Category: Hacker News

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution

December 25, 2025
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

December 25, 2025
New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

New MacSync macOS Stealer Uses Signed App to Bypass Apple Gatekeeper

December 24, 2025
Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

Nomani Investment Scam Surges 62% Using AI Deepfake Ads on Social Media

December 24, 2025
Attacks are Evolving: 3 Ways to Protect Your Business in 2026

Attacks are Evolving: 3 Ways to Protect Your Business in 2026

December 24, 2025
SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips

SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips

December 24, 2025
Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

December 24, 2025
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

December 23, 2025
Passwd: A walkthrough of the Google Workspace Password Manager

Passwd: A walkthrough of the Google Workspace Password Manager

December 23, 2025
INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty

INTERPOL Arrests 574 in Africa; Ukrainian Ransomware Affiliate Pleads Guilty

December 23, 2025
U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme

U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme

December 23, 2025
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

December 23, 2025
FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks

FCC Bans Foreign-Made Drones and Key Parts Over U.S. National Security Risks

December 23, 2025
Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

December 22, 2025
How to Browse the Web More Sustainably With a Green Browser

How to Browse the Web More Sustainably With a Green Browser

December 22, 2025
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More

⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More

December 22, 2025
Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

Android Malware Operations Merge Droppers, SMS Theft, and RAT Capabilities at Scale

December 22, 2025
Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

Iranian Infy APT Resurfaces with New Malware Activity After Years of Silence

December 21, 2025
U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware

U.S. DOJ Charges 54 in ATM Jackpotting Scheme Using Ploutus Malware

December 20, 2025
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

December 19, 2025
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

December 19, 2025
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

December 19, 2025
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

December 19, 2025
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

December 19, 2025
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

December 18, 2025
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

December 18, 2025
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

December 18, 2025
The Case for Dynamic AI-SaaS Security as Copilots Scale

The Case for Dynamic AI-SaaS Security as Copilots Scale

December 18, 2025
North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft

North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft

December 18, 2025
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

December 18, 2025
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

December 18, 2025
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

December 18, 2025
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

December 17, 2025
Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks

Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks

December 17, 2025
APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

December 17, 2025
New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

December 17, 2025
China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

December 17, 2025
Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time

Fix SOC Blind Spots: See Threats to Your Industry & Country in Real Time

December 17, 2025
GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

December 17, 2025
Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

December 16, 2025
Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

December 16, 2025
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

December 16, 2025
Why Data Security and Privacy Need to Start in Code

Why Data Security and Privacy Need to Start in Code

December 16, 2025
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

December 16, 2025
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

December 16, 2025
Google to Shut Down Dark Web Monitoring Tool in February 2026

Google to Shut Down Dark Web Monitoring Tool in February 2026

December 16, 2025
Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats

Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats

December 15, 2025
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

December 15, 2025
⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More

December 15, 2025
A Browser Extension Risk Guide After the ShadyPanda Campaign

A Browser Extension Risk Guide After the ShadyPanda Campaign

December 15, 2025