Tech Affare

Category: news

  • Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

    Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

    The Hacker NewsCybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker’s infrastructure.
    Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX​Read More

  • Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

    Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

    The Hacker NewsMicrosoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options.
    The development comes more than two years after the tech giant revealed its plans to deprecate the legacy technology, citing its susceptibility to weaknesses that could facilitate relay attacks and allow bad​Read More

  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

    Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

    The Hacker NewsA previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.
    In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155​Read More

  • Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

    Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata

    The Hacker NewsCybersecurity researchers have disclosed details of a now-patched security flaw impacting Ask Gordon, an artificial intelligence (AI) assistant built into Docker Desktop and the Docker Command-Line Interface (CLI), that could be exploited to execute code and exfiltrate sensitive data.
    The critical vulnerability has been codenamed DockerDash by cybersecurity company Noma Labs. It was addressed by​Read More

  • How Samsung Knox Helps Stop Your Network Security Breach

    How Samsung Knox Helps Stop Your Network Security Breach

    The Hacker NewsAs you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically​Read More

  • [Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

    [Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

    The Hacker NewsMost security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress.
    Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools are truly pulling their weight. The result? Bloated stacks, missed signals, and mounting pressure to do more with less.
    This​Read More

  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

    Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

    The Hacker NewsCybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution.
    The compromised versions of the two packages are listed below –

    @dydxprotocol/v4-client-js (npm) – 3.4.1, 1.22.1, 1.15.2, 1.0.31&​Read More

  • Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

    Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

    The Hacker NewsThreat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular “@react-native-community/cli” npm package.
    Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on December 21, 2025. With a CVSS score of 9.8, the vulnerability allows remote unauthenticated attackers to execute arbitrary​Read More

  • When Cloud Outages Ripple Across the Internet

    When Cloud Outages Ripple Across the Internet

    The Hacker NewsRecent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects have halted applications and workflows that many organizations rely on every day.
    For consumers, these outages are​Read More

  • APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

    APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

    The Hacker NewsThe Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit.
    Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania, three​Read More