US federal agency breached by hackers using GeoServer exploit, CISA says

In mid-July 2024, a threat actor managed to break into a US Federal Civilian Executive Branch (FCEB) agency by exploiting a ...

Google: Brickstorm malware used to steal U.S. orgs' data for over a year

Suspected Chinese hackers have used the Brickstorm malware in long-term persistence espionage operations against U.S.
SecurityWeek

Salesforce AI Hack Enabled CRM Data Theft

Prompt injection has been leveraged alongside an expired domain to steal Salesforce data in an attack named ForcedLeak.

NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...

Security News This Week: A Dangerous Worm Is Eating Its Way Through Software Packages

Plus: An investigation reveals how US tech companies reportedly helped build China’s sweeping surveillance state, and two ...
The Hacker News

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

Explore emerging attack methods, evolving AI-driven threats, supply chain risks, and strategies to strengthen defenses and ...
PC Magazine

Do You Drive an EV or Hybrid Electric Car? Rate It Right Now

If you regularly operate an electric vehicle (EV), a plug-in hybrid EV, or even a standard hybrid, we want to know about it—and how you charge it. NO PURCHASE NECESSARY TO ENTER OR WIN. A PURCHASE ...
CyberGuy

North Korean hackers use AI to forge military IDs

Hackers from North Korea and China are exploiting AI to forge IDs, infiltrate companies, and supercharge espionage campaigns.