraunhofer-Institut in Stuttgart 11:4 : [NEU] [hoch] ffmpeg: Mehrere Schwachstellen ermöglichen Denial of Service 11:3 : 6…
Stimmen die Voraussetzungen, kann Schadcode auf Asus-Router gelangen
Angreifer können Router von Asus ins Visier nehmen und attackieren. Dagegen sind abgesicherte Firmwares erschienen. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Stimmen die Voraussetzungen, kann Schadcode auf Asus-Router gelangen
Ransomware: Cyberangriff trifft Fraunhofer-Institut in Stuttgart
Hacker haben das Fraunhofer-Institut für Arbeitswirtschaft und Organisation attackiert. Ein Datenabfluss kann nicht ausgeschlossen werden. (Ransomware, Datenschutz) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Ransomware: Cyberangriff trifft Fraunhofer-Institut in Stuttgart
[NEU] [hoch] ffmpeg: Mehrere Schwachstellen ermöglichen Denial of Service
Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in ffmpeg ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [NEU] [hoch] ffmpeg:…
6 Reasons Why You Should Integrate AI in Your Business in 2025
AI is now essential for businesses, driving efficiency, innovation, and growth. Leverage its power for better decisions, customer… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: 6 Reasons Why…
Malicious EditThisCookie Extension Attacking Chrome Users to Steal Data
The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers. However, after significant scrutiny, the legitimate version has been…
China-linked Salt Typhoon APT compromised more US telecoms than previously known
China-linked Salt Typhoon group that breached multiple US telecoms compromised more firms than previously known, WSJ says. The China-linked cyberespionage group Salt Typhoon targeted more US telecoms than previously known, as The Wall Street Journal reported. According to WSJ, wich…