News

The Hacker News2h
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
This involves deploying a malware strain that connects to a nascent Web3 service called Teneo, a decentralized physical ...
The Hacker News5h
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
GCP’s ConfusedComposer flaw let attackers escalate privileges via PyPI packages; patched by Google on April 13.
The Hacker News8h
5 Major Concerns With Employees Using The Browser
Security teams must integrate browser security into their enterprise security stack to gain real-time visibility, detect ...
The Hacker News8h
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Phishers abused Google Sites and DKIM replay to send valid-signed emails, bypassing filters and stealing credentials.
The Hacker News12h
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Microsoft secures MSA and Entra ID with Azure Confidential VMs + HSM, preventing token forgery and reducing breach risks.
The Hacker News15h
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Lotus Panda breached 6 Southeast Asian organizations using custom tools, browser stealers, and sideloaded malware.
The Hacker News15h
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
SuperCard X malware exploits NFC relay and social engineering to steal card data in Italy, enabling ATM fraud.