The Hacker News4h
DeepSeek App Transmits Sensitive User and Device Data Without Encryption
DeepSeek’s iOS app sends unencrypted data, risking cyber threats via weak encryption, ATS bypass, and ByteDance-linked ...
The Hacker News7h
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Microsoft warns of 3,000+ publicly disclosed ASP.NET machine keys that enable ViewState code injection attacks, leading to ...
The Hacker News6h
CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
CISA warns of active attacks exploiting Trimble Cityworks CVE-2025-0994 (CVSS 8.6). Hackers deploy Rust-based malware, Cobalt ...
The Hacker News14h
Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware
Threat actors exploit SimpleHelp RMM flaws (CVE-2024-57726-28) for persistent network access, deploying Sliver and Cloudflare ...
The Hacker News8h
India's RBI Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud
RBI launches "bank.in" and "fin.in" domains to prevent digital fraud, with AFA enhancing online transaction security.
The Hacker News8h
AI-Powered Social Engineering: Reinvented Threats
AI-powered phishing and deepfake scams are accelerating cybercrime, cutting costs by 95% while increasing success rates.
The Hacker News1d
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
Cisco has patched two critical ISE vulnerabilities (CVEs 2025-20124, 2025-20125) allowing remote command execution and ...
The Hacker News1d
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware extortion fell to $813.5M in 2024 from $1.25B in 2023, despite a 15% attack surge, with law enforcement disrupting ...
The Hacker News1d
The Evolving Role of PAM in Cybersecurity Leadership Agendas for 2025
PAM market to reach $42.96B by 2037. Learn how PAM boosts security, compliance, and efficiency amid evolving cyber threats.
The Hacker News2d
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
"A vulnerability within the Veeam Updater component that allows an attacker to utilize a Man-in-the-Middle attack to execute ...
The Hacker News2d
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
CISA adds four exploited vulnerabilities to its KEV catalog, urging fixes by Feb 25, 2025, to counter active threats ...
The Hacker News1d
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
Kimsuky, a North Korean APT, uses LNK files and forceCopy malware to steal browser-stored credentials via phishing attacks, ...