News

The Hacker News16h
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, ...
The Hacker News1d
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
CISA warns ransomware groups exploiting unpatched SimpleHelp RMM to breach organizations worldwide, risking data theft and ...
The Hacker News1d
Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
Unit 42 said its telemetry uncovered 269,552 web pages that have been infected with JavaScript code using the JSFireTruck ...
The Hacker News1d
CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
Traditional SOCs are overwhelmed by alerts; CTEM helps enterprises focus on real risks and business impact for better ...
The Hacker News1d
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple patched zero-day flaws exploited to deploy Paragon’s Graphite spyware targeting journalists and civil society, raising ...
The Hacker News2d
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes | Read more hacking news on The Hacker News ...
The Hacker News2d
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
ConnectWise rotates ScreenConnect certificates by June 13 after config data concerns, impacting on-prem users to prevent ...
The Hacker News2d
WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
Another notable component of these attacks is the compromise of WordPress websites to inject malicious code that's ...
The Hacker News2d
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
INTERPOL and 26 countries dismantled 20,000+ malicious IPs tied to info-stealing malware, disrupting global cybercrime ...
The Hacker News2d
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
A new ATO campaign using TeamFiltration breached 80,000+ Microsoft Entra ID accounts via password spraying, impacting ...
The Hacker News4d
Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud
Salesforce Industry Cloud has 20+ config risks exposing sensitive data; customers must fix most issues to avoid compliance ...
The Hacker News2d
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Critical zero-click AI vulnerability EchoLeak exposed sensitive Microsoft 365 Copilot data; Microsoft patched it to prevent data leaks.