News

The Hacker News4h
ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
ClickFix is the name given to a social engineering tactic where prospective targets are deceived into infecting their own ...
The Hacker News7h
Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild
Google fixed 6 Android flaws, including 3 exploited Qualcomm bugs, raising spyware concerns. Users urged to update.
The Hacker News13h
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
TikTok Shop users are targeted in a phishing and malware campaign using 15,000 fake sites. Data and crypto thefts surge.
The Hacker News10h
Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
Most SaaS incidents come from misconfigurations or permission issues, not attacks—putting users at unseen risk.
The Hacker News16h
SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported
Huntress said it detected around 20 different attacks tied to the latest attack wave starting on July 25, 2025, with ...
The Hacker News8h
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval
The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to ...
The Hacker News1d
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected ...
The Hacker News1d
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers
NVIDIA's August bulletin for Triton Inference Server also highlights fixes for three critical bugs (CVE-2025-23310, ...
The Hacker News1d
Why SaaS AI Governance Should Be on Every CISO's Agenda
Regularly scan for any new AI services or features popping up in your SaaS environment, and evaluate any updates to vendors' ...
The Hacker News1d
Man-in-the-Middle Attack Prevention Guide
mDNS and DNS spoofing are common tactics that trick devices into trusting malicious sources. Attackers exploit mDNS on local ...
The Hacker News3d
New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...
The Hacker News6d
Hackers Use Facebook Ads to Spread JSCEAL Malware via Fake Cryptocurrency Trading Apps
Cybersecurity researchers are calling attention to an ongoing campaign that distributes fake cryptocurrency trading apps to ...