The Hacker News18h
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
Cisco has patched two critical ISE vulnerabilities (CVEs 2025-20124, 2025-20125) allowing remote command execution and ...
The Hacker News14h
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware extortion fell to $813.5M in 2024 from $1.25B in 2023, despite a 15% attack surge, with law enforcement disrupting ...
The Hacker News17h
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025
PAM market to reach $42.96B by 2037. Learn how PAM boosts security, compliance, and efficiency amid evolving cyber threats.
The Hacker News17h
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
Kimsuky, a North Korean APT, uses LNK files and forceCopy malware to steal browser-stored credentials via phishing attacks, ...
The Hacker News14h
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
Fake Chrome sites spread ValleyRAT via DLL hijacking, targeting finance and sales with keylogging and remote execution.
The Hacker News16h
Top 3 Ransomware Threats Active in 2025
LockBit, Lynx, and Virlock dominate 2025 ransomware threats, targeting businesses with double extortion, data breaches, and ...
The Hacker News17h
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
SparkCat malware infects 242,000 Android devices, using OCR to steal crypto wallet phrases, marking the first iOS stealer on Apple’s App Store.
The Hacker News1d
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
Hackers deliver AsyncRAT using Dropbox URLs and TryCloudflare tunnels, exploiting legitimate services to bypass security ...
The Hacker News1d
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute ...
The Hacker News1d
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
Seqrite Labs said it observed some level of tactical overlaps between the threat actor and YoroTrooper (aka SturgeonPhisher), ...
The Hacker News1d
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections
The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web ( MotW) protections and ...
The Hacker News1d
Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform
Microsoft patched a critical SSRF flaw in Power Platform's SharePoint connector, risking credential theft and data breaches ...