News

The Hacker News1h
Sophos and SonicWall Patch Critical RCE Flaws Affecting Firewalls and SMA 100 Devices
Sophos and SonicWall have alerted users of critical security flaws in Sophos Firewall and Secure Mobile Access (SMA) 100 ...
The Hacker News4h
Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them
If something feels off, trust can vanish in an instant. Add to that the lightning-fast changes AI is bringing to everything ...
The Hacker News5h
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems
Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.
The Hacker News22m
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
CastleLoader malware infected 469 devices via ClickFix, GitHub, and phishing since May 2025. Malware delivery is evolving fast.
The Hacker News10h
Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access
Malware hidden in WordPress mu-plugins grants attackers full access and admin control, putting websites and users at serious ...
The Hacker News23h
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day ...
The Hacker News1d
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
Coyote malware uses Windows UI Automation to target 75 banks and crypto sites in Brazil, risking credential theft.
The Hacker News1d
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
New BeyondTrust research shows statistical models outperform heuristics in detecting Kerberoasting attacks. Better accuracy, ...
The Hacker News1d
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ...
The Hacker News2d
Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access
Cisco confirms active exploitation of critical ISE bugs, exposing systems to remote root access. Urgent patching advised.
The Hacker News1d
CISA Warns: SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
The cybersecurity firm noted that the vulnerabilities could allow attackers to inject unsafe XML entities into the web ...
The Hacker News2d
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access
Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.