News

The Hacker News11h
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
A critical vulnerability in mcp-remote (CVE-2025-6514) allows remote code execution, affecting 437,000+ users.
The Hacker News12h
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
Four individuals were arrested in connection with £440M cyber attacks on Marks & Spencer, Co-op, and Harrods, linked to the ...
The Hacker News14h
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
A cryptocurrency social engineering campaign uses fake AI and gaming companies to deliver malware on Windows and macOS, ...
The Hacker News16h
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
AMD reveals new Transient Scheduler vulnerabilities in CPUs, exposing sensitive data risks across multiple Ryzen and EPYC ...
The Hacker News17h
What Security Leaders Need to Know About AI Governance for SaaS
U.S. companies are using generative AI, raising concerns about data privacy, compliance, and operational risks.
The Hacker News17h
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
The altered app packs in two extra executables within Termius Helper.app, a loader named ".localized" that's designed to ...
The Hacker News21h
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.
The Hacker News21h
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
Hackers are exploiting Shellter’s leaked Elite license to distribute Lumma Stealer, SectopRAT, and more. This affects ...
The Hacker News1d
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
The IT worker scheme, also tracked as Nickel Tapestry, Wagemole, and UNC5267, involves North Korean actors using a mix of ...
The Hacker News1d
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
Gold Melody uses ASP.NET vulnerabilities for long-term access, impacting various industries across Europe and the U.S.
The Hacker News1d
Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks
Chinese national Xu Zewei arrested in Milan for links to Silk Typhoon and cyber attacks on U.S. agencies, including Microsoft Exchange breaches ...
The Hacker News1d
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Automate malware alert workflows with Tines, using CrowdStrike and Slack to streamline threat triage and improve response ...