LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a…
Latest Cybersecurity News — Page 1762
View all →
Paragon spyware found on the phones of Euro journos
Researchers revealed Wednesday that they have confirmed Paragon spyware on an Apple product for the first time, on the phones of European journalists, amid an…
Microsoft Edge now offers secure password deployment for businesses
Microsoft announced that a new Edge feature allowing employees to share passwords more securely in enterprise environments has reached general availability. Known as secure password…
OneLogin AD Connector Vulnerabilities Exposes Authentication Credentials
A comprehensive security investigation has revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that exposed authentication credentials and enabled attackers to impersonate legitimate…
Command Injection Flaw in Palo Alto PAN-OS Allows Root-Level Code Execution
A newly disclosed command injection vulnerability (CVE-2025-4230) in Palo Alto Networks PAN-OS software enables authenticated administrators to bypass restrictions and execute arbitrary commands with root…
Identifying high-risk APIs across thousands of code repositories
In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy…
AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
Jun 12, 2025The Hacker NewsArtificial Intelligence / SaaS Security AI is changing everything — from how we code, to how we sell, to how we…
Apple encryption row: Does law enforcement need to use Technical Capability Notices?
How far are criminal investigations inhibited by the wide availability of end-to-end encryption (E2E)? The Home Office and UK law enforcement agencies think the problem…
AitM Phishing Attacks Targeting Microsoft 365 and Google to Steal Login Credentials
Organizations worldwide are facing an unprecedented surge in sophisticated phishing attacks that specifically target Microsoft 365 and Google accounts through an advanced technique known as…
Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions
Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web interface of its PAN-OS operating…
New ‘Zero-Click’ AI Flaw Found in Microsoft 365 Copilot, Exposing Data
Cybersecurity firm Aim Labs has uncovered a serious new security problem, named EchoLeak, affecting Microsoft 365 (M365) Copilot, a popular AI assistant. This flaw is…
How to Address the Expanding Security Risk
Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a very different world…