Category: Hacker News

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

October 15, 2025
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

October 15, 2025
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

October 15, 2025
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

October 14, 2025
RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

October 14, 2025
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

October 14, 2025
What AI Reveals About Web Applications— and Why It Matters

What AI Reveals About Web Applications— and Why It Matters

October 14, 2025
Moving Beyond Awareness: How Threat Hunting Builds Readiness

Moving Beyond Awareness: How Threat Hunting Builds Readiness

October 14, 2025
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

October 14, 2025
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

October 14, 2025
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

October 13, 2025
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

October 13, 2025
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

October 13, 2025
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

October 13, 2025
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

October 13, 2025
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

October 13, 2025
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

October 12, 2025
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

October 11, 2025
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

October 11, 2025
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

October 10, 2025
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries

Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries

October 10, 2025
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

October 10, 2025
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

October 10, 2025
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

October 10, 2025
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

October 10, 2025
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

October 10, 2025
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware

From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware

October 9, 2025
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

October 9, 2025
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

October 9, 2025
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

October 9, 2025
SaaS Breaches Start with Tokens – What Security Teams Must Watch

SaaS Breaches Start with Tokens – What Security Teams Must Watch

October 9, 2025
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine

From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine

October 9, 2025
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

October 9, 2025
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

October 8, 2025
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

October 8, 2025
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

October 8, 2025
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

October 8, 2025
Step Into the Password Graveyard… If You Dare (and Join the Live Session)

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

October 8, 2025
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

October 8, 2025
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

October 7, 2025
Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them

Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them

October 7, 2025
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

October 7, 2025
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

October 7, 2025
13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

October 7, 2025
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

October 7, 2025
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

October 7, 2025
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

October 6, 2025
5 Critical Questions For Adopting an AI Security Solution

5 Critical Questions For Adopting an AI Security Solution

October 6, 2025
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

October 6, 2025
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

October 6, 2025