Tech Affare

Author: chouaibcher@gmail.com

  • How Samsung Knox Helps Stop Your Network Security Breach

    How Samsung Knox Helps Stop Your Network Security Breach

    The Hacker NewsAs you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically​Read More

  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

    Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

    The Hacker NewsCybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution.
    The compromised versions of the two packages are listed below –

    @dydxprotocol/v4-client-js (npm) – 3.4.1, 1.22.1, 1.15.2, 1.0.31&​Read More

  • From Ransomware to Residency: Inside the Rise of the Digital Parasite

    From Ransomware to Residency: Inside the Rise of the Digital Parasite

    The Hacker NewsAre ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them?
    According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and mapped 15.5 million adversarial actions observed across 2025, attackers are no longer optimizing for​Read More

  • 83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

    83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

    The Hacker NewsA significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO.
    Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346​Read More

  • Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

    Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

    The Hacker NewsApple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks.
    The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple’s Dynamic Link Editor. Successful exploitation of the vulnerability could allow an​Read More

  • First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

    First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

    The Hacker NewsCybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild.
    In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fake Microsoft login page, stealing over 4,000 credentials in the process. The activity has been​Read More

  • APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

    APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

    The Hacker NewsIndian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines.
    The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which are often​Read More

  • Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

    Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

    The Hacker NewsIt’s Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services.
    Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition.
    Elsewhere​Read More

  • Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

    Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support

    The Hacker NewsGoogle on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks.
    “The​Read More

  • Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

    Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

    The Hacker NewsCybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group.
    The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It’s assessed to be active since May 2025.
    “​Read More