The Hacker News1 天
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Researchers uncovered 20 malicious PyPI packages stealing cloud credentials, downloaded 14,100+ times before removal.
The Hacker News2 天
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been ...
The Hacker News2 天
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right
Following the success of its initial deployment, Andelyn is now expanding microsegmentation policies to additional sites and ...
The Hacker News2 天
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
Join cybersecurity expert Joseph Carson for a live demo revealing how ransomware attacks unfold—and how to stop them.
The Hacker News2 天
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
MassJacker clipper malware hijacks cryptocurrency transactions, targeting piracy users via Pesktop[.]com, with attackers ...
The Hacker News2 天
Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking ...
Microsoft warns of a phishing campaign using ClickFix to spread malware via fake Booking.com emails. Attackers exploit fake ...
The Hacker News2 天
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks
(CVE-2025-25291, CVE-2025-25292) allow SAML authentication bypass (CVSS 8.8). Update to versions 1.12.4 or 1.18.0 now.
The Hacker News2 天
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
OBSCURE#BAT malware exploits fake CAPTCHA pages and malvertising to deploy rootkit r77, evading detection via registry ...
The Hacker News3 天
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
A critical FreeType vulnerability (CVE-2025-27363) with a CVSS 8.1 score may be actively exploited—update to 2.13.3 now for ...
The Hacker News2 天
GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging
The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the ...
The Hacker News3 天
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
This article shares the latest trends and challenges in backup and disaster recovery by gathering data from over 3,000 IT ...
The Hacker News4 天
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks
Apple patches WebKit zero-day CVE-2025-24201, exploited in sophisticated attacks before iOS 17.2. Update secures iOS, macOS, ...