The Hacker News13h
CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
CISA warns of active attacks exploiting Trimble Cityworks CVE-2025-0994 (CVSS 8.6). Hackers deploy Rust-based malware, Cobalt ...
The Hacker News20h
Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
Threat actors exploit SimpleHelp RMM flaws (CVE-2024-57726-28) for persistent network access, deploying Sliver and Cloudflare ...
The Hacker News15h
India's RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud
RBI launches "bank.in" and "fin.in" domains to prevent digital fraud, with AFA enhancing online transaction security.
The Hacker News11h
DeepSeek App Transmits Sensitive User and Device Data Without Encryption
DeepSeek’s iOS app sends unencrypted data, risking cyber threats via weak encryption, ATS bypass, and ByteDance-linked ...
The Hacker News14h
AI-Powered Social Engineering: Reinvented Threats
AI-powered phishing and deepfake scams are accelerating cybercrime, cutting costs by 95% while increasing success rates.
The Hacker News13h
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Microsoft warns of 3,000+ publicly disclosed ASP.NET machine keys that enable ViewState code injection attacks, leading to ...
The Hacker News1d
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025
PAM market to reach $42.96B by 2037. Learn how PAM boosts security, compliance, and efficiency amid evolving cyber threats.
The Hacker News1d
Top 3 Ransomware Threats Active in 2025
LockBit, Lynx, and Virlock dominate 2025 ransomware threats, targeting businesses with double extortion, data breaches, and ...
The Hacker News1d
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
SparkCat malware infects 242,000 Android devices, using OCR to steal crypto wallet phrases, marking the first iOS stealer on ...
The Hacker News1d
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
Cisco has patched two critical ISE vulnerabilities (CVEs 2025-20124, 2025-20125) allowing remote command execution and ...
The Hacker News2d
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
Seqrite Labs said it observed some level of tactical overlaps between the threat actor and YoroTrooper (aka SturgeonPhisher), ...
The Hacker News2d
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute ...