thehackernews

thehackernews
Threat Intel & Info Sharing

May 21, 2025

Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps

A newly identified phishing campaign is targeting mobile users by injecting malicious JavaScript into websites to redirect them to adult-content Progressive Web Apps (PWAs).

thehackernews
Malware and Vulnerabilities

May 21, 2025

AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation

Security researchers have uncovered critical risks in default IAM roles across AWS services like SageMaker, Glue, and EMR. These roles, often auto-created during setup, are granted AmazonS3FullAccess.

May 20, 2025

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

A threat actor known as UnsolicitedBooker has been observed targeting a Saudi Arabian organization over a span of three years using a newly identified backdoor named MarsSnake.

thehackernews
Laws, Policy, Regulations

July 4, 2017

China Shuts Down Popular VPN Services to Make Great Firewall Stronger

thehackernews
Malware and Vulnerabilities

July 1, 2017

WordPress Plugin Used by 300,000+ Sites Found Vulnerable to SQL Injection Attack