RSS The Hacker News
  • Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure March 17, 2025
    A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions - Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to […]
  • Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year March 17, 2025
    An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on […]
  • Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions March 17, 2025
    Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users' actions. That's according to new findings from Cisco Talos, which said such malicious activities can compromise a victim's security and privacy. "The features available in CSS allow attackers […]
  • ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More March 17, 2025
    From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week’s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source
  • SANS Institute Warns of Novel Cloud-Native Ransomware Attacks March 17, 2025
    The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider’s storage security controls and default settings. “In just the past […]
RSS GBHackers Security | #1 Globally Trusted Cyber Security News Platform
  • Hackers Rapidly Adopt ClickFix Technique for Sophisticated Attacks March 17, 2025
    In recent months, a sophisticated social engineering technique known as ClickFix has gained significant traction among cybercriminals and nation-state-sponsored groups. This method exploits human psychology by presenting users with fake prompts that appear to resolve a non-existent issue, effectively bypassing traditional security measures. The ClickFix technique involves deceiving users into executing malicious PowerShell commands by […]
  • Supply Chain Attack Targets 23,000 GitHub Repositories March 17, 2025
    A critical security incident has been uncovered involving the popular GitHub Action tj-actions/changed-files, which is used in over 23,000 repositories. The attack involves a malicious modification of the Action’s code, leading to the exposure of CI/CD secrets in GitHub Actions build logs. This vulnerability was detected by StepSecurity’s Harden-Runner, a tool designed to secure CI/CD […]
  • Beware! Malware Hidden in Free Word-to-PDF Converters March 17, 2025
    The FBI has issued a warning about a growing threat involving free file conversion tools, which are being used to spread malware. This scam, described as “rampant” by the FBI’s Denver Field Office, targets users who seek online tools to convert files between different formats, such as converting Word documents to PDFs or videos to […]
  • MassJacker Clipper Malware Targets Users Installing Pirated Software March 17, 2025
    A recent investigation has uncovered previously unknown cryptojacking malware, dubbed MassJacker, which primarily targets users who download pirated software from sites like pesktop.com. This malware operates by replacing cryptocurrency wallet addresses copied by users with those belonging to the attackers, aiming to redirect funds to the threat actors’ wallets. The discovery highlights the risks associated […]
  • SocGholish Exploits Compromised Websites to Deliver RansomHub Ransomware March 17, 2025
    SocGholish, a sophisticated malware-as-a-service (MaaS) framework, has been identified as a key enabler in the distribution of RansomHub ransomware. This malicious framework exploits compromised websites by injecting them with obfuscated JavaScript loaders, which redirect users to fake browser update notifications. These notifications trick users into downloading and executing malicious files, thereby initiating the infection process. […]

Raven Cybersecurity IKE
EUID: ELGEMI.169319027000

Instagram Linkedin-in

Address

Contact

Explore

Resources

Copyright © 2024 Raven Cybersecurity

Privacy Policy
Terms of Service