Kubernetes Security Flaw Let Attackers Escalate to Admin Privileges
A new privilege escalation vulnerability has been discovered in Kubernetes, which allows threat actors to gain administrative privileges on affected pods. The CVE for this vulnerability has been assigned as CVE-2023-3676, and the severity...
Iranian Mint Sandstorm Attacking Researchers With New Hacking Tools
Hackers frequently target researchers to get illegal access to important research data, intellectual property, and highly sensitive information.
The threat actors can exploit this information for various illicit purposes like economic espionage, competitive advantage, or...
Hackers Infect Windows Users with Weaponized MSIX App Packages
MSIX helps developers package Windows apps for easy installation. While it's user-friendly, it demands access to code signing certificates, making it an attractive target for resourceful threat actors.
Additionally, MSIX packages can be distributed and...
iLeakage – New Attack Let Hackers Steal Emails, Passwords On Apple Safari
Browser-based timerless speculative execution attacks are a security threat that exploits vulnerabilities in web browsers and CPUs.
These attacks do not rely on timing measurements, making them harder to detect.
Their sophistication varies, but they can...
Hackers Using Money-Making Scripts to Deliver Multiple Malware
The FBI warned about attacks on government and non-profit organizations in April, which involved deploying multiple malware strains on victim devices.
Besides this, the attackers aim to achieve the following things:-
Mine resources
Steal data
Establish backdoor access...
U.S. Government Releases Popular Phishing Technique Used by Hackers
Phishing is a cyberattack that uses deception to trick people into giving away sensitive information or taking actions that compromise security.
Phishing is often the first stage of a larger attack that can lead to...
Hackers Use Discord for C&C to Exploit Jupyter Notebooks & SSH
Jupyter Notebooks exposed to the internet are being targeted by a new crypto jacking campaign called Qubit Strike, which Cado Security Labs discovered.
The campaign uses Discord's bot functionality to create a sophisticated command and...
Former Navy IT Manager Sentenced for Selling People’s Sensitive Data on Dark web
Marquis Hooper, a former IT Manager in the Navy, was sentenced to five years in prison for unlawfully accessing and tampering with a computer database that contained highly sensitive and confidential information.
Over 9,000...
Hackers Use Fake Browser Updates to Install Malware on Users’ Computer
Malware distribution on users' computers is achieved through phony browser updates presented on websites that hackers have hijacked.
When a user visits a hacked website, they may see a message purporting to be from the...
D-Link Hacked: Hackers Steal Source Code and Customer Personal Information
D-Link Corporation, a multinational company that provides innovative networking solutions for both consumer and business markets around the world, has been accused of suffering a data breach.
The claim, posted by an unauthorized third party...