Why 2026 Will be the Year of Machine-Speed Security
The Race for Every New CVE Based on multiple 2025 industry reports: roughly 50 to 61 percent of newly disclosed vulnerabilities saw exploit code weaponized…
Category: TheHackerNews
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
Nov 13, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware…
Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as…
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
Nov 12, 2025Ravie LakshmananCybercrime / Malware Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY)…
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Nov 12, 2025Ravie LakshmananNetwork Security / Zero-Day Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security…
![[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR](https://image.cybernoz.com/wp-content/uploads/2025/11/Webinar-Learn-How-Leading-Security-Teams-Reduce-Attack-Surface-Exposure.jpg){kind=small}
[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR
Nov 12, 2025The Hacker NewsThreat Detection / Risk Management Every day, security teams face the same problem—too many risks, too many alerts, and not enough…
Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack
Nov 12, 2025Ravie LakshmananVulnerability / Patch Tuesday Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has…
Why Critical Infrastructure Needs Stronger Security
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but…
Google Launches ‘Private AI Compute’ — Secure AI Processing with On-Device-Level Privacy
Nov 12, 2025Ravie LakshmananArtificial Intelligence / Encryption Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries…
WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks
Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp.…
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Nov 11, 2025Ravie LakshmananMalware / Network Security The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March,…
Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers
Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that’s sold on Russian-speaking Telegram channels under a Malware-as-a-Service…