News

The Hacker News1h
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
The exploitation of CVE-2025-29824 also points to the trend of ransomware actors using zero-days to infiltrate targets. Last ...
The Hacker News1h
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
All four vulnerabilities have been rectified by SysAid with the release of on-premise version 24.4.60 b16 in early March 2025 ...
The Hacker News2h
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection
A new report Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection analyzing gaps in SSE implementations ...
The Hacker News5h
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
PyPI package 'discordpydebug' hides a RAT, downloaded 11,574 times, using stealthy HTTP polling to bypass defenses.
The Hacker News6h
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware
A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary ...
The Hacker News21h
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) ...
The Hacker News21h
Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches
Third-party breaches doubled to 30% in 2025 + ungoverned machine accounts fueled major attacks + unified identity strategy is ...
The Hacker News1d
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
Microsoft warns default Helm charts expose Kubernetes apps by prioritizing ease over security, risking data leaks.
The Hacker News1d
Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace
Stolen credentials remain the top attack vector + Google’s MFA and access controls reduce breach risk + Identity is now the ...
The Hacker News1d
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited ...
The Hacker News1d
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability ...
The Hacker News1d
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
Nation-state intrusions. Deepfake-ready malware. AI-powered influence ops. New CVEs, old threats reborn, and spyware with ...