Search the Portal

Recent Articles

APR5
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws

A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a "conflicted" individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming

The Hacker News by info@thehackernews.com (The Hacker News)
APR5
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages

The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. "These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation

The Hacker News by info@thehackernews.com (The Hacker News)
APR5
Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information and test stolen credit card data. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered

The Hacker News by info@thehackernews.com (The Hacker News)
APR4
Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI)...

Krebs on Security by BrianKrebs
APR4
Call Records of Millions Exposed by Verizon App Vulnerability

A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek.

Security Week by Eduard Kovacs
APR4
In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired

Noteworthy stories that might have slipped under the radar: Apple adding TCC events to Endpoint Security, cybersecurity funding report for Q1 2025, Trump fires the head of NSA and Cyber Command. The post In Other News: Apple Improving Malware Detection, Cybersecurity Funding, Cyber Command Chief Fired appeared first on SecurityWeek.

Security Week by SecurityWeek News
APR4
State Bar of Texas Says Personal Information Stolen in Ransomware Attack

The State Bar of Texas is notifying thousands of individuals that their personal information was stolen in a February ransomware attack. The post State Bar of Texas Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR4
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the "tj-actions/changed-files" GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. "The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for

The Hacker News by info@thehackernews.com (The Hacker News)
APR4
US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations

US and allied countries warn of threat actors using the “fast flux” technique to change DNS records and hide malicious servers’ locations. The post US, Allies Warn of Threat Actors Using ‘Fast Flux’ to Hide Server Locations appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR4
Have We Reached a Distroless Tipping Point?

There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how it’s being used. A new technology development emerges and captures the world's attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation's potential. These use cases generate significant value, fueling demand for the next iteration of

The Hacker News by info@thehackernews.com (The Hacker News)
APR4
Oracle Confirms Cloud Hack

Oracle has confirmed suffering a data breach but the tech giant is apparently trying to downplay the impact of the incident. The post Oracle Confirms Cloud Hack appeared first on SecurityWeek.

Security Week by Eduard Kovacs
APR4
Critical Apache Parquet Vulnerability Leads to Remote Code Execution

A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR4
Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack

Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack. The post Compromised SpotBugs Token Led to GitHub Actions Supply Chain Hack appeared first on SecurityWeek.

Security Week by Ionut Arghire
APR4
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware

Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems. "A stack-based buffer overflow in Ivanti Connect

The Hacker News by info@thehackernews.com (The Hacker News)
APR4
OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers

A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect[.]com hosted on Proton66 that masqueraded as an antivirus service. The threat intelligence firm said it

The Hacker News by info@thehackernews.com (The Hacker News)