Search the Portal

Recent Articles

APR3
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. "These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection," Microsoft said in a report shared with The

The Hacker News by info@thehackernews.com (The Hacker News)
APR3
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances 

Ivanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek.

Security Week by Ryan Naraine
APR3
Halo ITSM Vulnerability Exposed Organizations to Remote Hacking

An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek.

Security Week by Eduard Kovacs
APR3
Hunters International Ransomware Gang Rebranding, Shifting Focus

The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion. The post Hunters International Ransomware Gang Rebranding, Shifting Focus appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR3
Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by

The Hacker News by info@thehackernews.com (The Hacker News)
APR3
Cybersecurity M&A Roundup: 23 Deals Announced in March 2025

Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced in March 2025. The post Cybersecurity M&A Roundup: 23 Deals Announced in March 2025 appeared first on SecurityWeek.

Security Week by Eduard Kovacs
APR3
AI Threats Are Evolving Fast — Learn Practical Defense Tactics in this Expert Webinar

The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it's also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here's the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. But you’re not alone—and

The Hacker News by info@thehackernews.com (The Hacker News)
APR3
39 Million Secrets Leaked on GitHub in 2024

GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR3
AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock

AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security

The Hacker News by info@thehackernews.com (The Hacker News)
APR3
Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy

Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Two CVEs, One Critical Flaw: Inside the CrushFTP Vulnerability Controversy appeared first on SecurityWeek.

Security Week by Eduard Kovacs
APR3
Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks

Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email. The post Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR3
Google Released Second Fix for Quick Share Flaws After Patch Bypass

Google’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed. The post Google Released Second Fix for Quick Share Flaws After Patch Bypass appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR3
Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google's Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target's device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by

The Hacker News by info@thehackernews.com (The Hacker News)
APR3
Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices

Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. "More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia," Kaspersky said in a report. The infections were recorded between March 13 and 27, 2025. Triada is the

The Hacker News by info@thehackernews.com (The Hacker News)
APR2
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. "This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect," Jscrambler researchers Pedro

The Hacker News by info@thehackernews.com (The Hacker News)