Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have…
Category: TheHackerNews
Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks
May 14, 2025Ravie LakshmananVulnerability / Endpoint Security Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have…
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
May 14, 2025Ravie LakshmananVulnerability / Network Security Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks…
Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads
May 13, 2025Ravie LakshmananSupply Chain Attack / Blockchain Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to…
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
May 13, 2025Ravie LakshmananVulnerability / Threat Intelligence A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to…
North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress
The North Korea-linked threat actor known as Konni APT has been attributed to a phishing campaign targeting government entities in Ukraine, indicating the threat actor’s…
Deepfake Defense in the Age of AI
May 13, 2025The Hacker NewsAI Security / Zero Trust The cybersecurity landscape has been dramatically reshaped by the advent of generative AI. Attackers now leverage…
Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency
May 13, 2025Ravie LakshmananCybercrime / Ransomware Moldovan law enforcement authorities have arrested a 45-year-old foreign man suspected of involvement in a series of ransomware attacks…
Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers
May 13, 2025Ravie LakshmananZero-Day / Vulnerability A Türkiye-affiliated threat actor exploited a zero-day security flaw in an Indian enterprise communication platform called Output Messenger as…
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files
May 12, 2025Ravie LakshmananVulnerability / Endpoint Security ASUS has released updates to address two security flaws impacting ASUS DriverHub that, if successfully exploited, could enable…
Why Exposed Credentials Remain Unfixed—and How to Change That
Detecting leaked credentials is only half the battle. The real challenge—and often the neglected half of the equation—is what happens after detection. New research from…
Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures
May 12, 2025Ravie LakshmananMalware / Artificial Intelligence Threat actors have been observed leveraging fake artificial intelligence (AI)-powered tools as a lure to entice users into…