The Hacker News19h
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
North Korean hackers use fake job interviews on Upwork and GitHub to infect crypto developers with BeaverTail and ...
The Hacker News3h
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Salt Typhoon exploited CVE-2018-0171 and stolen credentials to infiltrate U.S. telecom networks, persisting undetected for over three years.
The Hacker News3h
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
CISA adds CVE-2025-23209 to its KEV list as Craft CMS faces active exploitation, urging agencies to patch by March 13, 2025.
The Hacker News1d
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
Citrix fixes CVE-2024-12284, a NetScaler Console flaw (CVSS 8.8) enabling privilege escalation. Urgent update required—no ...
The Hacker News1d
CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List
CISA warns of active exploitation of Palo Alto Networks and SonicWall vulnerabilities, requiring agencies to patch by March ...
The Hacker News1d
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
Microsoft patches two critical flaws in Bing and Power Pages, including CVE-2025-21355, an actively exploited RCE ...
The Hacker News1d
New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection
New Snake Keylogger variant evades detection using AutoIt, leading to 280M blocked attacks targeting Windows users across ...
The Hacker News2d
New FrigidStealer Malware Targets macOS Users via Fake Browser Updates
TA2726, per the enterprise security firm, acts as a TDS for TA2727 and another threat actor called TA569, which is ...
The Hacker News2d
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now
Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully ...
The Hacker News2d
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Hackers use trojanized game installers to spread the StaryDobry XMRig miner, hijacking gaming PCs with 8+ core CPUs.
The Hacker News2d
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
"An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow ...
The Hacker News1d
âš¡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More
It's time for a new security approach. Replace traditional security technology that exposes your attack surface and allows ...