The Hacker News4h
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
Microsoft patches two critical flaws in Bing and Power Pages, including CVE-2025-21355, an actively exploited RCE ...
The Hacker News4h
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
Citrix fixes CVE-2024-12284, a NetScaler Console flaw (CVSS 8.8) enabling privilege escalation. Urgent update required—no ...
The Hacker News5h
âš¡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
It's time for a new security approach. Replace traditional security technology that exposes your attack surface and allows ...
The Hacker News5h
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
Winnti’s RevivalStone campaign exploited an ERP SQL flaw to deploy upgraded malware, breaching an MSP and infecting multiple ...
The Hacker News20h
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection
New Snake Keylogger variant evades detection using AutoIt, leading to 280M blocked attacks targeting Windows users across ...
The Hacker News23h
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Hackers use trojanized game installers to spread the StaryDobry XMRig miner, hijacking gaming PCs with 8+ core CPUs.
The Hacker News1d
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
CISA warns of active exploitation of Palo Alto Networks and SonicWall vulnerabilities, requiring agencies to patch by March ...
The Hacker News1d
Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
Mustang Panda exploits MAVInject.exe to evade ESET detection, using EA files to sideload TONESHELL backdoor for persistent ...
The Hacker News1d
Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics
Microsoft discovers new XCSSET macOS malware variant with enhanced obfuscation, persistence, and infection strategies.
The Hacker News1d
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully ...
The Hacker News1d
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates
TA2726, per the enterprise security firm, acts as a TDS for TA2727 and another threat actor called TA569, which is ...
The Hacker News1d
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
"An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow ...