Category: Hacker News

SaaS Breaches Start with Tokens – What Security Teams Must Watch

SaaS Breaches Start with Tokens – What Security Teams Must Watch

October 9, 2025
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine

From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine

October 9, 2025
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

October 9, 2025
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

October 8, 2025
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

October 8, 2025
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

October 8, 2025
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

October 8, 2025
Step Into the Password Graveyard… If You Dare (and Join the Live Session)

Step Into the Password Graveyard… If You Dare (and Join the Live Session)

October 8, 2025
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

October 8, 2025
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

October 7, 2025
Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them

Google’s New AI Doesn’t Just Find Vulnerabilities — It Rewrites Code to Patch Them

October 7, 2025
New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

New Research: AI Is Already the #1 Data Exfiltration Channel in the Enterprise

October 7, 2025
XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

XWorm 6.0 Returns with 35+ Plugins and Enhanced Data Theft Capabilities

October 7, 2025
13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

13-Year Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely

October 7, 2025
Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

Microsoft Links Storm-1175 to GoAnywhere Exploit Deploying Medusa Ransomware

October 7, 2025
Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

Oracle EBS Under Fire as Cl0p Exploits CVE-2025-61882 in Real-World Attacks

October 7, 2025
New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

New Report Links Research Firms BIETA and CIII to China’s MSS Cyber Operations

October 6, 2025
5 Critical Questions For Adopting an AI Security Solution

5 Critical Questions For Adopting an AI Security Solution

October 6, 2025
Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

Chinese Cybercrime Group Runs Global SEO Fraud Ring Using Compromised IIS Servers

October 6, 2025
⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

⚡ Weekly Recap: Oracle 0-Day, BitLocker Bypass, VMScape, WhatsApp Worm & More

October 6, 2025
Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

October 6, 2025
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

October 6, 2025
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

October 4, 2025
Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

October 4, 2025
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

October 3, 2025
Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

October 3, 2025
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

October 3, 2025
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

October 3, 2025
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

October 3, 2025
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

October 3, 2025
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

October 2, 2025
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

October 2, 2025
Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

October 2, 2025
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

October 2, 2025
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

October 2, 2025
How to Close Threat Detection Gaps: Your SOC’s Action Plan

How to Close Threat Detection Gaps: Your SOC’s Action Plan

October 2, 2025
Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

October 2, 2025
New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

October 1, 2025
OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

October 1, 2025
How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

October 1, 2025
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

October 1, 2025
2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

October 1, 2025
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

October 1, 2025
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

October 1, 2025
Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

October 1, 2025
$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

September 30, 2025
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

September 30, 2025
Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

September 30, 2025
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

September 30, 2025
Stop Alert Chaos: Context Is the Key to Effective Incident Response

Stop Alert Chaos: Context Is the Key to Effective Incident Response

September 30, 2025