The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific… Read More »Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company’s network in March 2020. Junior Barros De Oliveira,… Read More »Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts
The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured… Read More »Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. “These vulnerabilities… Read More »Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks
The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new… Read More »Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according… Read More »Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence… Read More »CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
Japanese and U.S. authorities have formerly attributed the theft of cryptocurrency worth $308 million from cryptocurrency company DMM Bitcoin in May 2024 to North Korean cyber actors. “The theft is… Read More »North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin
The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain… Read More »Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks
The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is clear: cybercriminals… Read More »⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips