News

Breaking News

Entertainment

Movies & Series

Music

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

News

Entertainment

Science & Technology

Sport

Business & Money

Education & Personal Development

Life

Culture & Art

Hobbies

home
›
The Hacker News
›
Software

The Hacker News - Software

4 | Follower

The Hacker News

12.08.2025

⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More

Cyber threats are moving fast—one unpatched vulnerability could turn secure systems into costly breaches.

The Hacker News

12.08.2025

Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls

Erlang/OTP SSH flaw CVE-2025-32433 exploited since May 2025, targeting key industries via OT networks.

The Hacker News

12.08.2025

6 Lessons Learned: Focusing Security Where Business Value Lives

Refined exposure management cuts remediation by 96%, aligning security with business priorities for stronger, efficient protection.

The Hacker News

12.08.2025

New TETRA Radio Encryption Flaws Expose Law Enforcement Communications

New 2TETRA:2BURST flaws expose TETRA networks to injection, replay, and brute-force risks. Critical for public safety.

The Hacker News

11.08.2025

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

WinRAR 7.13 fixes CVE-2025-8088 zero-day exploited in attacks on Russian firms, linked to Paper Werewolf.

The Hacker News

11.08.2025

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers found ReVault flaws in Dell ControlVault3 affecting 100+ laptop models, risking login bypass and key theft.

The Hacker News

11.08.2025

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Microsoft patches CVE-2025-49760 Windows RPC flaw enabling spoofing, hash theft, and privilege escalation.

The Hacker News

11.08.2025

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

SafeBreach found four Windows DoS flaws via RPC and LDAP, enabling stealth DDoS botnets. Microsoft patched in 2025.

The Hacker News

10.08.2025

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

Researchers bypass GPT-5 guardrails using narrative jailbreaks, exposing AI agents to zero-click data theft risks.

The Hacker News

10.08.2025

Linux-Based Lenovo Webcams' Flaw Can Be Remotely Exploited for BadUSB Attacks

Lenovo webcam flaws let attackers deploy remote BadUSB exploits, risking keystroke injection and persistent malware.

The Hacker News

09.08.2025

Leaked Credentials Up 160%: What Attackers Are Doing With Them

Leaked credentials caused 22% of 2024 breaches, with a 160% rise in 2025, highlighting urgent detection needs.

The Hacker News

09.08.2025

CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials

Vault Fault and ReVault flaws in CyberArk, HashiCorp, and Dell expose systems to takeover risks.

The Hacker News

09.08.2025

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

AI-powered phishing mimics Brazilian agencies, stealing data and PIX payments; Efimer Trojan targets crypto wallets.

The Hacker News

09.08.2025

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

RubyGems and PyPI hit by credential-stealing packages targeting automation and crypto users, prompting new security rules.

The Hacker News

08.08.2025

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Cursor patched a critical RCE flaw in its AI code editor that exposed devs to silent attacks.

The Hacker News

08.08.2025

Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems

Trend Micro flaws let attackers run code remotely on Apex One systems; on-premise users must apply fixes now.

The Hacker News

08.08.2025

15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign

TikTok Shop users are targeted in a phishing and malware campaign using 15,000 fake sites. Data and crypto thefts surge.

The Hacker News

08.08.2025

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

SocGholish malware spreads via fake updates, impacting major threat actors through TDS systems and JavaScript loaders.

The Hacker News

08.08.2025

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

ECS agent on EC2 exposes IAM credentials to containers, risking cross-task access without proper isolation.

The Hacker News

08.08.2025

Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Google fixed 6 Android flaws, including 3 exploited Qualcomm bugs, raising spyware concerns. Users urged to update.

The Hacker News

08.08.2025

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

Microsoft warns of CVE-2025-53786 in Exchange Server risking cloud identity abuse; admins urged to patch.

The Hacker News

08.08.2025

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

CISA lists 3 D-Link flaws in KEV catalog; active exploits affect video devices. Agencies must act by Aug 26.

The Hacker News

08.08.2025

The Wild West of Shadow IT

Everyone's an IT decision-maker now. Here's how to keep your organization safe in the world of Shadow IT.

The Hacker News

08.08.2025

How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents

SOC teams using ANY.RUN report 3x faster response and 50% less workload by automating triage and enabling live threat analysis.

The Hacker News

08.08.2025

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

ClickFix malware replaced ClearFake in 2024, infecting users via fake CAPTCHAs and trusted platforms.

The Hacker News

08.08.2025

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

Akira ransomware exploits SonicWall SSL VPNs in July 2025, prompting zero-day probe and urgent mitigations.

The Hacker News

08.08.2025

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

Fake apps from VexTrio on Apple and Google stores mislead users, steal data, and charge hidden fees.

The Hacker News

08.08.2025

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

This week’s threats don’t shout — they blend in, borrow trust, and drain wallets.

The Hacker News

08.08.2025

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Attackers used 11 Go and 2 npm packages to spread malware across platforms, putting open-source developers at risk.

The Hacker News

08.08.2025

6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploits

Axis camera flaws allow remote code execution and access to 6,500 systems, risking surveillance takeovers.

The Hacker News

08.08.2025

Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

Microsoft unveils AI system Project Ire to automate malware detection, reducing analyst workload and boosting accuracy.

The Hacker News

08.08.2025

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

NVIDIA Triton bugs let remote attackers hijack AI servers—AI models and data at risk. Patch now.

The Hacker News

08.08.2025

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

Malicious PyPI packages, repo hijacks, and CVEs in Python containers put devs at risk. Learn how to stay secure.

The Hacker News

08.08.2025

GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions

GreedyBear used 150+ fake browser extensions to steal $1M in crypto, showing evolving cybercrime tactics.

The Hacker News

08.08.2025

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

New Android malware PlayPraetor infects 11,000+ devices, targeting banking users via fake Play Store links.

The Hacker News

08.08.2025

AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals

vCISO adoption surged 319% in one year as SMB demand and AI integration transform cybersecurity delivery.

The Hacker News

08.08.2025

CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures

Ukraine’s CERT-UA warns of UAC-0099 and Gamaredon phishing attacks using custom malware and social lures.

The Hacker News

08.08.2025

Man-in-the-Middle Attack Prevention Guide

MITM attacks silently steal data from users via spoofed networks and weak encryption. Learn how to stop them.

The Hacker News

08.08.2025

Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally

PXA Stealer infects 4,000+ IPs, stealing 200K passwords via Telegram, affecting users and firms globally.

The Hacker News

08.08.2025

AI Is Transforming Cybersecurity Adversarial Testing - Pentera Founder's Vision

AI transforms Pentera’s testing platform, enabling real-time, intent-driven validation for 1,200+ enterprises.

home›The Hacker News›Software

The Hacker News - Software

⚡ Weekly Recap: BadCam Attack, WinRAR 0-Day, EDR Killer, NVIDIA Flaws, Ransomware Attacks & More

Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls

6 Lessons Learned: Focusing Security Where Business Value Lives

New TETRA Radio Encryption Flaws Expose Law Enforcement Communications

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP

Researchers Uncover GPT-5 Jailbreak and Zero-Click AI Agent Attacks Exposing Cloud and IoT Systems

Linux-Based Lenovo Webcams' Flaw Can Be Remotely Exploited for BadUSB Attacks

Leaked Credentials Up 160%: What Attackers Are Doing With Them

CyberArk and HashiCorp Flaws Enable Remote Vault Takeover Without Credentials

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval

Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems

15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign

SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others

Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft

Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild

Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

The Wild West of Shadow IT

How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported

Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams

⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

6,500 Axis Servers Expose Remoting Protocol; 4,000 in U.S. Vulnerable to Exploits

Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools

NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers

Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need

GreedyBear Steals $1M in Crypto Using 150+ Malicious Firefox Wallet Extensions

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals

CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures

Man-in-the-Middle Attack Prevention Guide

Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally

AI Is Transforming Cybersecurity Adversarial Testing - Pentera Founder's Vision

home
›
The Hacker News
›
Software