The Hacker News39 分钟
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Hackers exploit PHP flaw (CVE-2024-4577) to deploy Quasar RAT and XMRig miners, with Taiwan hit hardest. Update PHP now to ...
The Hacker News2 小时
Leaked Black Basta Chats Suggest Russian Officials Aided Leader's Escape from Armenia
Leaked Black Basta chats reveal Russian aid in leader’s escape, AI-assisted fraud, and BRUTED credential attacks on firewalls ...
The Hacker News6 小时
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
Identity-based attacks are rising, but ITDR helps detect threats, prioritize risks, and stop breaches before they happen.
The Hacker News9 小时
CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise
CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update ...
The Hacker News23 小时
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
Microsoft’s unpatched Windows flaw (ZDI-CAN-25373) has been exploited by 11 state-backed groups since 2017, enabling ...
The Hacker News12 小时
Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security
Google Cloud acquires Wiz for $32B in its biggest-ever deal, strengthening multicloud security and expanding AI-driven ...
The Hacker News22 小时
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets.
The Hacker News1 天
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
CVE-2024-54085 in AMI MegaRAC BMC allows remote control, malware deployment, and server damage; patches released March 11, ...
The Hacker News1 天
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
Unpatched Edimax IC-7100 flaw (CVE-2025-1316) exploited for Mirai botnet malware since May 2024, enabling DDoS attacks via ...
The Hacker News1 天
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads
Android apps with 60M+ downloads ran full-screen ads, stole credentials, and bypassed security in a large-scale ad fraud and ...
The Hacker News2 天
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
Critical router breaches, stealthy PyPI malware, powerful new ransomware decryptors—this week's top cyber threats decoded ...
The Hacker News1 天
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
Microsoft warns of StilachiRAT, a stealthy remote access trojan that steals credentials, crypto wallets, and system data ...