The Hacker News11 小时
2025 State of SaaS Backup and Recovery Report
This article shares critical findings from the 2025 State of SaaS Backup and Recovery Report, which gathered data from over 3 ...
The Hacker News17 小时
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Critical SonicWall zero-day (CVE-2025-23006) in SMA 1000 appliances fixed. Rated 9.8 CVSS; patch now to prevent active ...
The Hacker News17 小时
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the ...
The Hacker News9 小时
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, ...
The Hacker News10 小时
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
The action targets Jin Sung-Il (진성일), Pak Jin-Song (박진성), Pedro Ernesto Alonso De Los Reyes, Erick Ntekereze Prince, and ...
The Hacker News15 小时
Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations
Google's Identity Check locks sensitive Android settings behind biometrics, enhancing security outside trusted locations.
The Hacker News17 小时
Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
New Murdoc_Botnet exploits CVE-2024-7029 and CVE-2017-17215 to infect 1,370+ devices, targeting IoT vulnerabilities for ...
The Hacker News17 小时
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
PlushDaemon APT targets South Korean VPN with SlowStepper backdoor. Multistage DNS C&C protocol aids espionage.
The Hacker News10 小时
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits
Seven vulnerabilities, including BootHole and PixieFail, in Palo Alto firewalls risk Secure Boot integrity and enable sophisticated attacks.
The Hacker News1 天
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...
The Hacker News1 天
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
DHS terminates advisory committees, including CSRB, halting investigations into Chinese cyberattacks and AI safety.
The Hacker News1 天
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware
Google identifies TRIPLESTRENGTH targeting cloud platforms like AWS and Azure for cryptojacking and ransomware.