FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdayThe Hacker News

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

By: Newsroom
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way for arbitrary code execution. It was addressed by the company as part of

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros

By: Newsroom
Red Hat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity. It impacts XZ Utils

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

By: THN
Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbedΒ DeadglyphΒ employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESETΒ saidΒ in aΒ new reportΒ shared with The Hacker News. "This combination

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

By: Ravie Lakshmanan
An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to deploy an updated version of a Windows backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handleΒ Educated Manticore, which exhibits "strong overlaps" with a hacking crew known as APT35, Charming Kitten,

Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers

By: Ravie Lakshmanan
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbedΒ Operation Soft CellΒ based on tooling overlaps. "The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy
❌