The Hacker News2h
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
Silk Typhoon exploits zero-day vulnerabilities, stolen API keys, and cloud services to infiltrate IT supply chains and ...
The Hacker News4h
Defending against USB drive attacks with Wazuh
USB attacks exploit common devices to spread malware. Wazuh detects threats like Stuxnet and Raspberry Robin across OS ...
The Hacker News5h
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
Dark Caracal APT deploys Poco RAT malware in Latin America, targeting enterprises via phishing lures. Attackers use .REV ...
The Hacker News5h
Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud
Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device ...
The Hacker News7h
Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants
Lotus Panda targets Asian government and media sectors with new Sagerunex backdoor variants using Dropbox, X, and Zimbra for ...
The Hacker News7h
Identity: The New Cybersecurity Battleground
Why is Identity the new prime target? The 2024 Verizon Data Breach Report found that 80% of breaches involve compromised ...
The Hacker News11h
Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems
Attackers are using typosquatted Go packages to deploy malware on Linux and macOS, targeting financial developers.
The Hacker News14h
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Broadcom patches three actively exploited VMware flaws, including a critical (CVSS 9.3) bug enabling code execution. Update ...
The Hacker News1d
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) ...
The Hacker News1d
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm
CISA adds five exploited vulnerabilities to its KEV catalog, including flaws in Cisco, Microsoft, and Progress software.
The Hacker News1d
How New AI Agents Will Transform Credential Stuffing Attacks
AI-powered credential stuffing could worsen in 2025, as attackers scale automation to breach accounts. Defending identity security is now more critica ...
The Hacker News1d
Suspected Iranian Hackers Used Compromised Indian Firm's Email to Target U.A.E. Aviation Sector
Hackers used a compromised Indian electronics firm’s email to deliver a Golang backdoor in a UAE-targeted phishing campaign.