News

The Hacker News3h
Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks
Researchers found 35 Docker Hub images, including Debian builds, still carrying the XZ Utils backdoor a year later, ...
The Hacker News4h
Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager
Coordinated brute-force attacks hit Fortinet SSL VPNs and FortiManager, involving 780+ malicious IPs from U.S., Canada, ...
The Hacker News5h
Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses
ShinyHunters and Scattered Spider are teaming up in a coordinated Salesforce phishing and extortion campaign, with ...
The Hacker News8h
New 'Curly COMrades' APT Using NGEN COM Hijacking in Georgia, Moldova Attacks
Bitdefender exposes ‘Curly COMrades,’ a new Russian-aligned APT targeting Georgia and Moldova with NGEN COM hijacking and ...
The Hacker News10h
The Ultimate Battle: Enterprise Browsers vs. Secure Browser Extensions
The Ultimate Battle: Enterprise Browsers vs. Enterprise Browser Extensions examines this choice across nine "rounds": ...
The Hacker News12h
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors
Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches ...
The Hacker News1d
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) ...
The Hacker News1d
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform ...
The Hacker News1d
6 Lessons Learned: Focusing Security Where Business Value Lives
Refined exposure management cuts remediation by 96%, aligning security with business priorities for stronger, efficient ...
The Hacker News1d
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately
The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day ...
The Hacker News1d
The Second Layer of Salesforce Security Many Teams Miss
Automated tools give you visibility. Adversarial testing gives you clarity. In Salesforce environments, you need both.
The Hacker News2d
New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP
SafeBreach found four Windows DoS flaws via RPC and LDAP, enabling stealth DDoS botnets. Microsoft patched in 2025.