[email protected] (The Hacker News)

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Dec 03, 2025Ravie LakshmananVulnerability / Endpoint Security Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company’s November 2025 Patch Tuesday updates, according…

WordPress King Addons Flaw Under Active Attack Lets Hackers Make Admin Accounts

Dec 03, 2025Ravie LakshmananVulnerability / Website Security A critical security flaw impacting a WordPress plugin known as King Addons for Elementor has come under active exploitation in the wild. The vulnerability, CVE-2025-8489 (CVSS score: 9.8),…

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to propagate via WhatsApp a worm that…

Turning Disruptive Technology into a Strategic Advantage

Most people know the story of Paul Bunyan. A giant lumberjack, a trusted axe, and a challenge from a machine that promised to outpace him. Paul doubled down on his old way of working, swung…

Researchers Capture Lazarus APT’s Remote-Worker Scheme Live on Camera

Dec 02, 2025The Hacker NewsIdentity Theft / Threat Intelligence A joint investigation led by Mauro Eldritch, founder of BCA LTD, conducted together with threat-intel initiative NorthScan and ANY.RUN, a solution for interactive malware analysis and…

Iran-Linked Hackers Hits Israeli Sectors with New MuddyViper Backdoor in Targeted Attacks

Israeli entities spanning academia, engineering, local government, manufacturing, technology, transportation, and utilities sectors have emerged as the target of a new set of attacks undertaken by Iranian nation-state actors that have delivered a previously undocumented…

SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities

Vulnerability management is a core component of every cybersecurity strategy. However, businesses often use thousands of software without realising it (when was the last time you checked?), and keeping track of all the vulnerability alerts,…

Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild

Dec 02, 2025Ravie LakshmananMobile Security / Vulnerability Google on Monday released monthly security updates for the Android operating system, including two vulnerabilities that it said have been exploited in the wild. The patch addresses a…

India Orders Phone Makers to Pre-Install Sanchar Saathi App to Tackle Telecom Fraud

Dec 01, 2025Ravie LakshmananSurveillance / National Security India’s telecommunications ministry has reportedly asked major mobile device manufacturers to preload a government-backed cybersecurity app named Sanchar Saathi on all new phones within 90 days. According to…

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time. Five of these extensions started off as legitimate programs before malicious…

« Previous
1
2
3
4
…
331
Next »