The Hacker News1d
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
EncryptHub, also tracked under the monikers LARVA-208 and Water Gamayun, was spotlighted in mid-2024 as part of a campaign ...
The Hacker News1d
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data
Researchers found Disgrasya downloaded 37,217 times, targeting WooCommerce with carding scripts that steal payment data.
The Hacker News1d
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
North Korean actors used 11 npm packages downloaded 5,600+ times to spread BeaverTail malware, expanding attacks to Bitbucket ...
The Hacker News2d
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
Late last month, SEQRITE Labs revealed that academic, governmental, aerospace, and defense-related networks in Russia are ...
The Hacker News2d
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Apache Parquet is a free and open-source columnar data file format that's designed for efficient data processing and ...
The Hacker News2d
Have We Reached a Distroless Tipping Point?
Chainguard OS cuts container vulnerabilities by 94% by continuously updating upstream packages, enhancing security and ...
The Hacker News2d
OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers
Novice hacker Coquettte exposed through OPSEC failure using Proton66 to distribute malware and illicit content via fake ...
The Hacker News1d
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti patches CVE-2025-22457 exploited by UNC5221 in March 2025, risking remote code execution and credential theft.
The Hacker News1d
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices
Triada malware infected 2,600+ Android devices via counterfeit phones in March 2025, enabling remote access and crypto theft.
The Hacker News2d
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Leaked SpotBugs PAT in November 2024 led to a GitHub supply chain attack, compromising Coinbase in March 2025.
The Hacker News2d
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
Details of the campaign were first flagged by security firm Source Defense towards the end of February 2025, detailing the ...
The Hacker News5d
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
Water Gamayun has been linked to the active exploitation of CVE-2025-26633 (aka MSC EvilTwin), a vulnerability in the ...