The Hacker News3 小时
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.
The Hacker News15 小时
AI and Security - A New Puzzle to Figure Out
Secure GenAI apps from evolving identity threats, tackling authentication, authorization, and AI security risks.
The Hacker News17 小时
Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners
Hackers exploit Webflow CDN to host fake PDFs with CAPTCHA phishing, tricking users into entering credit card details while ...
The Hacker News17 小时
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also ...
The Hacker News17 小时
RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset
RA World ransomware used PlugX malware in Nov 2024, hinting at a lone hacker monetizing Chinese espionage tools.
The Hacker News19 小时
Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams
Think Differently: Move from the old "fix it later" idea to building security into every step from day one. Imagine a project ...
The Hacker News20 小时
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
Ivanti patches critical flaws in Connect Secure, Policy Secure, and CSA. Urgent updates address CVEs up to 9.9 CVSS. Apply ...
The Hacker News22 小时
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software
Palo Alto Networks patches CVE-2025-0108, a PAN-OS flaw (CVSS 7.8) allowing authentication bypass. Update now.
The Hacker News22 小时
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux
REF7707 deployed FINALDRAFT malware, using Microsoft Graph API for stealthy command-and-control in a global espionage ...