Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code...
Read more →Category: TheHackerNews
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Jul 11, 2025Ravie LakshmananUnited States Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an...
Read more →
Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
An Iranian-backed ransomware-as-a-service (RaaS) named Pay2Key has resurfaced in the wake of the Israel-Iran-U.S. conflict last month, offering bigger payouts...
Read more →
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
Jul 11, 2025Ravie LakshmananCyber Attack / Vulnerability A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come...
Read more →
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy’s BlueSDK Bluetooth stack that, if successfully exploited, could...
Read more →Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
Jul 11, 2025Ravie LakshmananCyber Attack / Vulnerability A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come...
Read more →
Securing Data in the AI Era
Jul 11, 2025The Hacker NewsData Security / Enterprise Security The 2025 Data Risk Report: Enterprises face potentially serious data loss...
Read more →
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and...
Read more →
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
Jul 10, 2025Ravie LakshmananVulnerability / AI Security Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that...
Read more →
Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
Jul 10, 2025Ravie LakshmananCryptocurrency / Cybercrime Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake...
Read more →
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs
Jul 10, 2025Ravie LakshmananVulnerability / Hardware Security Semiconductor company AMD is warning of a new set of vulnerabilities affecting a...
Read more →
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
Jul 10, 2025Ravie LakshmananEndpoint Security / Vulnerability Cybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called...
Read more →