News

The Hacker News11h

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has ...
The Hacker News12h

Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms

Apple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency ...
The Hacker News15h

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

HybridPetya ransomware exploits CVE-2024-7344 to bypass UEFI Secure Boot, encrypts NTFS MFT, and demands $1,000 Bitcoin ...
The Hacker News15h

Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting ...
The Hacker News19h

Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage

Runtime visibility dominates 2025 CNAPP strategies, cutting false positives and enabling faster AI-driven threat response.
The Hacker News22h

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to ...
The Hacker News1d

Google Pixel 10 Adds C2PA Support to Verify AI-Generated Media Authenticity

Google Pixel 10 integrates C2PA Content Credentials with offline cryptographic security, boosting media transparency and ...
The Hacker News1d

Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what ...
The Hacker News1d

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers

Rapid7, in its alert, said it has also observed threat actors accessing the Virtual Office Portal hosted by SonicWall ...
The Hacker News1d

Fake Madgicx Plus and SocialMetrics Extensions Are Hijacking Meta Business Accounts

The malvertising campaign, per Bitdefender, is designed to push fake " Meta Verified " browser extensions named SocialMetrics ...
The Hacker News1d

Cracking the Boardroom Code: Helping CISOs Speak the Language of Business

When CISOs build these skills, they move from talking about technical metrics to explaining risk in terms that link to ...
The Hacker News1d

AsyncRAT Exploits ConnectWise ScreenConnect to Steal Credentials and Crypto

AsyncRAT exploits ConnectWise ScreenConnect via fileless loader, stealing credentials and crypto data, maintaining ...