#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Content Delivery Network | Breaking Cybersecurity News | The Hacker News

Category — Content Delivery Network
Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption

Jan 03, 2025 DevOps / Software Development
Microsoft has announced that it's making an "unexpected change" to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. "We expect that most users will not be directly affected, however, it is critical that you validate if you are affected and to watch for downtime or other kinds of breakage," Richard Lander, a program manager on the .NET team, said in a statement last week. The move is the result of the fact that some .NET binaries and installers are hosted on Azure Content Delivery Network (CDN) domains that end in .azureedge[.]net -- dotnetcli.azureedge.net and dotnetbuilds.azureedge.net -- which are hosted on Edgio. Last month, web infrastructure and security company Akamai acquired select assets from Edgio following its bankruptcy. As part of this transition, the Edgio platform is scheduled to end service on January 15, 2025. Given that the .azureedge[.]net domains could ceas...
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

Dec 25, 2024 Server Security / Vulnerability
The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulnerability, tracked as CVE-2024-45387 , is rated 9.9 out of 10.0 on the CVSS scoring system. "An SQL injection vulnerability in Traffic Ops in Apache Traffic Control <= 8.0.1, >= 8.0.0 allows a privileged user with role 'admin,' 'federation,' 'operations,' 'portal,' or 'steering' to execute arbitrary SQL against the database by sending a specially-crafted PUT request," project maintainers said in an advisory. Apache Traffic Control is an open-source implementation of a Content Delivery Network (CDN). It was announced as a top-level project (TLP) by the AS in June 2018. Tencent YunDing Security Lab researcher Yuan Luo has been credited with discoveri...
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Protecting Your Software Supply Chain: Assessing the Risks Before Deployment

Feb 11, 2025Software Security / Threat Intelligence
Imagine you're considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization's environment. Just as you wouldn't buy a car without knowing its safety features, you shouldn't deploy software without understanding the risks it introduces. The Rising Threat of Supply Chain Attacks Cybercriminals have recognized that instead of attacking an organization head-on, they can infiltrate through the software supply chain—like slipping counterfeit parts into an assembly line. According to the 2024 Sonatype State of the Software Supply Chain report , attackers are infiltrating open-source ecosystems at an alarming rate, with over 512,847 malicious packages detected last year alone—a 156% increase from the previous year. Traditional sec...
Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

Jul 05, 2024 Supply Chain Attack / Malware
The supply chain attack targeting the widely-used Polyfill[.]io JavaScript library is broader in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack surface management firm said. "Approximately 237,700, are located within the Hetzner network (AS24940), primarily in Germany," it noted. "This is not surprising – Hetzner is a popular web hosting service, and many website developers leverage it." Further analysis of the affected hosts has revealed domains tied to prominent companies like WarnerBros, Hulu, Mercedes-Benz, and Pearson that reference the malicious endpoint in question. Details of the attack emerged in late June 2024 when Sansec alerted that code hosted on the Polyfill domain had been m...
cyber security

Level Up Your Cyber Skills at SANS 2025

websiteSANS InstituteCyber Security / Training
Master in-demand techniques at our largest training event in 2025. Explore 50+ courses. Train in person to claim your $769 savings!
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure

Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure

Oct 17, 2023 Malware / APT
In what's the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure. Discord, in recent years, has become a lucrative target, acting as a fertile ground for  hosting malware  using its content delivery network (CDN) as well as allowing information stealers to  siphon sensitive data  off the app and  facilitating data exfiltration  by means of webhooks. "The usage of Discord is largely limited to information stealers and grabbers that anyone can buy or download from the Internet," Trellix researchers Ernesto Fernández Provecho and David Pastor Sanz  said  in a Monday report. But that may be changing, for the cybersecurity firm said it found evidence of an artifact targeting Ukrainian critical infrastructures. There is currently no evidence linking it to a known threat...
Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second

Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second

Jun 15, 2022
Cloudflare on Tuesday disclosed that it had acted to prevent a record-setting 26 million request per second (RPS) distributed denial-of-service (DDoS) attack last week, making it the largest HTTPS DDoS attack detected to date. The web performance and security company said the attack was directed against an unnamed customer website using its Free plan and emanated from a "powerful" botnet of 5,067 devices, with each node generating approximately 5,200 RPS at peak. The botnet is said to have created a flood of more than 212 million HTTPS requests within less than 30 seconds from over 1,500 networks in 121 countries, including Indonesia, the U.S., Brazil, Russia, and India. Roughly 3% of the attack came through Tor nodes. The attack "originated mostly from Cloud Service Providers as opposed to Residential Internet Service Providers, indicating the use of hijacked virtual machines and powerful servers to generate the attack — as opposed to much weaker Internet of Things...
Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users

Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users

Jun 13, 2022
A technically sophisticated threat actor known as  SeaFlower  has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims' funds. Said to be first discovered in March 2022, the cluster of activity "hint[s] to a strong relationship with a Chinese-speaking entity yet to be uncovered," based on the macOS usernames, source code comments in the backdoor code, and its abuse of Alibaba's Content Delivery Network (CDN). "As of today, the main current objective of SeaFlower is to modify Web3 wallets with backdoor code that ultimately exfiltrates the seed phrase," Confiant's Taha Karim  said  in a technical deep-dive of the campaign. Targeted apps include Android and iOS versions of Coinbase Wallet, MetaMask, TokenPocket, and imToken. SeaFlower's modus operandi involves setting up cloned websites that act as a conduit to download ...
Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare

Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare

Feb 24, 2017
A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data. CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of the critical bug that could have exposed a range of sensitive information, including passwords, and cookies and tokens used to authenticate users. Dubbed Cloudbleed , the nasty flaw is named after the Heartbleed bug that was discovered in 2014, but believed to be worse than Heartbleed. The vulnerability is so severe that it not only affects websites on the CloudFlare network but affects mobile apps as well. What exactly is "Cloudbleed," how it works, how are you affected by this bug, and how you can protect yourself? Let's figure it out. What is Cloudbleed? Discovered by Google Project Ze...
The Pirate Bay relaunch is FBI's Honeypot? Pirate Bay Team Responds,'NO WAY'

The Pirate Bay relaunch is FBI's Honeypot? Pirate Bay Team Responds,'NO WAY'

Feb 04, 2015
After almost two months of untimely and unexpected outage, The Pirate Bay (TPB) finally came back this weekend. But the re-launch of the infamous torrent-indexing website raised a question among those suspicious about this new setup — Is it really The Pirate Bay? A few days back we reported that The Pirate Bay – a widely popular file-sharing website predominantly used to share copyrighted material free of charge – had made its return to the Internet once again after suffering two months of outage following a police raid in Sweden late last year. Many users, including I, thought the site left dead as last took down was the longest outage the torrenting site has ever experienced. But history repeats and The Pirate Bay made its way a day before it claimed. Pirate lovers around the world rejoiced while others noticed something very suspicious. IS THE FBI RUNNING THE PIRATE BAY ? The truth behind The Pirate Bay , like who was driving the re-emergence of the site or who w...
Expert Insights / Articles Videos
Cybersecurity Resources