Category: Hacker News

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

Zimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files

October 6, 2025
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks

October 6, 2025
CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

CometJacking: One Click Can Turn Perplexity’s Comet AI Browser Into a Data Thief

October 4, 2025
Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

October 4, 2025
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

October 3, 2025
Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

October 3, 2025
Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

October 3, 2025
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

October 3, 2025
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT

October 3, 2025
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

October 3, 2025
Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

Confucius Hackers Hit Pakistan With New WooperStealer and Anondoor Malware

October 2, 2025
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown

October 2, 2025
Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

October 2, 2025
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More

October 2, 2025
Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

Google Mandiant Probes New Oracle Extortion Wave Possibly Linked to Cl0p Ransomware

October 2, 2025
How to Close Threat Detection Gaps: Your SOC’s Action Plan

How to Close Threat Detection Gaps: Your SOC’s Action Plan

October 2, 2025
Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

October 2, 2025
New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer

October 1, 2025
OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

OneLogin Bug Let Attackers Use API Keys to Steal OIDC Secrets and Impersonate Apps

October 1, 2025
Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

Red Hat OpenShift AI Flaw Exposes Hybrid Cloud Infrastructure to Full Takeover

October 1, 2025
How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

How Leading Security Teams Blend AI + Human Workflows (Free Webinar)

October 1, 2025
2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

2025 Cybersecurity Reality Check: Breaches Hidden, Attack Surfaces Growing, and AI Misperceptions Rising

October 1, 2025
Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

Hackers Exploit Milesight Routers to Send Phishing SMS to European Users

October 1, 2025
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones

October 1, 2025
Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs

October 1, 2025
$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

September 30, 2025
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware

September 30, 2025
Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

September 30, 2025
Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

September 30, 2025
Stop Alert Chaos: Context Is the Key to Effective Incident Response

Stop Alert Chaos: Context Is the Key to Effective Incident Response

September 30, 2025
Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

September 30, 2025
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

September 30, 2025
Evolving Enterprise Defense to Secure the Modern AI Supply Chain

Evolving Enterprise Defense to Secure the Modern AI Supply Chain

September 30, 2025
U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust

U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust

September 30, 2025
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

September 30, 2025
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

September 29, 2025
⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

September 29, 2025
The State of AI in the SOC 2025 – Insights from Recent Study 

The State of AI in the SOC 2025 – Insights from Recent Study 

September 29, 2025
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

September 29, 2025
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

September 29, 2025
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

September 27, 2025
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

September 26, 2025
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

September 26, 2025
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

September 26, 2025
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

September 26, 2025
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

September 26, 2025
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

September 26, 2025
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

September 25, 2025
Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

September 25, 2025
Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

September 25, 2025