The Hacker News3 小时
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.
The Hacker News17 小时
Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners
Hackers exploit Webflow CDN to host fake PDFs with CAPTCHA phishing, tricking users into entering credit card details while ...
The Hacker News17 小时
RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset
RA World ransomware used PlugX malware in Nov 2024, hinting at a lone hacker monetizing Chinese espionage tools.
The Hacker News22 小时
Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software
Palo Alto Networks patches CVE-2025-0108, a PAN-OS flaw (CVSS 7.8) allowing authentication bypass. Update now.
The Hacker News17 小时
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also ...
The Hacker News15 小时
AI and Security - A New Puzzle to Figure Out
Secure GenAI apps from evolving identity threats, tackling authentication, authorization, and AI security risks.
The Hacker News22 小时
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux
REF7707 deployed FINALDRAFT malware, using Microsoft Graph API for stealthy command-and-control in a global espionage ...
The Hacker News19 小时
Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams
Think Differently: Move from the old "fix it later" idea to building security into every step from day one. Imagine a project ...
The Hacker News20 小时
Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now
Ivanti patches critical flaws in Connect Secure, Policy Secure, and CSA. Urgent updates address CVEs up to 9.9 CVSS. Apply ...
The Hacker News1 天
Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries
Sandworm’s BadPilot campaign exploits eight security flaws to infiltrate global critical sectors, enabling persistent access ...
The Hacker News1 天
Microsoft's Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Microsoft patches 63 flaws, including two exploited Windows vulnerabilities (CVE-2025-21391, CVE-2025-21418). CISA requires ...
The Hacker News1 天
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
North Korean hackers use PowerShell trick to hijack devices, while a U.S. woman helped fake IT workers infiltrate 300 firms, ...