CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices
Apr 17, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security...
Read more →Category: TheHackerNews
Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks
Apr 17, 2025Ravie LakshmananZero-Day / Vulnerability Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS...
Read more →
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Apr 16, 2025Ravie LakshmananEndpoint Security / Vulnerability Cybersecurity researchers have detailed four different vulnerabilities in a core component of the...
Read more →
The New Cyber Risks Facing Supply Chains
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand...
Read more →
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024
Apr 16, 2025Ravie LakshmananArtificial Intelligence / Malvertising Google on Wednesday revealed that it suspended over 39.2 million advertiser accounts in...
Read more →
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users...
Read more →
A Look Inside Wing Security’s Layered SaaS Identity Defense
Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and...
Read more →
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
Apr 16, 2025Ravie LakshmananCyber Espionage / Network Security Cybersecurity researchers have unearthed a new controller component associated with a known...
Read more →
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that...
Read more →
U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert
Apr 16, 2025Ravie LakshmananVulnerability Management / Incident Response The U.S. government funding for non-profit research giant MITRE to operate and...
Read more →
Malicious PyPI Package Targets MEXC Trading API to Steal Credentials and Redirect Orders
Apr 15, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have disclosed a malicious package uploaded to the Python Package...
Read more →
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
Apr 15, 2025Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based...
Read more →