Search results for Latest on scanner project | Breaking Cybersecurity News | The Hacker News

Vulnerabilities are common these days and when we talk about mobile security, this year has been somewhat of a trouble for Android users. Almost every week we come across a new hack affecting Android devices. One of the serious vulnerabilities is the  Stagefright Security Bug , where all it needed to install malicious code on the Android devices was a simple text message. Although Google patched these security holes in its latest Android update, manufacturers can take a long time to release their own updates, and it's even possible that older devices may not get the updates at all. So, even after the release of patches for these critical vulnerabilities, it is difficult to say which Android devices are at risk of what bugs. There is a one-click solution to this problem. One Android app can help educate you and help you know whether your devices is at risk. One-Click Solution to Check Your Device for All Critical Bugs Android Vulnerability Test Suite ( VT...

The security landscape now moves at a pace no patch cycle can match. Attackers aren't waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow's breach. This week's recap explores the trends driving that constant churn: how threat actors reuse proven tactics in unexpected ways, how emerging technologies widen the attack surface, and what defenders can learn before the next pivot. Read on to see not just what happened, but what it means—so you can stay ahead instead of scrambling to catch up. ⚡ Threat of the Week Google Patches Actively Exploited Chrome 0-Day — Google released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day vulnerability, CVE-2025-10585, has been described as a type confusion issue in the V8 JavaScript ...

Microsoft's own antivirus software made Windows 7, 8.1, RT and 10 computers, as well as Windows Server 2016 more vulnerable. Microsoft has just released an out-of-band security update to patch the crazy bad bug discovered by a pair of Google Project Zero researchers over the weekend. Security researchers Tavis Ormandy announced on Twitter during the weekend that he and another Project Zero researcher Natalie Silvanovich discovered "the worst Windows remote code [execution vulnerability] in recent memory." Natalie Silvanovich also published a  proof-of-concept (PoC) exploit code that fits in a single tweet. The reported RCE vulnerability , according to the duo, could work against default installations with "wormable" ability – capability to replicate itself on an infected computer and then spread to other PCs automatically. According to an advisory released by Microsoft, the remotely exploitable security flaw (CVE-2017-0290) exists in Microsoft ...

In cybersecurity, precision matters—and there's little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we're seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gap between compliance and real security. For anyone responsible for protecting systems, the key isn't just reacting to alerts—it's recognizing the larger patterns and hidden weak spots they reveal. Here's a breakdown of what's unfolding across the cybersecurity world this week. ⚡ Threat of the Week NCA Arrests for Alleged Scattered Spider Members — The U.K. National Crime Agency (NCA) announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West...

Our favourite exploitation framework – The Metasploit Framework has been updated! We now have Metasploit Framework version 3.5.2! "The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task." This is the detailed release log: Statistics: * Metasploit now ships with 644 exploit modules and 330 auxiliary modules. * 39 new modules and payloads have been added since the last point release. * 58 tickets were resolved and 331 commits were made since the last point release. New Modules: New Exploits and Auxiliaries: * Apache Tomcat Transfer-Encoding Information Disclosure and DoS * Microsoft IIS FTP Server Encoded Response Overflow Trigger * Apache HTTPD mod_negotiation Filename Bruter * Apache HTTPD mod_negotiatio...

If you use Linux on your company's desktop or server computers, you're likely familiar with the security advantages the open-source operating system offers over Windows and Mac. What many people don't realize, however, is that Linux can also rescue a computer crippled by malware. Malware is a frequent issue in the Windows world, and it can be devastating. When a Windows virus strikes, it can become difficult or even impossible to continue using the affected machine. Moreover, prolonged use can further the infection. Here's how Linux can help you recover from such a situation without ever installing it permanently on your PC. Step 1: Get a LiveCD or Live USB LiveCDs and USBs are great because they let you boot a machine directly from the CD or USB stick without accessing the computer's boot records. They allow you to test Linux and can be used when Windows fails. The fastest way to get a LiveCD or USB is to download the .iso file of the Linux distribution you wan...

The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals are always changing how they attack, and we need to keep up. Hackers are using everyday tools in harmful ways, hiding spyware in trusted apps, and finding new ways to take advantage of old security gaps. These events aren't random—they show just how clever and flexible cyber threats can be. In this edition, we'll look at the most important cyber events from the past week and share key takeaways to help you stay safe and prepared. Let's get started. ⚡ Threat of the Week LockBit Developer Rostislav Panev Charged in the U.S. — Rostislav Panev, a 51-year-old dual Russian and Israeli national, has been charged in the U.S. for allegedly acting as the developer of the now-disrupted LockBit ransomware-as-a-service (RaaS) operation, netting about $230,000 between June 2022 and February 2024. Panev was ...

What do a source code editor, a smart billboard, and a web server have in common? They've all become launchpads for attacks—because cybercriminals are rethinking what counts as "infrastructure." Instead of chasing high-value targets directly, threat actors are now quietly taking over the overlooked: outdated software, unpatched IoT devices, and open-source packages. It's not just clever—it's reshaping how intrusion, persistence, and evasion happen at scale. ⚡ Threat of the Week 5Socks Proxy Using IoT, EoL Systems Dismantled in Law Enforcement Operation — A joint law enforcement operation undertaken by Dutch and U.S. authorities dismantled a criminal proxy network, known as anyproxy[.]net and 5socks[.]net, that was powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious actors. The illicit platform, active since 2004, advertised more than 7,000 online proxies daily, with infected ...

Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers. "The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishes it, enabling automatic trojanization of downstream packages," supply chain security company Socket said . The end goal of the campaign is to search developer machines for secrets using TruffleHog's credential scanner and transmit them to an external server under the attacker's control. The attack is capable of targeting both Windows and Linux systems. The following packages have been identified as impacted by the incident - angulartics2@14.1.2 @ctrl/deluge@7.2.2 @ctrl/golang-template@1.4.3 @ctrl/magnet-link@4.0.4 @ctrl/ngx-codemirror@7.0.2 @ctrl/ngx-csv@6.0.2 @ctrl/ngx-emoji-mart@...

What is the OWASP Top 10, and – just as important – what is it not? In this review, we look at how you can make this critical risk report work for you and your organisation. What is OWASP? OWASP  is the Open Web Application Security Project, an international non-profit organization dedicated to improving web application security.  It operates on the core principle that all of its materials are freely available and easily accessible online, so that anyone anywhere can improve their own web app security. It offers a number of tools, videos, and forums to help you do this – but their best-known project is the OWASP Top 10. The top 10 risks The  OWASP Top 10  outlines the most critical risks to web application security. Put together by a team of security experts from all over the world, the list is designed to raise awareness of the current security landscape and offer developers and security professionals invaluable insights into the latest and most widespread sec...

Until today, there existed such Fingerprint Biometric Readers that required your touch to authenticate yourself as an authorized person. However, the latest research shows that the future of fingerprint scanners lies in a " no-touch " activity by an individual for gaining access. Recently, NIST ( National Institute of Standards and Technology ) has funded a number of startup and companies to develop touchless Fingerprint readers. The Contactless Biometric Technology requires the person's presence, but from meters away. As the fingerprint scanners can sense and read your fingerprint information while you are standing few meters away from the scanner. Contactless Fingerprint Scanners: Fast and Time Saving The touch-free technology is such where authentication is done with a faster speed, saving time while giving importance to hygiene when compared to conventional biometric devices. Imagine a situation, where there's a long queue and to pass through biometric fingerprint...

In October 2013, Microsoft adopted a silent, offensive method to tackle infection due to a Tor-based botnet malware called ' Sefnit '. In an effort to takedown of the Sefnit botnet to protect windows users, Microsoft r emotely removes the older versions of installed Tor Browser software and infection from 2 Million systems, even without the knowledge of the system's owner. Last year in August, after Snowden revelations about the National Security Agency's ( NSA ) Spying programs, the Internet users were under fear of being spied. During the same time Tor Project leaders noticed almost 600% increase in the number of users over the anonymizing networks of Tor i.e. More than 600,000 users join Tor within few weeks. In September, researchers identified the major reason of increased Tor users i.e. A Tor-based botnet called ' Sefnit malware ', which was infecting millions of computers for click fraud and bitcoin mining. To achieve the maximum number...

A nascent Linux-based botnet named Enemybot has expanded its capabilities to include recently disclosed security vulnerabilities in its arsenal to target web servers, Android devices, and content management systems (CMS). "The malware is rapidly adopting one-day vulnerabilities as part of its exploitation capabilities," AT&T Alien Labs  said  in a technical write-up published last week. "Services such as VMware Workspace ONE, Adobe ColdFusion, WordPress, PHP Scriptcase and more are being targeted as well as IoT and Android devices." First disclosed by  Securonix  in March and later by  Fortinet , Enemybot has been linked to a threat actor tracked as Keksec (aka Kek Security, Necro, and FreakOut), with early attacks targeting routers from Seowon Intech, D-Link, and iRZ. Enemybot, which is capable of carrying out  DDoS attacks , draws its origins from several other botnets like Mirai, Qbot, Zbot, Gafgyt, and LolFMe. An analysis of the latest variant...

A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC). According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by threat actors dubbed YoroTrooper, SturgeonPhisher, and Silent Lynx. Victims of the group's campaigns span Uzbekistan, Kyrgyzstan, Myanmar, Tajikistan, Pakistan, and Turkmenistan, a majority of which are government organizations, and to a lesser extent, entities in the energy, manufacturing, retail, and transportation sectors. "The operation is run by a bilingual crew – Russian-speaking developers tied to legacy YoroTrooper code and Chinese-speaking operators spearheading intrusions, resulting in a nimble, multi-regional threat profile," researchers Nikita Rostovcev and Sergei Turner ...

With the last month of 2021 dominated by the log4J vulnerabilities discovery, publication, and patches popping up in rapid succession, odds are you have patched your system against Log4J exploitation attempts. At least some systems, if not all. You might even have installed the latest patch – at the time of writing, that is 2.17.1, but, if the last rapid patching cycle persists, it might have changed by the time this is published. In the meantime, defenders might have been working overtime to plug Log4J born security gaps, but so did cyber-attackers. Log4J's well-deserved fame also alerted cyber-attackers to a potential entry pathway into their target. And, while log4J will hopefully vanish from the headlines,  cyber-attackers are likely to continue trying to exploit it  in the hope of finding unpatched or incompletely patched targets. As human error still accounts  for 95% of all security breaches , cyber-attackers actively rely on these human errors to exploit them a...