News

The Hacker News7h
Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches
Third-party breaches doubled to 30% in 2025 + ungoverned machine accounts fueled major attacks + unified identity strategy is ...
The Hacker News7h
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) ...
The Hacker News11h
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
Microsoft warns default Helm charts expose Kubernetes apps by prioritizing ease over security, risking data leaks.
The Hacker News15h
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability ...
The Hacker News13h
Entra ID Data Protection: Essential or Overkill?
Human Error Happens: Misconfigurations, accidental deletions, or improper access changes can disrupt critical identity ...
The Hacker News18h
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited ...
The Hacker News19h
Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data
Golden Chickens launch TerraStealerV2 and TerraLogger; both still developing but actively steal data via OCX payloads.
The Hacker News15h
U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems
Leonidas Varagiannis (aka War), 21, and Prasan Nepal (aka Trippy), 20, the two alleged leaders of a child extortion group 764 ...
The Hacker News1d
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed
It's currently not known in what context the vulnerability is being exploited, but the development makes it the second ...
The Hacker News1d
⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors
Nation-state intrusions. Deepfake-ready malware. AI-powered influence ops. New CVEs, old threats reborn, and spyware with ...
The Hacker News1d
Dissecting the 2025 Microsoft Vulnerabilities Report: Key Trends and Insights
Microsoft disclosed a record 1,360 vulnerabilities in 2024 + Critical bugs dropped to 78 + Risks shift toward EoP, cloud, and ...
The Hacker News1d
Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace
Stolen credentials remain the top attack vector + Google’s MFA and access controls reduce breach risk + Identity is now the ...