A Look Inside Pillar’s AI Security Platform
In this article, we will provide a brief overview of Pillar Security’s platform to better understand how they are tackling AI security challenges. Pillar Security…
Category: TheHackerNews
Critical Dahua Camera Flaws Enable Remote Hijack via ONVIF and File Upload Exploits
Jul 30, 2025Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have disclosed now-patched critical security flaws in the firmware of Dahua smart cameras that, if left…
Chinese Firms Linked to Silk Typhoon Filed 15+ Patents for Cyber Espionage Tools
Jul 30, 2025Ravie LakshmananEndpoint Security / Cyber Espionage Chinese companies linked to the state-sponsored hacking group known as Silk Typhoon (aka Hafnium) have been identified…
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Jul 30, 2025Ravie LakshmananDevice Security / AI Security Google has announced that it’s making a security feature called Device Bound Session Credentials (DBSC) in open…
Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure
Jul 30, 2025Ravie Lakshmanan Google Cloud’s Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but…
Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware
Jul 30, 2025Ravie LakshmananVulnerability / Threat Intelligence Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in…
PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain
Jul 29, 2025Ravie LakshmananPhishing / Developer Security The maintainers of the Python Package Index (PyPI) repository have issued a warning about an ongoing phishing attack…
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
Jul 29, 2025Ravie LakshmananLLM Security / Vulnerability Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44 that…
Wiz Uncovers Critical Access Bypass Flaw in AI-Powered Vibe Coding Platform Base44
Jul 29, 2025Ravie LakshmananLLM Security / Vulnerability Cybersecurity researchers have disclosed a now-patched critical security flaw in a popular vibe coding platform called Base44 that…
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter’s dark web infrastructure…
The New JavaScript Injection Playbook
React conquered XSS? Think again. That’s the reality facing JavaScript developers in 2025, where attackers have quietly evolved their injection techniques to exploit everything from…
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia’s Mobile Networks
Cybersecurity researchers have discovered a new, large-scale mobile malware campaign that’s targeting Android and iOS platforms with fake dating, social networking, cloud storage, and car…