Dec 11, 2025The Hacker NewsAutomation / Compliance As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA…
Dec 11, 2025Ravie LakshmananCyberwarfare / Threat Intelligence An advanced persistent threat (APT) known as WIRTE has been attributed to attacks targeting government and diplomatic entities across the Middle East with a previously undocumented malware suite…
Dec 11, 2025Ravie LakshmananVulnerability / Cloud Security A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz.…
Dec 11, 2025Ravie LakshmananZero-Day / Vulnerability Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild. The vulnerability,…
Dec 11, 2025Ravie LakshmananVulnerability / Encryption Huntress is warning of a new actively exploited vulnerability in Gladinet’s CentreStack and Triofox products stemming from the use of hard-coded cryptographic keys that have affected nine organizations so…
React2Shell continues to witness heavy exploitation, with threat actors leveraging the maximum-severity security flaw in React Server Components (RSC) to deliver cryptocurrency miners and an array of previously undocumented malware families, according to new findings…
Dec 10, 2025Ravie LakshmananEnterprise Security / Web Services New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has codenamed…
Dec 10, 2025Ravie LakshmananHardware Security / Vulnerability Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE) protocol specification that could expose a local attacker to serious…
Dec 10, 2025Ravie LakshmananVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV) catalog,…
Dec 10, 2025The Hacker NewsCloud Security / Threat Detection Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code.…