Watch This Webinar to Uncover Hidden Flaws in Login, AI, and Digital Trust — and Fix Them
Jul 24, 2025The Hacker News Is Managing Customer Logins and Data Giving You Headaches? You’re Not Alone! Today, we all...
Read more →Category: TheHackerNews
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems
Jul 24, 2025Ravie LakshmananVulnerability / Ransomware Microsoft has revealed that one of the threat actors behind the active exploitation of...
Read more →
Europol Arrests XSS Forum Admin in Kyiv After 12-Year Run Operating Cybercrime Marketplace
Europol on Monday announced the arrest of the suspected administrator of XSS.is (formerly DaMaGeLaB), a notorious Russian-speaking cybercrime platform. The...
Read more →
Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access
Jul 24, 2025Ravie LakshmananCybersecurity / Web Security Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the “mu-plugins” directory...
Read more →
Threat Actor Mimo Targets Magento and Docker to Deploy Crypto Miners and Proxyware
Jul 23, 2025Ravie LakshmananMalware / Cryptocurrency The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances...
Read more →
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
Jul 23, 2025Ravie LakshmananWindows Security / Cryptocurrency The Windows banking trojan known as Coyote has become the first known malware...
Read more →
A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods....
Read more →
SysAid Flaws Under Active Attack Enable Remote File Access and SSRF
Jul 23, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting...
Read more →
Google Launches OSS Rebuild to Expose Malicious Code in Widely Used Open-Source Packages
Jul 23, 2025Ravie LakshmananSoftware Integrity / DevSecOps Google has announced the launch of a new initiative called OSS Rebuild to...
Read more →
CISA Orders Urgent Patching After Chinese Hackers Exploit SharePoint Flaws in Live Attacks
Jul 23, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added...
Read more →
Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups
Jul 22, 2025Ravie LakshmananVulnerability / Threat Intelligence Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server...
Read more →
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as...
Read more →