The Hacker News

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

[email protected] The Hacker News August 8, 2025

A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as...

GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions

GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions

[email protected] The Hacker News August 8, 2025

A newly discovered campaign dubbed GreedyBear has leveraged over 150 malicious extensions to the Firefox marketplace that...

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

[email protected] The Hacker News August 7, 2025

Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence The threat actors behind the SocGholish malware have been observed...

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

[email protected] The Hacker News August 7, 2025

Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have discovered a set of 11 malicious Go...

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

[email protected] The Hacker News August 7, 2025

Aug 07, 2025Ravie LakshmananVulnerability / Threat Detection Microsoft has released an advisory for a high-severity security flaw...

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits

6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits

[email protected] The Hacker News August 7, 2025

Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance...

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense

[email protected] The Hacker News August 7, 2025

Now that we are well into 2025, cloud attacks are evolving faster than ever and artificial intelligence...

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day

[email protected] The Hacker News August 7, 2025

Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting...

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

[email protected] The Hacker News August 7, 2025

Aug 07, 2025The Hacker NewsDevSecOps / Supply Chain Security Python is everywhere in modern software. From machine...

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

[email protected] The Hacker News August 6, 2025

Aug 06, 2025Ravie LakshmananDevOps / Container Security Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in...