The Hacker News1h
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
Identity-based attacks are rising, but ITDR helps detect threats, prioritize risks, and stop breaches before they happen.
The Hacker News5h
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update ...
The Hacker News22h
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
CVE-2024-54085 in AMI MegaRAC BMC allows remote control, malware deployment, and server damage; patches released March 11, ...
The Hacker News8h
Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security
Google Cloud acquires Wiz for $32B in its biggest-ever deal, strengthening multicloud security and expanding AI-driven ...
The Hacker News19h
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
Microsoft’s unpatched Windows flaw (ZDI-CAN-25373) has been exploited by 11 state-backed groups since 2017, enabling ...
The Hacker News20h
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads
Android apps with 60M+ downloads ran full-screen ads, stole credentials, and bypassed security in a large-scale ad fraud and ...
The Hacker News19h
New 'Rules File Backdoor' Attack Lets Hackers Inject Malicious Code via AI Code Editors
Hackers can exploit AI code editors like GitHub Copilot to inject malicious code using hidden rule file manipulations, posing ...
The Hacker News22h
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
MirrorFace targets an EU diplomatic group using ANEL and AsyncRAT, marking a shift in its cyber espionage tactics beyond ...
The Hacker News1d
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
Microsoft warns of StilachiRAT, a stealthy remote access trojan that steals credentials, crypto wallets, and system data ...
The Hacker News1d
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
Apache Tomcat flaw CVE-2025-24813 is under active exploitation, enabling remote code execution via PUT requests.
The Hacker News1d
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
Unpatched Edimax IC-7100 flaw (CVE-2025-1316) exploited for Mirai botnet malware since May 2024, enabling DDoS attacks via ...
The Hacker News1d
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories
GitHub Action tj-actions/changed-files was compromised, leaking CI/CD secrets. Users must update immediately to prevent ...