CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures
Aug 06, 2025Ravie LakshmananCyber Espionage / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat…
Category: TheHackerNews
http://thehackernews.com/2025/08/cert-ua-warns-of-hta-delivered-c.html
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the…
CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence
Aug 06, 2025Ravie LakshmananVulnerability / Firmware Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link Wi-Fi…
AI Is Transforming Cybersecurity Adversarial Testing
When Technology Resets the Playing Field In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only…
ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
Aug 05, 2025Ravie LakshmananSocial Engineering / Malware A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix…
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval
Aug 05, 2025Ravie LakshmananAI Security / MCP Protocol Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that…
Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild
Aug 05, 2025Ravie LakshmananVulnerability / Mobile Security Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs…
The Costly Confusion Behind Security Risks
In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real…
How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents
Why do SOC teams still drown in alerts even after spending big on security tools? False positives pile up, stealthy threats slip through, and critical…
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
Aug 05, 2025Ravie LakshmananMalware / Mobile Security Cybersecurity researchers have lifted the veil on a widespread malicious campaign that’s targeting TikTok Shop users globally with…
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
Aug 05, 2025Ravie LakshmananZero-Day / Network Security SonicWall said it’s actively investigating reports to determine if there is a new zero-day vulnerability following reports of…
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers
Aug 04, 2025Ravie LakshmananAI Security / Vulnerability A newly disclosed set of security flaws in NVIDIA’s Triton Inference Server for Windows and Linux, an open-source…