[email protected] The Hacker News

When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

[email protected] The Hacker News September 1, 2025

As enterprises continue to shift their operations to the browser, security teams face a growing set of...

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

[email protected] The Hacker News September 1, 2025

Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft...

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

[email protected] The Hacker News August 30, 2025

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source...

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

[email protected] The Hacker News August 30, 2025

Aug 30, 2025Ravie LakshmananZero-Day / Vulnerability WhatsApp has addressed a security vulnerability in its messaging apps for...

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

[email protected] The Hacker News August 29, 2025

Aug 29, 2025Ravie LakshmananVulnerability / Web Security Three new security vulnerabilities have been disclosed in the Sitecore...

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

[email protected] The Hacker News August 29, 2025

Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it...

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

[email protected] The Hacker News August 29, 2025

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat...

Can Your Security Stack See ChatGPT? Why Network Visibility Matters

Can Your Security Stack See ChatGPT? Why Network Visibility Matters

[email protected] The Hacker News August 29, 2025

Aug 29, 2025The Hacker NewsEnterprise Security / Artificial Intelligence Generative AI platforms like ChatGPT, Gemini, Copilot, and...

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

[email protected] The Hacker News August 29, 2025

Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate,...

FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available

FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available

[email protected] The Hacker News August 29, 2025

Aug 29, 2025Ravie LakshmananZero-Day / Vulnerability The Sangoma FreePBX Security Team has issued an advisory warning about...