Watch Out for Salty2FA: New Phishing Kit Targeting US and EU Enterprises read file error: read notes: is a directory... 2025-9-10 08:0:0 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com salty2fa phishing bypass stage analysis

Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts read file error: read notes: is a directory... 2025-9-10 01:8:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com magento security p14 p7 alpha2

SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws SAP发布安全更新修复多个漏洞, 包括三个关键漏洞可能导致代码执行和文件上传, 建议用户及时应用补丁以保护系统安全。... 2025-9-10 01:3:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com security attacker netweaver p4 4hana

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks read file error: read notes: is a directory... 2025-9-9 14:14:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com phishing axios microsoft attackers

RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities read file error: read notes: is a directory... 2025-9-9 11:53:0 | 阅读: 29 | 收藏 | The Hacker News - thehackernews.com raton overlay trojan security transfers

From MostereRAT to ClickFix: New Malware Campaigns Highlight Rising AI and Phishing Risks read file error: read notes: is a directory... 2025-9-9 10:27:0 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com windows security clickfix epl payload

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs 研究人员发现一种针对暴露Docker API的加密挖矿攻击新变种，利用TOR网络匿名性传播恶意软件。攻击者通过创建容器、下载Base64编码payload并安装工具进行侦察和C2通信。此外，恶意软件尝试通过Telnet和Chromium浏览器远程调试端口传播感染。... 2025-9-9 10:2:0 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com wiz 9222 gilvarg remote phishing

[Webinar] Shadow AI Agents Multiply Fast — Learn How to Detect and Control Them read file error: read notes: is a directory... 2025-9-9 09:29:0 | 阅读: 5 | 收藏 | The Hacker News - thehackernews.com shadow agents identities security rogue

How Leading CISOs are Getting Budget Approval read file error: read notes: is a directory... 2025-9-9 08:30:0 | 阅读: 17 | 收藏 | The Hacker News - thehackernews.com security budget threats investment

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack npm生态因维护者账户遭钓鱼攻击而遭供应链攻击，20个高下载量包受影响。恶意软件通过劫持网络请求和API窃取加密资产，并将目标地址替换为攻击者控制的钱包地址。事件凸显开源项目安全风险及开发者需加强警惕性的重要性。... 2025-9-9 06:13:0 | 阅读: 19 | 收藏 | The Hacker News - thehackernews.com ansi software malicious chalk security

45 Previously Unreported Domains Expose Longstanding Salt Typhoon Cyber Espionage read file error: read notes: is a directory... 2025-9-9 00:27:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com security pointed typhoon salt espionage

GitHub Account Compromise Led to Salesloft Drift Breach Affecting 22 Companies Salesloft数据泄露事件源于GitHub账户被入侵，攻击者获取OAuth令牌并访问客户数据。Salesloft已隔离Drift基础设施、下线应用并加强安全措施。 Salesforce暂停与Salesloft集成后已恢复部分功能。... 2025-9-8 15:26:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com salesloft drift security salesforce

GPUGate Malware Uses Google Ads and Fake GitHub Commits to Target IT Firms 网络犯罪分子利用Google广告传播恶意软件，伪装成GitHub工具下载链接。通过嵌入伪造GitHub提交和GPU加密技术绕过安全检测。目标为西欧IT公司，最终窃取信息并投放更多恶意软件。... 2025-9-8 15:2:0 | 阅读: 35 | 收藏 | The Hacker News - thehackernews.com github software powershell security

⚡ Weekly Recap: Drift Breach Chaos, Zero-Days Active, Patch Warnings, Smarter Threats & More 文章总结了本周网络安全领域的重大事件和趋势,包括Salesloft-Drift供应链攻击、多个高风险CVE漏洞被利用、威胁行为者动态及安全工具更新等,并提供了锁定路由器的安全建议以应对日益复杂的网络威胁。... 2025-9-8 10:2:0 | 阅读: 18 | 收藏 | The Hacker News - thehackernews.com security malicious attackers phishing

You Didn’t Get Phished — You Onboarded the Attacker 文章探讨了招聘欺诈成为新的网络安全威胁：攻击者通过伪造身份、简历和背景调查入职企业，在内部获取敏感权限并实施破坏。远程招聘的普及使这一威胁加剧。文章建议采用零信任原则和最小权限管理来防范此类风险。... 2025-9-8 09:20:0 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com jordan hiring phishing remote security

Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign 文章描述了多起针对能源、政府及企业的网络攻击事件，涉及俄罗斯背景的威胁行为者、恶意软件及勒索活动。这些攻击利用钓鱼邮件、恶意文档及隐蔽技术窃取敏感信息并部署植入程序。同时提到了针对俄罗斯公司的勒索及网络犯罪行为。... 2025-9-6 15:13:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com stealer russia security kazmunaigas stage

Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys 四个恶意软件包伪装成合法工具和Flashbots MEV基础设施上传至npm registry，窃取Ethereum开发者的钱包私钥和助记词，并将其发送至Telegram机器人。这些包最早于2023年9月上传，其中最危险的包通过SMTP隐蔽传输环境变量，并重定向未签名交易至攻击者钱包。代码中含越南语注释，暗示攻击者可能来自越南。... 2025-9-6 06:42:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com flashbots wallets malicious ethers flashbotts

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation 美国网络安全机构CISA警告称，Sitecore软件存在严重安全漏洞CVE-2025-53690（CVSS评分9.0），可能导致远程代码执行。该漏洞源于使用默认机器密钥，已被用于实际攻击。建议受影响机构更新系统并避免暴露于互联网。... 2025-9-5 16:8:0 | 阅读: 14 | 收藏 | The Hacker News - thehackernews.com machine sitecore remote network viewstate

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations TAG-150 开发的 CastleLoader 和 CastleRAT 恶意软件用于分发 DeerStealer、RedLine 等恶意程序，通过钓鱼攻击和伪造 GitHub 仓库传播。... 2025-9-5 14:7:0 | 阅读: 3 | 收藏 | The Hacker News - thehackernews.com castlerat stealer loader python windows

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild SAP S/4HANA ERP软件存在严重漏洞（CVE-2025-42957），CVSS评分为9.9。该漏洞允许低权限用户通过RFC接口注入ABAP代码，绕过授权检查，导致系统完全被攻陷。攻击者可修改数据库、创建超级用户账户、窃取密码哈希及操控业务流程。此漏洞已遭活跃利用，建议企业尽快应用补丁，并加强日志监控和安全措施以防范风险。... 2025-9-5 10:59:0 | 阅读: 36 | 收藏 | The Hacker News - thehackernews.com privileges database 4hana injection security