Category: Hacker News
Apple Patches Actively Exploited iOS Zero-Day CVE-...
Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited...
Don't Overlook These 6 Critical Okta Security Conf...
Given Okta's role as a critical part of identity infrastructure, strengthening Okta security is essential. This article covers six...
DragonRank Exploits IIS Servers with BadIIS Malwar...
Threat actors have been observed targeting Internet Information Services (IIS) servers in Asia as part of a search engine optimiza...
Zimbra Releases Security Updates for SQL Injection...
Zimbra has released software updates to address critical security flaws in its Collaboration software that, if successfully exploi...
XE Hacker Group Exploits VeraCore Zero-Day to Depl...
Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI fo...
Malicious ML Models on Hugging Face Leverage Broke...
Cybersecurity researchers have uncovered two malicious machine learning (ML) models on Hugging Face that leveraged an unusual tech...
DeepSeek App Transmits Sensitive User and Device D...
A new audit of DeepSeek's mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that...
CISA Warns of Active Exploits Targeting Trimble Ci...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-c...
Microsoft Identifies 3,000 Leaked ASP.NET Keys Ena...
Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys...
AI-Powered Social Engineering: Reinvented Threats
The foundations for social engineering attacks – manipulating humans – might not have changed much over the years. It’s the vector...
Microsoft Identifies 3,000+ Publicly Disclosed ASP...
Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys...
India’s RBI Introduces Exclusive "bank.in" Domain ...
India's central bank, the Reserve Bank of India (RBI), said it's introducing an exclusive "bank.in" internet domain for banks in t...
Hackers Exploiting SimpleHelp RMM Flaws for Persis...
Threat actors have been observed exploiting recently disclosed security flaws in SimpleHelp's Remote Monitoring and Management (RM...
Fake Google Chrome Sites Distribute ValleyRAT Malw...
Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called Valle...
Ransomware Extortion Drops to $813.5M in 2024, Dow...
Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023. The total amo...
SparkCat Malware Uses OCR to Extract Crypto Wallet...
A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple's and Google's respective app stores to st...
The Evolving Role of PAM in Cybersecurity Leadersh...
Privileged Access Management (PAM) has emerged as a cornerstone of modern cybersecurity strategies, shifting from a technical nece...
North Korean APT Kimsuky Uses forceCopy Malware to...
The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver ...
Top 3 Ransomware Threats Active in 2025
You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom dema...
Cisco Patches Critical ISE Vulnerabilities Enablin...
Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers...
