News

The Hacker News3h
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability ...
The Hacker News21h
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Legacy email filters miss post-delivery threats in Microsoft 365 and Google Workspace, exposing data. Here's how EDR-style ...
The Hacker News15h
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...
The Hacker News1d
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Scattered Spider targets VMware ESXi in fast, stealthy ransomware attacks across U.S. retail and airline sectors.
The Hacker News1d
Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide
Tridium Niagara flaws expose critical infrastructure to takeover if misconfigured, affecting security and system uptime.
The Hacker News1d
EDR Detects, EPM Prevents. Why Using Both is a Winning Formula for Modern Endpoint Protection
This is why Endpoint Detection and Response (EDR) is really only one piece of the endpoint protection puzzle. It offers key ...
The Hacker News4d
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems
Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.
The Hacker News4d
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems
Mitel fixes critical MiVoice and MiCollab flaws that allow account access and SQL attacks. Users must update to avoid system ...
The Hacker News4d
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
CastleLoader malware infected 469 devices via ClickFix, GitHub, and phishing since May 2025. Malware delivery is evolving ...
The Hacker News4d
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Fire Ant's breach of the virtualization management layer is achieved by the exploitation of CVE-2023-34048, a known security ...
The Hacker News5d
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
The activity has been attributed to a threat actor tracked as Mimo (aka Hezb), which has a long history of leveraging N-day ...
The Hacker News3d
Overcoming Risks from Chinese GenAI Tool Usage
China-based GenAI tools used by 1,059 employees exposed sensitive enterprise data, raising global compliance concerns.