The Hacker News8h
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.
The Hacker News8h
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
U.S. and Dutch agencies dismantled 39 domains tied to $3M BEC fraud schemes run by Saim Raza since 2020 in Operation Heart ...
The Hacker News11h
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists
Meta-owned WhatsApp disrupted a zero-click spyware campaign by Paragon Solutions, targeting 90 journalists and activists.
The Hacker News10h
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
Malvertising targets Microsoft advertisers via fake Google ads, stealing credentials with phishing pages mimicking ...
The Hacker News1d
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
Unpatched vulnerabilities in Contec CMS8000 patient monitors expose devices to remote access, file overwrites, and data leaks ...
The Hacker News1d
Top 5 AI-Powered Social Engineering Attacks
AI-powered social engineering is on the rise, from deepfake election interference to multimillion-dollar scams.
The Hacker News1d
Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft
Broadcom patches five VMware Aria Operations flaws, including CVE-2025-22218 (CVSS 8.5), preventing credential leaks and ...
The Hacker News1d
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Italy's data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek's service within the country, ...
The Hacker News1d
Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown
Europol and seven nations seize Cracked, Nulled, Sellix, StarkRDP, disrupting cybercrime and malware networks.
The Hacker News1d
Lightning AI Studio Vulnerability Could've Allowed RCE via Hidden URL Parameter
Severe Lightning AI flaw (CVSS 9.4) enabled remote root execution via hidden URL parameter—patched post-October 2024 ...
The Hacker News2d
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
Aquabot botnet exploits CVE-2024-41710 in Mitel phones, using a public PoC to deploy DDoS malware since January 2025.
The Hacker News1d
Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Google blocked 2.36M harmful Android apps in 2024, banned 158K developers, and secured 10M devices from 36M risky installs to ...