News

The Hacker News4h
WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
Another notable component of these attacks is the compromise of WordPress websites to inject malicious code that's ...
The Hacker News7h
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes | Read more hacking news on The Hacker News ...
The Hacker News15h
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
ConnectWise rotates ScreenConnect certificates by June 13 after config data concerns, impacting on-prem users to prevent ...
The Hacker News17h
Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Black Basta affiliates use Teams phishing, Python scripts, and cURL to attack finance, insurance, and construction sectors.
The Hacker News15h
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
A new ATO campaign using TeamFiltration breached 80,000+ Microsoft Entra ID accounts via password spraying, impacting ...
The Hacker News11h
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Critical zero-click AI vulnerability EchoLeak exposed sensitive Microsoft 365 Copilot data; Microsoft patched it to prevent data leaks.
The Hacker News1d
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
Microsoft patches 67 vulnerabilities, including a WEBDAV zero-day actively exploited by Stealth Falcon. Critical for ...
The Hacker News1d
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
INTERPOL and 26 countries dismantled 20,000+ malicious IPs tied to info-stealing malware, disrupting global cybercrime ...
The Hacker News1d
SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
SinoTrack GPS flaws let attackers remotely control vehicles and track locations, affecting all platform versions. Change ...
The Hacker News1d
FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware
FIN6 uses fake resumes hosted on AWS to deliver More_eggs malware, targeting recruiters to steal credentials and card data ...
The Hacker News2d
Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud
Salesforce Industry Cloud has 20+ config risks exposing sensitive data; customers must fix most issues to avoid compliance ...
The Hacker News1d
295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
To that end, 295 unique IP addresses have been found to be engaged in brute-force attempts against Tomcat Manager on that ...