Chinese Hackers Exploit Cityworks 0-Day to Hit US Local Agencies
Cisco Talos warns of active exploitation of a zero-day vulnerability (CVE-2025-0994) in Cityworks supposedly by Chinese hackers from the UAT-6382 threat group. Learn about the…
Month: May 2025
Sophisticated Hacker Group Targeting Government and Enterprise Networks
A decade-long cyber espionage campaign orchestrated by the advanced persistent threat (APT) group TA-ShadowCricket has been exposed through a joint investigation by South Korea’s AhnLab…
Over 40 Malicious Chrome Extensions Impersonate Popular Brands to Steal Sensitive Data
Cybersecurity firm LayerX has uncovered over 40 malicious Chrome browser extensions, many of which are still available on the Google Chrome Web Store. These extensions,…
Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and…
SharpSuccessor PoC Released to Weaponize Windows Server 2025 BadSuccessor Flaw
A critical privilege escalation vulnerability in Windows Server 2025’s delegated Managed Service Account (dMSA) feature enables attackers to compromise Active Directory domains using tools like…
Google claims users find ads in AI search ‘helpful’
Google AI mode and AI Overviews now have ads, which, according to the search engine giant, are “helpful.” At the Google Marketing Live event last…
Oracle TNS Flaw Exposes System Memory to Unauthorized Access
Oracle has addressed a significant security flaw in its Transparent Network Substrate (TNS) protocol, used for database communications, with the release of a patch on…
Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching
Researchers have released PoC for CVE-2025-32756, a severe security flaw, that is actively being exploited in Fortinet products like FortiMail and FortiCamera. This stack-based buffer…
CISO’s Guide To Web Privacy Validation And Why It’s Important
May 26, 2025The Hacker NewsData Privacy / Web Security Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide…
OpenAI plans to ship an interesting ChatGPT product by 2026
OpenAI is planning to ship a new ChatGPT-powered product by 2026, but we aren’t looking at yet another model. In the U.S. v. Google antitrust, a…
Severe vBulletin Flaw Allows Remote Code Execution by Attackers
A newly discovered vulnerability in vBulletin, one of the world’s most popular commercial forum platforms, has highlighted the dangers of relying on method visibility for…
Police Digital Service board director quits several months after CISO departs
A senior figure from the Home Office has stepped down as a director at the Police Digital Service (PDS), several weeks after the organisation lost its…