The Hacker News

CometJacking: One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief

A single malicious URL can hijack Comet AI browser, exfiltrating emails, calendar, and user memory via encoded payloads.
The Hacker News

Scanning Activity on Palo Alto Networks Portals Jump 500% in One Day

The company said it observed a nearly 500% increase in IP addresses scanning Palo Alto Networks login portals on October 3, ...
The Hacker News

Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads

Rhadamanthys MaaS stealer (v0.9.2) expands fingerprinting, PNG steganography, and tiered pricing from $299–$499/month.
The Hacker News

Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer

Infoblox's analysis has revealed that at least 69% of the confirmed StarFish staging hosts were under the control of Detour ...
The Hacker News

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting ...
The Hacker News

Researchers Warn of Self-Spreading WhatsApp Malware Named SORVEPOTEL

WhatsApp malware SORVEPOTEL infects 477 systems in Brazil, spreading via phishing ZIP files and spamming contacts.
The Hacker News

New "Cavalry Werewolf" Attack Hits Russian Agencies with FoalShell and StallionRAT

Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It's also assessed to have ...
The Hacker News

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

The ProSpy campaign, discovered in June 2025, is believed to have been ongoing since 2024, leveraging deceptive websites ...
The Hacker News

Researchers Disclose Google Gemini AI Flaws Allowing Prompt Injection and Cloud Exploits

Cybersecurity researchers have disclosed three now-patched security vulnerabilities impacting Google's Gemini artificial ...
The Hacker News

Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security

Passwork 7 unifies password and secrets management with enhanced usability, granular access, and ISO 27001 compliance.
The Hacker News

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution (SIEM) as a ...
The Hacker News

New $50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

Battering RAM compromises Intel's Software Guard Extensions ( SGX) and AMD's Secure Encrypted Virtualization with Secure ...