News

The Hacker News5h

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose ...
The Hacker News21h

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Phishing emails with RAR archives exploit Linux filename injection to deliver VShell backdoor, bypassing antivirus defenses ...
The Hacker News1d

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

Murky Panda exploited Citrix CVE-2023-3519 and Commvault CVE-2025-3928 to deploy CloudedHope malware, enabling covert ...
The Hacker News1d

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

INTERPOL’s Operation Serengeti 2.0 Arrests 1,209 Cybercriminals in Africa, Recovers $97.4M, Dismantles 11,432 Infrastructures ...
The Hacker News1d

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

"The 'kill switch' code – which Lu named 'IsDLEnabledinAD,' abbreviating 'Is Davis Lu enabled in Active Directory' — was ...
The Hacker News2d

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.
The Hacker News2d

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in ...
The Hacker News1d

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Commvault patched four flaws before 11.36.60, including CVE-2025-57790 (8.7 CVSS), preventing remote code execution.
The Hacker News1d

Automation Is Redefining Pentest Delivery

Automated pentest delivery replaces static PDFs with real-time workflows, cutting remediation delays and reducing MTTR.
The Hacker News2d

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative ...
The Hacker News2d

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft | Read more hacking news on ...
The Hacker News3d

DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks

Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) ...