PyPI malware termncolor and colorinal downloaded 884 times exploit DLL side-loading, persistence, and C2 communication.

Russian group Secret Blizzard bypassed MFA in 2025 embassy attacks via TLS root compromise, exposing MFA limits.

Deepfake CFO scam stole $25.6M via fake video calls, proving adversarial AI is redefining identity fraud risks.

The tools designed to accelerate innovation are degrading application security by embedding subtle yet serious vulnerabilities in software. Nearly half of the code snippets generated by five AI models ...

ERMAC was first documented by ThreatFabric in September 2021, detailing its ability to conduct overlay attacks against ...

EncryptHub exploits CVE-2025-26633 with social engineering and rogue MSC files, delivering Fickle Stealer malware.

The Hacker News Webinars Our webinars cover a wide range of cybersecurity topics, including cloud security, network security, incident response, compliance, and more. Each webinar is led by a ...

UAT-7237 exploits unpatched Taiwan servers using SoundBill, Cobalt Strike, and SoftEther VPN for persistent control.

U.S. sanctions Garantex, successor Grinex, after $100M illicit crypto flow fuels ransomware and sanctions evasion.

Because once an agent becomes adaptive and semi-autonomous, privacy isn't just about who has access to the data; it's about ...

The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation ...