Parrot 7.0 Beta Introduces Debian 13 and a Fully Redesigned Desktop
Parrot Security OS has unveiled its highly anticipated 7.0 beta release, marking a significant milestone with the integration of Debian 13 and a complete desktop…
Author: Cybernoz
Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling
Dec 10, 2025Ravie LakshmananHardware Security / Vulnerability Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE)…
Cybercriminals Use Fake Game Updates on Itch.io and Patreon to Push Lumma Stealer
The indie gaming community faces a new and sophisticated threat. Malicious actors are exploiting itch.io and Patreon to distribute the Lumma Stealer malware disguised as…
Black Hat Welcomes Suzy Pallett as New Brand President
10 Dec Black Hat Welcomes Suzy Pallett as New Brand President Posted at 08:58h in Blogs by Taylor Fox This week in cybersecurity from the…
AI-Powered Analysis Exposes Massive 5,000-Domain Chinese Malware Operation
DomainTools Investigations has released critical findings detailing the expansion of a massive malware-delivery network targeting Chinese-speaking users worldwide. The long-running cluster, active since June 2023,…
GhostFrame phishing kit fuels widespread attacks against millions
GhostFrame is a new phishing-as-a-service (PhaaS) kit, tracked since September 2025, that has already powered more than a million phishing attacks. Threat analysts spotted a…
Ukrainian hacker charged with helping Russian hacktivist groups
U.S. prosecutors have charged a Ukrainian national for her role in cyberattacks targeting critical infrastructure worldwide, including U.S. water systems, election systems, and nuclear facilities,…
Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code
Security update addressing a dangerous Windows PowerShell vulnerability that allows attackers to execute malicious code on affected systems. The vulnerability, tracked as CVE-2025-54100, was publicly…
High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions by injecting malicious JavaScript into the…
How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes
Dec 10, 2025The Hacker NewsCloud Security / Threat Detection Cloud security is changing. Attackers are no longer just breaking down the door; they are finding…
US Targets Russian-Backed Cyber Groups CARR, NoName057(16)
The U.S. Department of Justice has unveiled a series of actions against two Russian state-supported cyber collectives, CARR (also known as CyberArmyofRussia_Reborn or CyberArmyofRussia) and…
The ten key reforms that can close America’s cybersecurity gaps
For decades, the United States government and private sector have worked tirelessly to secure cyberspace, yet our nation remains frighteningly vulnerable to a litany of…