News

The Hacker News1h
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
This involves deploying a malware strain that connects to a nascent Web3 service called Teneo, a decentralized physical ...
The Hacker News4h
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
GCP’s ConfusedComposer flaw let attackers escalate privileges via PyPI packages; patched by Google on April 13.
The Hacker News7h
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Phishers abused Google Sites and DKIM replay to send valid-signed emails, bypassing filters and stealing credentials.
The Hacker News7h
5 Major Concerns With Employees Using The Browser
Security teams must integrate browser security into their enterprise security stack to gain real-time visibility, detect ...
The Hacker News13h
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Lotus Panda breached 6 Southeast Asian organizations using custom tools, browser stealers, and sideloaded malware.
The Hacker News10h
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft secures MSA and Entra ID with Azure Confidential VMs + HSM, preventing token forgery and reducing breach risks.
The Hacker News14h
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
SuperCard X malware exploits NFC relay and social engineering to steal card data in Italy, enabling ATM fraud.