The Hacker News

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international ...
The Hacker News

Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery

Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of ...
The Hacker News

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting ...
The Hacker News

A New Security Layer for macOS Takes Aim at Admin Errors Before Hackers Do

The goal of the latest release from ThreatLocker is simple. It makes those weak points visible on macOS so they can be fixed ...
The Hacker News

Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month

Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 ...
The Hacker News

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

The vulnerability works on Google Chrome and all web browsers that run on Chromium, which includes Microsoft Edge, Brave, ...
The Hacker News

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising

Threat actors refine tactics with DNS attacks, new RATs, and Rust-based malware. Stay ahead with this week’s top ThreatsDay ...
The Hacker News

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, ...
The Hacker News

The Death of the Security Checkbox: BAS Is the Power Behind Real Defense

That shift, from patching on assumption to patching on evidence, was one of the event's defining moments. BAS doesn't tell ...
The Hacker News

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Botnets exploit PHP flaws and cloud misconfigurations, launching 20 Tbps DDoS and large-scale credential attacks.
The Hacker News

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

New SPLX research exposes “AI-targeted cloaking,” a simple hack that poisons ChatGPT’s reality and fuels misinformation.
The Hacker News

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware

The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related ...