Category: TheHackerNews

Android System Flaw in May 2025 Security Update
06
May
2025

Google Fixes Actively Exploited Android System Flaw in May 2025 Security Update

May 06, 2025Ravie LakshmananVulnerability / Mobile Security Google has released its monthly security updates for Android with fixes for 46…

Critical Langflow Flaw
06
May
2025

Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence

May 06, 2025Ravie LakshmananCybersecurity / Vulnerability A recently disclosed critical security flaw impacting the open-source Langflow platform has been added…

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
05
May
2025

Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed

May 05, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw…

Wormable AirPlay Flaws
05
May
2025

Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi

May 05, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay…

Malware Steal Browser Credentials and Crypto Wallet Data
05
May
2025

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

The threat actors known as Golden Chickens have been attributed to two new malware families dubbed TerraStealerV2 and TerraLogger, suggesting…

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack
03
May
2025

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

May 03, 2025Ravie LakshmananSupply Chain Attack / Malware Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code…

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware
03
May
2025

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

May 03, 2025Ravie LakshmananMalware / Operational Technology An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion…

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
03
May
2025

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black…

TikTok Slammed With €530M GDPR
02
May
2025

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

May 02, 2025Ravie LakshmananData Privacy / Social Media Ireland’s Data Protection Commission (DPC) on Friday fined popular video-sharing platform TikTok…

How to Automate CVE and Vulnerability Advisory Response with Tines
02
May
2025

How to Automate CVE and Vulnerability Advisory Response with Tines

May 02, 2025The Hacker NewsVulnerability Management / Security Operations Run by the team at workflow orchestration and AI platform Tines,…

MintsLoader Drops GhostWeaver via Phishing, ClickFix
02
May
2025

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

May 02, 2025Ravie LakshmananMalware / Threat Intelligence The malware loader known as MintsLoader has been used to deliver a PowerShell-based…

Microsoft Makes Passkeys Default for New Accounts
02
May
2025

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

May 02, 2025Ravie LakshmananPassword Security / Windows A year after Microsoft announced passkeys support for consumer accounts, the tech giant…