
- Linux-Based Lenovo Webcams’ Flaw Can Be Remotely Exploited for BadUSB Attacksby info@thehackernews.com (The Hacker News) (The Hacker News) on August 9, 2025 at 7:00 pm
Cybersecurity researchers have disclosed vulnerabilities in select model webcams from Lenovo that could turn them into BadUSB attack devices. “This allows remote attackers to […]
- Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systemsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 9, 2025 at 3:06 pm
Cybersecurity researchers have uncovered a jailbreak technique to bypass ethical guardrails erected by OpenAI in its latest large language model (LLM) GPT-5 and produce illicit […]
- CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentialsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 9, 2025 at 5:15 am
Cybersecurity researchers have discovered over a dozen vulnerabilities in enterprise secure vaults from CyberArk and HashiCorp that, if successfully exploited, can allow remote […]
- AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victimsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 8, 2025 at 4:14 pm
Cybersecurity researchers are drawing attention to a new campaign that’s using legitimate generative artificial intelligence (AI)-powered website building tools like DeepSite AI […]
- Leaked Credentials Up 160%: What Attackers Are Doing With Themby info@thehackernews.com (The Hacker News) (The Hacker News) on August 8, 2025 at 11:00 am
When an organization’s credentials are leaked, the immediate consequences are rarely visible—but the long-term impact is far-reaching. Far from the cloak-and-dagger tactics […]
- RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changesby info@thehackernews.com (The Hacker News) (The Hacker News) on August 8, 2025 at 10:58 am
A fresh set of 60 malicious packages has been uncovered targeting the RubyGems ecosystem by posing as seemingly innocuous automation tools for social media, blogging, or messaging […]
- GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensionsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 8, 2025 at 7:16 am
A newly discovered campaign dubbed GreedyBear has leveraged over 150 malicious extensions to the Firefox marketplace that are designed to impersonate popular cryptocurrency […]
- SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Othersby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 6:26 pm
The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution Systems (TDSs) like Parrot TDS and Keitaro TDS to filter and redirect […]
- Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Needby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 3:33 pm
Python is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you […]
- Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipesby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 1:19 pm
Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows […]
- The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defenseby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 10:45 am
Now that we are well into 2025, cloud attacks are evolving faster than ever and artificial intelligence (AI) is both a weapon and a shield. As AI rapidly changes how enterprises […]
- Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setupsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 10:42 am
Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions of Exchange Server that could allow an attacker to gain elevated privileges […]
- 6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploitsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 10:40 am
Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis Communications that, if successfully exploited, could expose them to […]
- SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Dayby info@thehackernews.com (The Hacker News) (The Hacker News) on August 7, 2025 at 10:32 am
SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an older, now-patched bug and password reuse. […]
- Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theftby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 8:30 pm
Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct […]
- Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scamsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 8:00 pm
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts […]
- AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Revealsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 11:00 am
As the volume and sophistication of cyber threats and risks grow, cybersecurity has become mission-critical for businesses of all sizes. To address this shift, SMBs have been […]
- Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Toolsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 10:36 am
Microsoft on Tuesday announced an autonomous artificial intelligence (AI) agent that can analyze and classify software without assistance in an effort to advance malware detection […]
- Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systemsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 8:57 am
Trend Micro has released mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The […]
- CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Luresby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 7:25 am
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense […]
- AI Is Transforming Cybersecurity Adversarial Testing – Pentera Founder’s Visionby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 5:50 am
When Technology Resets the Playing Field In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only possible, but […]
- CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidenceby info@thehackernews.com (The Hacker News) (The Hacker News) on August 6, 2025 at 4:49 am
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link Wi-Fi cameras and video recorders to its Known […]
- ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infectionsby info@thehackernews.com (The Hacker News) (The Hacker News) on August 5, 2025 at 4:26 pm
A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the […]
- Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wildby info@thehackernews.com (The Hacker News) (The Hacker News) on August 5, 2025 at 1:59 pm
Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The […]
- Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approvalby info@thehackernews.com (The Hacker News) (The Hacker News) on August 5, 2025 at 1:01 pm
Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution. […]