1. Home
  2. Discover
  3. Technology
  4. The Hacker News

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox

The Hacker News Daily Updates
Newsletter
cover

Trending Evil 3 - Findings from Mandiant Managed Defense

Based on Mandiant Managed Defense Data from April - June 2022

Download Now Sponsored
LATEST NEWS Oct 11, 2022

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox

A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine. "A threat actor can bypass the sandbox protections to gain remote code execution rights on the host ...

Read More
Twitter Facebook LinkedIn

The Latest Funding News and What it Means for Cyber Security in 2023

The White House has recently announced a $1 billion cyber security grant program that is designed to help state and local governments improve their cyber defenses, especially about protecting critical infrastructure. The recent executive order stems from the $1.2 trillion infrastructure bill that ...

Read More
Twitter Facebook LinkedIn

Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals

Cyber criminals are using a previously undocumented phishing-as-a-service (PhaaS) toolkit called Caffeine to effectively scale up their attacks and distribute nefarious payloads. "This platform has an intuitive interface and comes at a relatively low cost while providing a multitude of features ...

Read More
Twitter Facebook LinkedIn

Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. Tracked as CVE-2022-40684 (CVSS score: 9.6), the flaw relates to an authentication bypass in FortiOS, FortiProxy, and ...

Read More
Twitter Facebook LinkedIn

Researchers Detail Malicious Tools Used by Cyber Espionage Group Earth Aughisky

A new piece of research has detailed the increasingly sophisticated nature of the malware toolset employed by an advanced persistent threat (APT) group named Earth Aughisky. "Over the last decade, the group has continued to make adjustments in the tools and malware deployments on specific targets ...

Read More
Twitter Facebook LinkedIn
cover

Trending Evil 3 - Findings from Mandiant Managed Defense

Based on Mandiant Managed Defense Data from April - June 2022

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

remote code execution rights Mandiant Managed Defense Data Critical Auth Bypass Bug The Latest Funding News A threat actor The White House recent executive order Netaji Subash Place critical security vulnerability cyber espionage group Critical RCE Flaw email newsletter preferences

Older messages

Hackers Steal $100 Million Cryptocurrency from Binance Bridge

Monday, October 10, 2022

The Hacker News Daily Updates Newsletter cover How to Build a Security Operations Center (On a Budget) Whether you're protecting a bank or the local grocery store, certain common sense security

Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite

Saturday, October 8, 2022

The Hacker News Daily Updates Newsletter cover How to Build a Security Operations Center (On a Budget) Whether you're protecting a bank or the local grocery store, certain common sense security

WATCH OUT! A Chromium Browsers Feature Could Let Hackers Launch Stealth Phishing Attacks

Friday, October 7, 2022

The Hacker News Daily Updates Newsletter cover The state of cross-chain crime Crypto-crime and money laundering in a cross-chain world Download Now Sponsored LATEST NEWS Oct 7, 2022 Facebook Detects

19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam

Thursday, October 6, 2022

The Hacker News Daily Updates Newsletter cover Software Vulnerability Snapshot Report An Analysis by Synopsys Application Security Testing Services Download Now Sponsored LATEST NEWS Oct 6, 2022 19-

Metaverse in the Enterprise: What You Need To Know

Wednesday, October 5, 2022

The Hacker News eBook Update Newsletter 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business ($18.00 Value) FREE for a Limited Time Download For Free Harden your business against

You Might Also Like

Yikes! Copilot failed all our coding tests

Monday, April 29, 2024

iPad Pro with M4; Best security keys; AI conducts job interviews now -- ZDNET ZDNET Tech Today - US April 29, 2024 placeholder Yikes! Microsoft Copilot failed every single one of my coding tests I ran

Re: The smart home product I use every day!

Monday, April 29, 2024

Hey , Earlier this month, I emailed you about one of my favorite smart home products, a robot vacuum and mop. I wanted to let you know that Samsung currently has a Spring Black Friday Sale and is

The EU draws its regulatory cords tighter around Apple

Monday, April 29, 2024

The EU has said Apple's iPadOS will now fall under the DMA View this email online in your browser By Alex Wilhelm Monday, April 29, 2024 Welcome to TechCrunch AM! We're off to a quick start

GCP Newsletter #396

Monday, April 29, 2024

Welcome to issue #396 April 29th, 2024 News Networking Official Blog Partners Introducing the Verified Peering Provider program, a simple alternative to Direct Peering - Google has launched a new

How many Vision Pro headsets has Apple sold?

Monday, April 29, 2024

The Morning After It's Monday, April 29, 2024. Apple Vision Pro headset production is reportedly being cut, sales are reportedly “way down.” But but but wait: Wasn't the Vision Pro meant to

Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks

Monday, April 29, 2024

THN Daily Updates Newsletter cover Webinar -- Uncovering Contemporary DDoS Attack Tactics -- and How to Fight Back Stop DDoS Attacks Before They Stop Your Business... and Make You Headline News.

Import AI 370: 213 AI safety challenges; everything becomes a game; Tesla's big cluster

Monday, April 29, 2024

Are AI systems more like religious artifacts or disposable entertainment? ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

Apple renews OpenAI talks 🧠, Google fires Python team 👨‍💻, React 19 beta ⚛️

Monday, April 29, 2024

Apple has renewed discussions with OpenAI to use its generative AI technology to power new features coming to the iPhone Sign Up |Advertise|View Online TLDR Together With QA Wolf TLDR 2024-04-29 😘 Kiss

Architecture Weekly #177 - 29nd April 2024

Monday, April 29, 2024

How do you make predictions about tech without the magical crystal ball? We did that today by example. We analysed what Redis and Terraform license changes relate to the new Typescript framework Effect

Software Testing Weekly - Issue 217

Monday, April 29, 2024

How do you deal with conflicts in QA? ⚔️ View on the Web Archives ISSUE 217 April 29th 2024 COMMENT Welcome to the 217th issue! How do you deal with conflicts in QA? Ideally, you'd like to know how