Hírek

The Hacker News1 n
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
State-backed hackers breached Southeast Asia telecoms using advanced tools—no data stolen, but stealth access achieved.
The Hacker News1 n
New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...
The Hacker News1 n
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
Akira ransomware exploits SonicWall SSL VPNs, hitting patched devices. Organizations face risks from possible zero-day flaw.
The Hacker News2 n
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
The solution lies in fundamentally reimagining security data architecture around what AI models actually need to perform ...
The Hacker News1 n
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The activity has been attributed to Storm-2603, which, according to Microsoft, is a suspected China-based threat actor that ...
The Hacker News2 n
Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts
The ongoing campaign, first detected in early 2025, is designed to use the OAuth applications as a gateway to obtain ...
The Hacker News2 n
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.
The Hacker News3 n
AI-Driven Trends in Endpoint Security: What the 2025 Gartner® Magic Quadrant™ Reveals
SentinelOne boosts enterprise cyber defense with AI-powered endpoint security, cutting response time and risk across ...
The Hacker News2 n
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
In the npm ecosystem, postinstall scripts are often overlooked attack vectors—they run automatically after a package is ...
The Hacker News4 n
Product Walkthrough: A Look Inside Pillar's AI Security Platform
Pillar Security unveils full-lifecycle AI platform securing assets from design to runtime—critical for safe AI deployment.
The Hacker News6 n
⚡ Weekly Recap — SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Vendetect - It is an open-source tool designed to detect copied or vendored code across repositories — even when the code has ...
The Hacker News3 n
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Threat actors abuse Proofpoint and Intermedia link wrapping to deliver phishing emails and steal Microsoft 365 credentials.