News

The Hacker News13h

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Phishing emails with RAR archives exploit Linux filename injection to deliver VShell backdoor, bypassing antivirus defenses ...
The Hacker News17h

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

Murky Panda exploited Citrix CVE-2023-3519 and Commvault CVE-2025-3928 to deploy CloudedHope malware, enabling covert ...
The Hacker News17h

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

INTERPOL’s Operation Serengeti 2.0 Arrests 1,209 Cybercriminals in Africa, Recovers $97.4M, Dismantles 11,432 Infrastructures ...
The Hacker News22h

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

"The 'kill switch' code – which Lu named 'IsDLEnabledinAD,' abbreviating 'Is Davis Lu enabled in Active Directory' — was ...
The Hacker News18h

Automation Is Redefining Pentest Delivery

Automated pentest delivery replaces static PDFs with real-time workflows, cutting remediation delays and reducing MTTR.
The Hacker News1d

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Commvault patched four flaws before 11.36.60, including CVE-2025-57790 (8.7 CVSS), preventing remote code execution.
The Hacker News2d

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft | Read more hacking news on ...
The Hacker News1d

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

ClickFix attacks deliver CORNFLAKE.V3 backdoor via fake CAPTCHAs, enabling multi-payload delivery and persistence since Sept ...
The Hacker News1d

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.
The Hacker News1d

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via ...
The Hacker News2d

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Russian hackers exploit Cisco CVE-2018-0171 since 2022, breaching global networks and targeting U.S. infrastructure.
The Hacker News3d

Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution

Specifically, the attack chain first uses CVE-2025-31324 to sidestep authentication and upload the malicious payload to the ...