The Hacker News45m
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads
HellCat and Morpheus ransomware share identical code, relying on the Windows Cryptographic API for encryption.
The Hacker News4h
New Research: The State of Web Exposure 2025
New research by web exposure management specialist Reflectiz reveals several alarming findings about the high number of ...
The Hacker News4h
QakBot-Linked BC Malware Adds Enhanced Remote Access and Data Gathering Features
The BC malware has also been the subject of an independent analysis by Sophos, which attributed the artifacts to a threat ...
The Hacker News4h
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Critical SonicWall zero-day (CVE-2025-23006) in SMA 1000 appliances fixed. Rated 9.8 CVSS; patch now to prevent active ...
The Hacker News8h
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware
Google identifies TRIPLESTRENGTH targeting cloud platforms like AWS and Azure for cryptojacking and ransomware.
The Hacker News8h
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...
The Hacker News22h
PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
PlushDaemon APT targets South Korean VPN with SlowStepper backdoor. Multistage DNS C&C protocol aids espionage.
The Hacker News22h
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
DHS terminates advisory committees, including CSRB, halting investigations into Chinese cyberattacks and AI safety.
The Hacker News23h
Mirai Variant Murdoc Botnet Exploits AVTECH IP Cameras and Huawei Routers
New Murdoc_Botnet exploits CVE-2024-7029 and CVE-2017-17215 to infect 1,370+ devices, targeting IoT vulnerabilities for ...
The Hacker News1d
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
"Customers are strongly advised to apply the January 2025 Critical Patch Update for Oracle Agile PLM Framework as it includes ...
The Hacker News1d
Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet
Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of ...
The Hacker News1d
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
Discover security risks in your browsing and SaaS environment with a free assessment. Get metrics, insights, and ...