Tech Affare

Author: chouaibcher@gmail.com

  • Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

    Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

    The Hacker NewsThe maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead.
    “The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org,” developer Don Ho said. “The compromise occurred at the hosting​Read More

  • Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

    Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

    The Hacker NewsFortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild.
    The vulnerability, assigned the CVE identifier CVE-2026-24858 (CVSS score: 9.4), has been described as an authentication bypass related to FortiOS single sign-on (SSO). The flaw also affects FortiManager and FortiAnalyzer. The company said it’s​Read More

  • Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

    Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

    The Hacker NewsMicrosoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale.
    The tech giant’s Defender Security Research Team said it observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix since​Read More

  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

    ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

    The Hacker NewsThis week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.
    Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is becoming less​Read More

  • The Buyer’s Guide to AI Usage Control

    The Buyer’s Guide to AI Usage Control

    The Hacker NewsToday’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening​Read More

  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

    Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

    The Hacker NewsThe elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of January 2026.
    “The threat actor stopped maintaining its C2 servers on January 8 for the first time since we​Read More

  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

    Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

    The Hacker NewsA new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands.
    The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that​Read More

  • Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

    Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

    The Hacker NewsCybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker’s infrastructure.
    Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX​Read More

  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

    Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

    The Hacker NewsA previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.
    In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155​Read More

  • How Samsung Knox Helps Stop Your Network Security Breach

    How Samsung Knox Helps Stop Your Network Security Breach

    The Hacker NewsAs you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically​Read More