The Hacker News

Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets

CISA adds five exploited vulnerabilities, including Oracle, Microsoft, Kentico, and Apple flaws, requiring fixes by Nov 10, ...
The Hacker News

⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More

F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More | Read more hacking news on The Hacker News cybersecurity ...
The Hacker News

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign

DBX Tecnologia, per Socket, advertises a reseller white-label program to allow prospective partners to rebrand and sell its ...
The Hacker News

Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches

ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web ...
The Hacker News

MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems

The Ministry of State Security (MSS), in a WeChat post, said it uncovered "irrefutable evidence" of the agency's involvement ...
The Hacker News

What Happens to MSSPs and MDRs in the Age of the AI-SOC?

MSSPs and MDRs provided 24/7 monitoring, experienced analysts, and predictable coverage. They gave companies without an ...
The Hacker News

Modern Browser Attacks: Why Perimeter Tools Are No Longer Enough

The shift from being an ancillary tool to becoming the main location of work means legacy security solutions, such as ...
The Hacker News

New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs

The LNK file, which has the same name as the ZIP archive (i.e., "Перерасчет заработной платы 01.10.2025"), is responsible for ...
The Hacker News

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

According to Europol, the criminal network has been attributed to more than 1,700 individual cyber fraud cases in Austria and ...
The Hacker News

Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign

Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla ...
The Hacker News

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft’s October 2025 Patch Tuesday fixes 183 flaws, including three exploited zero-days and two 9.9 CVSS bugs.
The Hacker News

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

The commands supported by LinkPro include executing /bin/bash in a pseudo-terminal, running a shell command, enumerating ...