The Hacker News6h
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Palo Alto Networks patches severe Expedition vulnerabilities, including SQL injection (CVE-2025-0103, CVSS 7.8), exposing ...
The Hacker News6h
Product Walkthrough: How Reco Discovers Shadow AI in SaaS
Reco uncovers shadow AI in SaaS, tackling risks like excessive permissions and data leaks. Real-time security detection ...
The Hacker News16h
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti's CVE-2025-0282 flaw, exploited by China-linked actors, enables remote code execution. CISA demands urgent patching by ...
The Hacker News10h
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
In July 2023, the E.U. adopted a new personal data transfer mechanism with the U.S. called the E.U.-U.S. Data Privacy ...
The Hacker News10h
MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan
MirrorFace, an APT10 subgroup, targets Japan's security with spear-phishing, sandbox evasion, and ANEL malware.
The Hacker News19h
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
Neglected domains fuel malspam with spoofed emails, bypassing security checks and exploiting low-cost domains.
The Hacker News13h
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
CVE-2024-52875, a critical RCE flaw in GFI KerioControl firewalls, allows HTTP response splitting and exploits over 23,800 ...
The Hacker News10h
New Banshee Stealer Variant Bypasses Antivirus with Apple's XProtect-Inspired Encryption
Banshee Stealer, a $3,000/month macOS malware, resurfaces with XProtect encryption, targeting 100M users via phishing ...
The Hacker News17h
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
CISA lists critical flaws in Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic (CVE-2020-2883).
The Hacker News1d
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
Mirai botnet variant exploits CVE-2024-12856 in Four-Faith routers, enabling 100 Gbps DDoS attacks across five nations.
The Hacker News1d
Top 5 Malware Threats to Prepare Against in 2025
Lumma, XWorm, and LockBit posed serious threats in 2024. Learn how ANY.RUN’s sandbox detects malware tactics, including ...
The Hacker News1d
FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance
"IoT products can be susceptible to a range of security vulnerabilities," the U.S. Federal Communications Commission (FCC) ...