#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

Apr 15, 2023 Zero-Day / Browser Security
Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as  CVE-2023-2033 , the high-severity vulnerability has been described as a  type confusion issue  in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the issue on April 11, 2023. "Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page,"  according  to the NIST's National Vulnerability Database (NVD). The tech giant  acknowledged  that "an exploit for CVE-2023-2033 exists in the wild," but stopped short of sharing additional technical specifics or indicators of compromise (IoCs) to prevent further exploitation by threat actors. CVE-2023-2033 also appears to share similarities with  CVE...
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

Apr 14, 2023 United States
The Russia-linked  APT29  (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as  Nobelium , which is known for its high-profile  attack on SolarWinds  in 2020. Nobelium's operations have been attributed to Russia's Foreign Intelligence Service ( SVR ), an organization that's tasked with protecting "individuals, society, and the state from foreign threats." That said, the campaign represents an evolution of the Kremlin-backed hacking group's tactics, indicating  persistent attempts  at improving its cyber weaponry to infiltrate victim systems for intelligence gathering. "New tools were used at the same time and independently of eac...
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

Apr 14, 2023 Data Breach / Cyber Security
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors  attempted to sell  the data dump  comprising 400,635 Kodi users  on the now-defunct  BreachForums  cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February," Kodi  said  in an advisory. The threat actors then abused the account to create database backups that were then downloaded and deleted. Also downloaded were existing nightly full backups of the database. The account in question has now been disabled. The nightly backups contained all public forum posts, team forum posts, messages sent through the user-to-user messaging system, and user information such as fo...
cyber security

Master SaaS AI Risk: Your Complete Governance Playbook

websiteReco AIArtificial Intelligence / SaaS Security
95% use AI, but is it secure? Master SaaS AI governance with standards-aligned frameworks.
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them

Designing Identity for Trust at Scale—With Privacy, AI, and Seamless Logins in Mind

Jul 24, 2025
Is Managing Customer Logins and Data Giving You Headaches? You're Not Alone! Today, we all expect super-fast, secure, and personalized online experiences. But let's be honest, we're also more careful about how our data is used. If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything from how we log in to spotting online fraud, and it's a whole new ball game! If you're dealing with logins, data privacy, bringing new users on board, or building digital trust, this webinar is for you . Join us for " Navigating Customer Identity in the AI Era ," where we'll dive into the Auth0 2025 Customer Identity Trends Report . We'll show you what's working, what's not, and how to tweak your strategy for the year ahead. In just one session, you'll get practical answers to real-world challenges like: How AI is changing what users expect – and where they're starting to push ba...
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

Apr 14, 2023 Mobile Security / Cyber Threat
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has  added  two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963  (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492  (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability "Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed," CISA  said  in an advisory for CVE-2023-20963. Google, in its monthly Android Security Bulletin for March 2023,  acknowledged  "there are indications that CVE-2023-20963 may be under limited, targeted exploitation." The development comes as tech news site Ars Technica  disclosed  late last month that Android apps digitally signed by China's e-commer...
Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

Apr 14, 2023 Virtual CISO / Cybersecurity
In today's fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers' cyber resilience.  The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs and MSSPs to provide strategic cybersecurity services such as virtual CISO (vCISO) services, leading to recurring revenues and high margins while differentiating service provider from their competitors.  There is a consensus among MSPs and MSSPs that starting a vCISO practice poses a great business opportunity, but how can you successfully pull it off?  Cynomi has leveraged its network of top-notch vCISO service providers and invited three of them to a panel discussion, where they shared tips on how to start and scale a vCISO practice, and most importantly –  how to keep it profitable.  This panel d...
Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

Apr 13, 2023 Vulnerability Management
Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement. "Those risks span everything from lag time in OEM adoption, patch testing pain points, end user update issues and more." Security threats also stem from incomplete patches applied by vendors, with a chunk of the zero-days exploited in the wild turning out to be variants of previously patched vulnerabilities. Mitigating such risks requires addressing the root cause of the vulnerabilities and prioritizing modern secure software development practices to eliminate entire classes of threats and block potential attack avenues. Taking these factors into consideration, Google said it's forming a Hacking...
RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

Apr 13, 2023 Ransomware / Cyber Attack
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict rules," cybersecurity firm Trellix said in a report shared with The Hacker News. "The business-like set up of the group, where affiliates are required to remain active or notify the gang of their leave, shows the organizational maturity of the group, as has also been observed in other groups, such as  Conti ." RTM , first documented by ESET in February 2017,  started off  in 2015 as a banking malware targeting businesses in Russia via drive-by downloads, spam, and phishing emails. Attack chains mounted by the group have since  evolved  to deploy a ransomwa...
WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Apr 13, 2023 Mobile Security / Privacy
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages," the Meta-owned company said in an announcement. Called  Device Verification , the security measure is designed to help prevent account takeover (ATO) attacks by blocking the threat actor's connection and allowing targets of the malware infection to use the app without any interruption. In other words, the goal is to deter attackers' use of malware to steal WhatsApp authentication keys and hijack victim accounts, and subsequently impersonate them to distribute spam and phishing links to other contacts. This, in turn, is achieved by introducing a security-token th...
New Python-Based "Legion" Hacking Tool Emerges on Telegram

New Python-Based "Legion" Hacking Tool Emerges on Telegram

Apr 13, 2023 Cyber Threat / Hacking Tool
An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. Legion, according to  Cado Labs , includes modules to enumerate vulnerable SMTP servers, conduct remote code execution (RCE) attacks, exploit unpatched versions of Apache, and brute-force cPanel and WebHost Manager (WHM) accounts. The malware is said to bear similarities to another malware family called AndroxGh0st that was first documented by cloud security services provider Lacework in December 2022. Cybersecurity firm SentinelOne, in an analysis published late last month, revealed that AndroxGh0st is part of a comprehensive toolset called AlienFox that's offered to threat actors to steal API keys and secrets from cloud services. "Legion appears to be part of an emerging generation of cloud-focused credential harvester/spam utilities," security researcher Matt Muir...
Expert Insights Articles Videos
Cybersecurity Resources
//]]>