Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools Software Security / Patch ManagementIf you're using community tools like Chocolatey or Winget to k... 2025-11-26 11:10:0 | 阅读: 4 | 收藏 | The Hacker News - thehackernews.com slowing spot safely webinar mix

Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps Browser Security / CryptocurrencyCybersecurity researchers have discovered a new malicious extensi... 2025-11-26 11:10:0 | 阅读: 5 | 收藏 | The Hacker News - thehackernews.com sol fee solana 0013 malicious

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware Malware / Cyber EspionageThe threat actors behind a malware family known as RomCom targeted a U.S.... 2025-11-26 08:28:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com romcom loader socgholish ukraine arctic

FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating fin... 2025-11-26 04:29:0 | 阅读: 7 | 收藏 | The Hacker News - thehackernews.com phishing fraudulent ato attackers

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys Data Exposure / Cloud SecurityNew research has found that organizations in various sensitive secto... 2025-11-25 16:49:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com sectors security

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers Cybersecurity researchers are calling attention to a new campaign that's leveraging a combination o... 2025-11-25 14:18:0 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com powershell windows clickfix security mshta

ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens The threat actor known as ToddyCat has been observed adopting new methods to obtain access to corpo... 2025-11-25 11:36:0 | 阅读: 9 | 收藏 | The Hacker News - thehackernews.com tomberbil microsoft ost toddycat

3 SOC Challenges You Need to Solve Before 2026 2026 will mark a pivotal shift in cybersecurity. Threat actors are moving from experimenting with... 2025-11-25 11:30:0 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com threats security analysis 2026 malicious

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware Malware / Browser SecurityCybersecurity researchers have disclosed details of a new campaign that... 2025-11-25 11:28:0 | 阅读: 7 | 收藏 | The Hacker News - thehackernews.com python blender blend stealc security

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users Spyware / Mobile SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monda... 2025-11-25 06:42:0 | 阅读: 13 | 收藏 | The Hacker News - thehackernews.com spyware security phishing e2ee victim

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions Vulnerability / Container SecurityCybersecurity researchers have discovered five vulnerabilities i... 2025-11-24 15:3:0 | 阅读: 6 | 收藏 | The Hacker News - thehackernews.com fluent cloud attackers security

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft Cloud Security / VulnerabilityMultiple security vendors are sounding the alarm about a second wave... 2025-11-24 13:3:0 | 阅读: 10 | 收藏 | The Hacker News - thehackernews.com github hulud malicious security wave

⚡ Weekly Recap: Fortinet Exploit, Chrome 0-Day, BadIIS Malware, Record DDoS, SaaS Breach & More Cybersecurity / Hacking NewsThis week saw a lot of new cyber trouble. Hackers hit Fortinet and C... 2025-11-24 12:32:0 | 阅读: 21 | 收藏 | The Hacker News - thehackernews.com security windows network malicious microsoft

Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghurs New research from CrowdStrike has revealed that DeepSeek's artificial intelligence (AI) reasoning m... 2025-11-24 11:7:0 | 阅读: 15 | 收藏 | The Hacker News - thehackernews.com security deepseek perplexity crowdstrike comet

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploi... 2025-11-24 07:18:0 | 阅读: 12 | 收藏 | The Hacker News - thehackernews.com shadowpad wsus windows 59287 ahnlab

China-Linked APT31 Launches Stealthy Cyberattacks on Russian IT Using Cloud Services Cyber Espionage / Cloud SecurityThe China-linked advanced persistent threat (APT) group known as A... 2025-11-22 15:19:0 | 阅读: 16 | 收藏 | The Hacker News - thehackernews.com c2 cloud apt31 yandex microsoft

Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute mali... 2025-11-22 06:47:0 | 阅读: 108 | 收藏 | The Hacker News - thehackernews.com c2 attackers huntress malicious

CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability Zero-Day / Software SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Fr... 2025-11-22 06:45:0 | 阅读: 104 | 收藏 | The Hacker News - thehackernews.com security remote ullrich bypass

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation Vulnerability / Threat MitigationGrafana has released security updates to address a maximum severi... 2025-11-21 15:40:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com security scim torosyan

Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security Data Protection / TechnologyIn a surprise move, Google on Thursday announced that it has updated Q... 2025-11-21 13:0:0 | 阅读: 8 | 收藏 | The Hacker News - thehackernews.com security memory airdrop