The Hacker News10h
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
CISA adds five exploited vulnerabilities to its KEV catalog, including flaws in Cisco, Microsoft, and Progress software.
The Hacker News16h
Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector
Hackers used a compromised Indian electronics firm’s email to deliver a Golang backdoor in a UAE-targeted phishing campaign.
The Hacker News22h
Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including ...
The Hacker News10h
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) ...
The Hacker News22h
Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites
Threat actors use ClickFix to spread Havoc C2 malware via SharePoint and Microsoft Graph API, while scammers exploit Google ...
The Hacker News12h
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Broadcom patches three actively exploited VMware flaws, including a critical (CVSS 9.3) bug enabling code execution. Update ...
The Hacker News22h
Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language
Mozilla updates Firefox Terms of Use again after privacy concerns over broad data rights language. Company clarifies no ...
The Hacker News15h
How New AI Agents Will Transform Credential Stuffing Attacks
AI-powered credential stuffing could worsen in 2025, as attackers scale automation to breach accounts. Defending identity security is now more critica ...