The Hacker News1h
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
Google Project Zero researcher Natalie Silvanovich, who discovered and reported the shortcoming, described it as requiring no ...
The Hacker News2h
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
"The malware then runs the XMRig miner, using the command-line arguments inside the downloaded configuration text file," ...
The Hacker News1h
Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity
Elisity cuts healthcare costs by 76% with identity-based microsegmentation, discovering 99% of devices in 4 hours.
The Hacker News2h
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns
RedDelta exploited PlugX backdoor and Cloudflare CDN to target Asian governments, including Mongolia's Ministry of Defense, ...
The Hacker News22h
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
In July 2023, the E.U. adopted a new personal data transfer mechanism with the U.S. called the E.U.-U.S. Data Privacy ...
The Hacker News18h
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Palo Alto Networks patches severe Expedition vulnerabilities, including SQL injection (CVE-2025-0103, CVSS 7.8), exposing ...
The Hacker News22h
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
MirrorFace, an APT10 subgroup, targets Japan's security with spear-phishing, sandbox evasion, and ANEL malware.
The Hacker News21h
New Banshee Stealer Variant Bypasses Antivirus with Apple's XProtect-Inspired Encryption
Banshee Stealer, a $3,000/month macOS malware, resurfaces with XProtect encryption, targeting 100M users via phishing ...
The Hacker News18h
Product Walkthrough: How Reco Discovers Shadow AI in SaaS
Reco uncovers shadow AI in SaaS, tackling risks like excessive permissions and data leaks. Real-time security detection ...
The Hacker News1d
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti's CVE-2025-0282 flaw, exploited by China-linked actors, enables remote code execution. CISA demands urgent patching by ...
The Hacker News1d
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
CVE-2024-52875, a critical RCE flaw in GFI KerioControl firewalls, allows HTTP response splitting and exploits over 23,800 ...
The Hacker News1d
Top 5 Malware Threats to Prepare Against in 2025
Lumma, XWorm, and LockBit posed serious threats in 2024. Learn how ANY.RUN’s sandbox detects malware tactics, including ...