News

The Hacker News1h

New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

The starting point of the attack is a compressed archive that's delivered to victims via malvertising or search engine ...
The Hacker News3h

Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws

Zoom and Xerox patched critical flaws enabling privilege escalation and RCE, risking corporate network compromise.
The Hacker News5h

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

"An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in ...
The Hacker News5h

AI SOC 101: Key Capabilities Security Leaders Need to Know

An AI SOC brings together a range of capabilities that strengthen and scale the core functions of a security operations ...
The Hacker News8h

Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws

Microsoft fixed 111 vulnerabilities, including a Windows Kerberos zero-day enabling full AD compromise via BadSuccessor.
The Hacker News11h

Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics

Charon ransomware targets Middle East sectors using APT-style evasion, causing faster, harder-to-recover encryption.
The Hacker News22h

Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks

Researchers found 35 Docker Hub images, including Debian builds, still carrying the XZ Utils backdoor a year later, ...
The Hacker News1d

Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

ShinyHunters and Scattered Spider are teaming up in a coordinated Salesforce phishing and extortion campaign, with ...
The Hacker News1d

Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Coordinated brute-force attacks hit Fortinet SSL VPNs and FortiManager, involving 780+ malicious IPs from U.S., Canada, ...
The Hacker News1d

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches ...
The Hacker News2d

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day ...
The Hacker News1d

The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions

The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions examines this choice across nine "rounds": ...