News

The Hacker News4h
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a ...
The Hacker News9h
Silver Fox APT Targets Taiwan with Complex Gh0stCringe and HoldingHands RAT Malware
The cybersecurity company said it identified additional malware samples through continuous monitoring and that it observed ...
The Hacker News13h
New Flodrix Botnet Variant Exploits Langflow AI Server RCE Bug to Launch DDoS Attacks
Langflow’s RCE flaw is under active attack, infecting servers with Flodrix botnet malware via public PoC. Unpatched AI apps ...
The Hacker News12h
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert
TP-Link and Zyxel router flaws are under active attack, affecting global users and federal systems. Urgent updates needed.
The Hacker News18h
Meta Starts Showing Ads on WhatsApp After 6-Year Delay From 2018 Announcement
Meta rolls out ads on WhatsApp Status using limited data like location and language, raising privacy questions.
The Hacker News12h
Hard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments
Three flaws in Sitecore XP v10.1+ let attackers gain remote access using default credentials—impacting banks, airlines, and ...
The Hacker News12h
U.S. Seizes $7.74M in Crypto Tied to North Korea's Global Fake IT Worker Network
U.S. DoJ seizes $7.74M in crypto linked to North Korean IT worker scheme exploiting AI, fake IDs, and BYOD loopholes.
The Hacker News18h
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, ...
The Hacker News11h
Are Forgotten AD Service Accounts Leaving You at Risk?
It's no surprise that AD service accounts often evade routine security oversight. Security teams, overwhelmed by daily ...
The Hacker News1d
Anubis Ransomware Encrypts and Wipes Files, Making Recovery Impossible Even After Payment
"The ransomware features a 'wipe mode,' which permanently erases files, rendering recovery impossible even if the ransom is ...
The Hacker News1d
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Malware-laced PyPI and npm packages steal developer credentials, CI/CD data, and crypto wallets. Attacks target macOS, AI ...
The Hacker News1d
Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine
Cynomi's playbook helps providers scale from tactical services to strategic cybersecurity programs with MRR growth.