Category: Hacker News

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

October 16, 2025
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

October 16, 2025
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts

October 16, 2025
Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform

Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform

October 16, 2025
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks

Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks

October 16, 2025
Beware the Hidden Costs of Pen Testing

Beware the Hidden Costs of Pen Testing

October 16, 2025
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More

October 16, 2025
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

October 16, 2025
Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months

Chinese Threat Group ‘Jewelbug’ Quietly Infiltrated Russian IT Network for Months

October 15, 2025
F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

F5 Breach Exposes BIG-IP Source Code — Nation-State Hackers Behind Massive Intrusion

October 15, 2025
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks

October 15, 2025
How Attackers Bypass Synced Passkeys

How Attackers Bypass Synced Passkeys

October 15, 2025
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

October 15, 2025
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

October 15, 2025
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

October 15, 2025
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

October 15, 2025
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

October 14, 2025
What AI Reveals About Web Applications— and Why It Matters

What AI Reveals About Web Applications— and Why It Matters

October 14, 2025
RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

RMPocalypse: Single 8-Byte Write Shatters AMD’s SEV-SNP Confidential Computing

October 14, 2025
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

October 14, 2025
Moving Beyond Awareness: How Threat Hunting Builds Readiness

Moving Beyond Awareness: How Threat Hunting Builds Readiness

October 14, 2025
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels

October 14, 2025
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain

October 14, 2025
⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

⚡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More

October 13, 2025
Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk

October 13, 2025
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors

October 13, 2025
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

October 13, 2025
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns

October 13, 2025
New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs

October 13, 2025
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login

October 12, 2025
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

October 11, 2025
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

October 11, 2025
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

October 10, 2025
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries

Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries

October 10, 2025
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

October 10, 2025
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign

October 10, 2025
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?

October 10, 2025
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability

October 10, 2025
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw

October 10, 2025
From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware

From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware

October 9, 2025
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps

October 9, 2025
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

October 9, 2025
Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

October 9, 2025
SaaS Breaches Start with Tokens – What Security Teams Must Watch

SaaS Breaches Start with Tokens – What Security Teams Must Watch

October 9, 2025
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine

From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine

October 9, 2025
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

October 9, 2025
Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

October 8, 2025
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

October 8, 2025
LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

October 8, 2025
Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

Severe Figma MCP Vulnerability Lets Hackers Execute Code Remotely — Patch Now

October 8, 2025