Breaking (Cyber) News

Keep abreast of breaking cyber security news and evolution in the cyber threat landscape

RSS The Hacker News
  • Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware
    New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed to the Chinese nation-state group APT41. On
  • Wing Disrupts the Market by Introducing Affordable SaaS Security
    Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be launched for $1,500 a year. If the name Wing Security […]
  • Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack
    A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what's an instance of a typosquatting campaign. It was downloaded 704
RSS CSO Online
  • Okta launches Cybersecurity Workforce Development Initiative
    Identity and access management company Okta has announced the launch of a new initiative focused on finding and developing cybersecurity talent and providing equitable access to careers. Through philanthropic and educational grants, Okta aims to support global organizations providing career opportunities for jobseekers from underrepresented communities and unemployed professionals looking to transition into cybersecurity. Okta's […]
  • New critical AI vulnerabilities in TorchServe put thousands of AI models at risk
    A trio of critical security issues were identified in TorchServe, an open source package for serving and scaling PyTorch models in production, that could lead to an attacker executing arbitrary codes on the affected systems. Combinedly called ShellTorch, as coined by Oligo Security researchers who discovered them, the vulnerabilities can grant an attacker the privilege […]
  • ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code
    Generative AI - specifically ChatGPT - should not be considered a reliable resource for detecting vulnerabilities in developed code without crucial expert human oversight. However, machine learning (ML) models show strong promise in assisting the detection of novel zero-day attacks. That's according to a new report from NCC Group which explores various AI cybersecurity use […]
RSS Naked Security
RSS GBHackers – Latest Cyber Security News | Hacker News
  • Hackers Steal User’s Database From European Telecommunications Standards Institute
    The European Telecommunications Standards Institute (ETSI) has uncovered a data breach in which threat actors obtained a database holding a list of portal users. The incident was disclosed last week by ETSI. It is still unclear if the attack was carried out for financial gain or if the hackers wanted to utilize the user list […]
  • Zip Slip Vulnerability Let Attacker Import Malicious Code and Execute Arbitrary Code
    A critical Zip Slip vulnerability was discovered in the open-source data cleaning and transformation tool ‘OpenRefine’, which allowed attackers to import malicious code and execute arbitrary code. OpenRefine is a strong Java-based, free, open-source tool for handling messy data. This includes cleaning it, converting it into a different format, and expanding it with web services and external data. According to SonarCloud, […]
  • LightSpy APT Attacking WeChat Users to Steal Payment Data
    LightSpy malware, responsible for a watering hole attack conducted against iOS users in Hong Kong, has been discovered to be embedded with Android implant Core and its 14 related plugins from 20 active servers for attacking mobile users. LightSpy is a Mobile Advanced Persistent Threat (mAPT) that uses new and sophisticated techniques to attack mobile […]

Join Our Newsletter

ADDRESS

Two Twins Oaks,
227 North Loop 1604,
E Suite 150, San Antonio,
Texas 78232.

Privacy Policy

© 2023 DIGISSLLC All Rights Reserved.