News

The Hacker News3h
Experts Uncover New XorDDoS Controller, Infrastructure as Malware Expands to Docker, Linux, IoT
XorDDoS is a well-known malware that has a track record of striking Linux systems for over a decade. In May 2022, Microsoft ...
The Hacker News5h
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
The flaw is assessed to be a variant of CVE-2024-43451 (CVSS score: 6.5), which was patched by Microsoft in November 2024 and ...
The Hacker News18h
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
Capping off the new additions to the Mustang Panda's malware arsenal is SplatCloak, a Windows kernel driver deployed by ...
The Hacker News20h
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns
ClickFix malware tactic used by Iran, Russia, and North Korea from Nov 2024–Feb 2025 replaces payload delivery in major ...
The Hacker News23h
Blockchain Offers Security Benefits – But Don't Neglect Your Passwords
Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions. Its security benefits stem ...
The Hacker News22h
Artificial Intelligence – What's all the fuss?
In mid October 2024, our "World Watch" security intelligence capability published an advisory that summarized the use of AI ...
The Hacker News22h
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
CVE-2025-32433 in Erlang SSH scores 10.0 CVSS, enables unauthenticated code execution on telecom and IoT systems.
The Hacker News1d
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws ...
The Hacker News1d
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024
Google on Wednesday revealed that it suspended over 39.2 million advertiser accounts in 2024, with a majority of them ...
The Hacker News1d
New Windows Task Scheduler Bugs Let Attackers Bypass UAC and Tamper with Logs
"A [User Account Control] bypass vulnerability has been found in Microsoft Windows, enabling attackers to bypass the User ...
The Hacker News1d
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Malicious crypto installers using Node.js since Oct 2024 evade Microsoft Defender via PowerShell and DLLs, enabling stealthy ...
The Hacker News1d
CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall ...