The Hacker News
- Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware 24 Απριλίου, 2025At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea's software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in
- Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools 24 Απριλίου, 2025Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said […]
- Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign 24 Απριλίου, 2025The Evolving Healthcare Cybersecurity Landscape Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector
- 159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure 24 Απριλίου, 2025As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. "We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure," VulnCheck said in a report shared […]
- Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals 24 Απριλίου, 2025The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a fresh report shared with The Hacker News.
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
- Verizon DBIR Report: Small Businesses Identified as Key Targets in Ransomware Attacks 24 Απριλίου, 2025Verizon Business’s 2025 Data Breach Investigations Report (DBIR), released on April 24, 2025, paints a stark picture of the cybersecurity landscape, drawing from an analysis of over 22,000 security incidents, including 12,195 confirmed data breaches. The report identifies credential abuse (22%) and exploitation of vulnerabilities (20%) as the predominant initial attack vectors, with a 34% […]
- Lazarus APT Targets Organizations by Exploiting One-Day Vulnerabilities 24 Απριλίου, 2025A recent cyber espionage campaign by the notorious Lazarus Advanced Persistent Threat (APT) group, tracked as “Operation SyncHole,” has compromised at least six South Korean organizations across software, IT, financial, semiconductor, and telecommunications sectors since November 2024. According to detailed research, the attackers employed a combination of watering hole attacks and exploited vulnerabilities in widely […]
- ToyMaker Hackers Compromise Numerous Hosts via SSH and File Transfer Tools 24 Απριλίου, 2025In a alarming cybersecurity breach uncovered by Cisco Talos in 2023, a critical infrastructure enterprise fell victim to a meticulously orchestrated attack involving multiple threat actors. The initial access broker, identified as “ToyMaker” with medium confidence as a financially motivated entity, exploited vulnerabilities in internet-facing servers to infiltrate the network. A Sophisticated Multi-Actor Attack on […]
- Threat Actors Exploiting Unsecured Kubernetes Clusters for Crypto Mining 24 Απριλίου, 2025In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic and complex nature of containerized environments poses significant challenges for security teams in detecting runtime anomalies or identifying the source of breaches. Rising Threats in Containerized Environments According to Microsoft’s […]
- New Steganography Campaign Exploits MS Office Vulnerability to Distribute AsyncRAT 24 Απριλίου, 2025A recently uncovered cyberattack campaign has brought steganography back into the spotlight, showcasing the creative and insidious methods attackers employ to deliver malware. This operation, dubbed the “Stego-Campaign,” exploits a known Microsoft Office vulnerability, CVE-2017-0199, to initiate infections and ultimately deploy the notorious AsyncRAT malware. Innovative Attack Leverages Hidden Payloads in Images The vulnerability, first […]
