资讯

The Hacker News20 小时
APT29 Deploys GRAPELOADER Malware Targeting European Diplomats Through Wine-Tasting Lures
The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that's targeting ...
The Hacker News1 天
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to ...
The Hacker News2 天
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
XorDDoS is a well-known malware that has a track record of striking Linux systems for over a decade. In May 2022, Microsoft ...
The Hacker News2 天
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
In case of a .NET executable, the encrypted embedded payload – an Agent Tesla variant suspected to be Snake Keylogger or ...
The Hacker News1 天
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram ...
The Hacker News1 天
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall ...
The Hacker News1 天
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Smishing kits by Wang Duo Yu enabled toll fraud in 8 U.S. states since Oct 2024, stealing user data via fake E-ZPass pages.
The Hacker News3 天
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps ...
The Hacker News1 天
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
The flaw is assessed to be a variant of CVE-2024-43451 (CVSS score: 6.5), which was patched by Microsoft in November 2024 and ...
The Hacker News5 天
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the first and ...
The Hacker News3 天
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Malicious crypto installers using Node.js since Oct 2024 evade Microsoft Defender via PowerShell and DLLs, enabling stealthy ...
The Hacker News3 天
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws ...