News

The Hacker News12h
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
Several popular Chrome extensions send sensitive user data over unencrypted HTTP, exposing millions to interception and ...
The Hacker News23h
Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI
Cisco patches critical ISE flaw affecting AWS, Azure, OCI users—unauthenticated access could expose sensitive systems.
The Hacker News16h
Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation
It's this shift that makes the real difference. Security stops being the team that says "no" and starts being the team that ...
The Hacker News18h
DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of cryptocurrency funds and about 145 clearnet and ...
The Hacker News14h
Researchers Detail Bitter APT's Evolving Tactics as Its Geographic Scope Expands
New findings reveal Bitter, an Indian-aligned threat group targeting governments via spear-phishing and advanced malware ...
The Hacker News1d
Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era
Legacy DLP tools miss 70% of data leaks now happening in-browser across SaaS and AI apps. Learn why this matters.
The Hacker News1d
HPE Issues Security Patch for StoreOnce Bug Allowing Remote Authentication Bypass
Hewlett Packard Enterprise (HPE) has released security updates to address as many as eight vulnerabilities in its StoreOnce ...
The Hacker News1d
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App
A noteworthy aspect of UNC6040's activities involves the use of a modified version of Salesforce's Data Loader that victims ...
The Hacker News1d
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Acronis said that the Linux variants of the malware have since been detected in the wild, often in connection with ...
The Hacker News2d
Fake DocuSign, Gitcode Sites Spread NetSupport RAT via Multi-Stage PowerShell Attack
Fake Gitcode and DocuSign sites are tricking users into running PowerShell scripts that install NetSupport RAT.
The Hacker News2d
Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues
Google Chrome to Distrust Chunghwa and Netlock TLS Certificate Authorities Over Repeated Compliance Failures and Behavioral ...
The Hacker News2d
Microsoft and CrowdStrike Launch Shared Threat Actor Glossary to Cut Attribution Confusion
Microsoft and CrowdStrike map over 80 threat actors to reduce naming confusion and help analysts respond faster.