News

The Hacker News1h
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
The attack chains leverage spear-phishing lures as a starting point to activate the infection process and deploy a known ...
The Hacker News1h
AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web ...
The Hacker News3h
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
Discover findings from Pentera's 2025 State of Pentesting Report, including breach rates, alert fatigue, budget trends & the ...
The Hacker News4h
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed ...
The Hacker News5h
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
A new cryptojacking campaign dubbed RedisRaider is hijacking publicly exposed Redis servers by injecting cron jobs using ...
The Hacker News8h
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act ...
The Hacker News23h
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
Skitnet, also called Bossnet, is a multi-stage malware developed by a threat actor tracked by the company under the name ...
The Hacker News1d
Living Off the Land: What We Learned from 700,000 Security Incidents
While emerging risks like AI-generated malware capture headlines, the reality of today's threat landscape is more ...
The Hacker News1d
Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
Edouard Bochin and Tao Yan from Palo Alto Networks have been credited with finding and reporting CVE-2025-4918. The discovery ...
The Hacker News1d
Why CTEM is the Winning Bet for CISOs in 2025
CTEM adoption in 2025 improves risk visibility and enables 3x breach reduction by 2026 via real-time validation.
The Hacker News1d
Breach Fatalism is Over: Why Identity Threat Prevention Is the Future of Cybersecurity
ITP enforces real-time policies using identity and security signals, adding preventive protection between users and apps.
The Hacker News1d
Cover Your SaaS: Why SaaS Data Protection is the Foundation of Modern Business
Cloud-first and inherently scalable, SaaS-based platforms can deliver limitless elastic scalability that effortlessly matches ...