Ravie Lakshmanan's profile photo

Ravie Lakshmanan

Karnātaka

Data Journalist at The Hacker News

Featured in: Favicon thehackernews.com Favicon logically.ai Favicon thenextweb.com Favicon financial-planning.com Favicon exbulletin.com Favicon roxxcloud.com Favicon qrius.com Favicon techtribune.net Favicon nouvelles-du-monde.com Favicon notiulti.com

Articles

  • Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI

    2 days ago | thehackernews.com | Ravie Lakshmanan

    Cisco has released security patches to address a critical security flaw impacting the Identity Services Engine (ISE) that, if successfully exploited, could allow unauthenticated actors to carry out malicious actions on susceptible systems. The security defect, tracked as CVE-2025-20286, carries a CVSS score of 9.9 out of 10.0. It has been described as a static credential vulnerability.

  • Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

    3 days ago | thehackernews.com | Ravie Lakshmanan

    Google has disclosed details of a financially motivated threat cluster that it said "specialises" in voice phishing (aka vishing) campaigns designed to breach organizations' Salesforce instances for large-scale data theft and subsequent extortion. The tech giant's threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with threat groups with ties to an online cybercrime collective known as The Com.

  • Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads

    3 days ago | thehackernews.com | Ravie Lakshmanan

    Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments.

  • Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

    3 days ago | thehackernews.com | Ravie Lakshmanan

    Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems. The findings come from multiple reports published by Checkmarx, ReversingLabs, Safety, and Socket in recent weeks.

  • Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack

    4 days ago | thehackernews.com | Ravie Lakshmanan

    Threat hunters are alerting to a new campaign that employs deceptive websites to trick unsuspecting users into executing malicious PowerShell scripts on their machines and infect them with the NetSupport RAT malware. The DomainTools Investigations (DTI) team said it identified "malicious multi-stage downloader Powershell scripts" hosted on lure websites that masquerade as Gitcode and DocuSign.

Contact details

Emails

[email protected]

Socials & Sites

Try JournoFinder For Free

Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.

Start Your 7-Day Free Trial →