The Hacker News2h
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
CISA adds four exploited vulnerabilities to its KEV catalog, urging fixes by Feb 25, 2025, to counter active threats ...
The Hacker News3h
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
Crazy Evil, active since 2021, has stolen over $5M via crypto scams, malware like AMOS, and phishing, targeting both Windows ...
The Hacker News19h
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks
The popularity of DeepSeek has also led to it being targeted by "large-scale malicious attacks," with NSFOCUS revealing that ...
The Hacker News17h
AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
CVE-2024-56161 exposes AMD SEV-SNP to malicious microcode attacks, risking VM data integrity. Discovered by Google, rated ...
The Hacker News17h
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Malicious Go package exploits Module Mirror caching to grant remote access, evading detection since November 2021.
The Hacker News19h
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections
The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web ( MotW) protections and ...
The Hacker News20h
Watch Out For These 8 Cloud Security Shifts in 2025
Rising AI-driven threats, with 64% of firms boosting security budgets, redefine cloud security strategies in 2025.
The Hacker News19h
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
Contagious Interview, first uncovered in late 2023, is a persistent effort undertaken by the hacking crew to deliver malware ...
The Hacker News1d
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
Microsoft fixes CVE-2025-21415 (CVSS 9.9) and CVE-2025-21396 flaws, addressing privilege escalation risks in Azure AI Face ...
The Hacker News1d
Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform
Microsoft patched a critical SSRF flaw in Power Platform's SharePoint connector, risking credential theft and data breaches ...
The Hacker News1d
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Google’s February 2025 update patches 47 Android flaws, including CVE-2024-53104, exploited in the wild, and CVE-2024-45569 ...
The Hacker News1d
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Coyote Trojan targets Brazilian Windows users, compromising 1,030 sites and 73 financial agents with advanced multi-stage ...