Category: Hacker News

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

September 30, 2025
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events

September 30, 2025
Evolving Enterprise Defense to Secure the Modern AI Supply Chain

Evolving Enterprise Defense to Secure the Modern AI Supply Chain

September 30, 2025
U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust

U.K. Police Just Seized £5.5 Billion in Bitcoin — The World’s Largest Crypto Bust

September 30, 2025
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems

September 30, 2025
EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

September 29, 2025
⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More

September 29, 2025
The State of AI in the SOC 2025 – Insights from Recent Study 

The State of AI in the SOC 2025 – Insights from Recent Study 

September 29, 2025
First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

September 29, 2025
Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

September 29, 2025
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks

September 27, 2025
Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam

September 26, 2025
New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks

September 26, 2025
Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

September 26, 2025
New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module

September 26, 2025
Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure

September 26, 2025
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

September 26, 2025
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

September 25, 2025
Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network

September 25, 2025
Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection

September 25, 2025
North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers

North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers

September 25, 2025
CTEM’s Core: Prioritization and Validation

CTEM’s Core: Prioritization and Validation

September 25, 2025
Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More

Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More

September 25, 2025
Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

September 25, 2025
Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

September 25, 2025
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software

Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software

September 25, 2025
Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

September 24, 2025
UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

September 24, 2025
Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

September 24, 2025
How One Bad Password Ended a 158-Year-Old Business

How One Bad Password Ended a 158-Year-Old Business

September 24, 2025
New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus

New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus

September 24, 2025
iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks

September 24, 2025
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

September 24, 2025
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability

September 24, 2025
Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security

September 23, 2025
Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries

Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries

September 23, 2025
U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN

U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN

September 23, 2025
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw

September 23, 2025
Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation

Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation

September 23, 2025
ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service

September 23, 2025
GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security

September 23, 2025
BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

September 23, 2025
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

September 22, 2025
⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More

September 22, 2025
How to Gain Control of AI Agents and Non-Human Identities

How to Gain Control of AI Agents and Non-Human Identities

September 22, 2025
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

September 22, 2025
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams

DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams

September 21, 2025
LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer

LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer

September 20, 2025
Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell

September 20, 2025
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent

ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent

September 20, 2025