CISA Adds 4 Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25

THN Daily Updates ⚡ LIVE WEBINAR ➟ Building Resilient Identity: Reducing Security Debt in 2025 Attacks Evolve, So Can Your Defenses--Learn How to Mitigate Risk and Optimize Identity Security with Okta Download Now Sponsored LATEST NEWS Feb 5, 2025 Navigating the Future: Key IT Vulnerability Management Trends  As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasi... Read More AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan (RAT) that exploits the async/a... Read More Kubernetes Security Contexts Best Practices A comprehensive guide to configuring security contexts for pods and containers in Kubernetes. Read More CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of... Read More Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The pac... Read More Eliminate Your Attack Surface by Becoming Invisible: Hackers Can't Attack What They Can't See Reduce over 100K attack vectors in large enterprises by closing Windows ports, enforcing ZTNA, and going dark. Read More Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-o... Read More North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process. "Targets are t... Read More ⚡ LIVE WEBINAR ➟ Building Resilient Identity: Reducing Security Debt in 2025 Attacks Evolve, So Can Your Defenses--Learn How to Mitigate Risk and Optimize Identity Security with Okta Download Now Sponsored This email was sent to sikubaycom.s3cr3tz@blogger.com. You are receiving this newsletter because you opted-in to receive relevant communications from THN. To manage your email newsletter preferences, please click here. Contact THN: info@thehackernews.com Unsubscribe THN | 2nd Floor, 219, K.P BLock, Pitampura, Delhi