The Hacker News

India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse

India now requires messaging apps to stay tied to active KYC SIMs and enforce six-hour logouts to curb scams and cross-border ...
The Hacker News

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Malicious npm package mimics an ESLint plugin, embeds an AI-tricking prompt, and steals environment variables via a ...
The Hacker News

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild | Read more hacking news on The Hacker ...
The Hacker News

Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks

MuddyWater is targeting multiple Israeli sectors using its new MuddyViper backdoor, advanced loaders, and credential-stealing tools.
The Hacker News

SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities

SecAlerts delivers instant, noise-free vulnerability intelligence matched to your software for faster, safer remediation.
The Hacker News

India Orders Phone Makers to Pre-Install Government App to Tackle Telecom Fraud

India mandates undeletable Sanchar Saathi on new phones to curb fraud, spoofed IMEIs, and illegal telecom activity.
The Hacker News

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

Albiriox is a new Android MaaS threat that enables full on-device fraud and remote control while targeting 400+ financial ...
The Hacker News

Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams

Agentic AI browsers create privileged, invisible attack surfaces; LayerX webinar explains risks, prompt injection, and ...
The Hacker News

Shadow AI in the Browser: The Next Enterprise Blind Spot

Shadow AI inside browsers creates major risks—from data exposure to cross-domain attacks—by operating outside enterprise ...
The Hacker News

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities ( KEV) ...
The Hacker News

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

ShadyPanda abused browser extensions for seven years, turning 4.3M installs into a multi-phase surveillance and hijacking ...
The Hacker News

Beyond Point-in-Time: The ROI Case for Continuous Pentesting

Continuous penetration testing replaces outdated point-in-time audits with real-time validation, shorter remediation cycles, ...