News

The Hacker News6h

New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

The starting point of the attack is a compressed archive that's delivered to victims via malvertising or search engine ...
The Hacker News10h

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in ...
The Hacker News8h

Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws

Zoom and Xerox patched critical flaws enabling privilege escalation and RCE, risking corporate network compromise.
The Hacker News13h

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Microsoft fixed 111 vulnerabilities, including a Windows Kerberos zero-day enabling full AD compromise via BadSuccessor.
The Hacker News16h

Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics

Charon ransomware targets Middle East sectors using APT-style evasion, causing faster, harder-to-recover encryption.
The Hacker News10h

AI SOC 101: Key Capabilities Security Leaders Need to Know

An AI SOC brings together a range of capabilities that strengthen and scale the core functions of a security operations ...
The Hacker News1d

Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

ShinyHunters and Scattered Spider are teaming up in a coordinated Salesforce phishing and extortion campaign, with ...
The Hacker News1d

Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Coordinated brute-force attacks hit Fortinet SSL VPNs and FortiManager, involving 780+ malicious IPs from U.S., Canada, ...
The Hacker News1d

Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

Researchers found 35 Docker Hub images, including Debian builds, still carrying the XZ Utils backdoor a year later, ...
The Hacker News1d

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches ...
The Hacker News1d

The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions

The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions examines this choice across nine "rounds": ...
The Hacker News2d

Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls

Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform ...