Security
Headlines
HeadlinesLatestCVEs

Tag

#amazon

Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over

The Hacker News
Open in Source
#vulnerability#web#mac#windows#amazon#linux#git#backdoor#samba#aws#auth#ssh#chrome#The Hacker News
Google Cloud to Enforce MFA on Accounts in 2025

Google Cloud will take a phased approach to make multifactor authentication mandatory for all users.

Ubuntu Security Notice USN-7088-3

Ubuntu Security Notice 7088-3 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Google Cloud to Enforce Multi-Factor Authentication by 2025 for All Users

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025," Mayank Upadhyay, vice president of engineering and distinguished engineer at

Canadian Authorities Arrest Attacker Who Stole Snowflake Data

The suspect, tracked as UNC5537, allegedly bragged about hacking several Snowflake victims on Telegram, drawing attention to himself.

Name That Edge Toon: Aerialist's Choice

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

NAKIVO Backup for MSP: Best Backup Solution for MSPs

Explore the features of the NAKIVO MSP backup solution. Choose the best MSP backup software to protect client…

Chinese APTs Cash In on Years of Edge Device Attacks

The sophisticated Chinese cyberattacks of today rest on important groundwork laid during the pandemic and before.

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even extract cloud credentials from the source code. The activity, codenamed EMERALDWHALE, is estimated to have collected over 10,000 private repositories and stored in an Amazon S3 storage bucket belonging to a prior victim. The bucket,

'Midnight Blizzard' Targets Networks With Signed RDP Files

The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation.