How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year?
Dec 08, 2025The Hacker NewsCybersecurity / Password Security The holiday season compresses risk into a short, high-stakes window. Systems run...
Dec
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
Dec 08, 2025Ravie LakshmananNetwork Security / Vulnerability The Iranian hacking group known as MuddyWater has been observed leveraging a new...
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated...
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a...
Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails
Dec 05, 2025Ravie LakshmananEmail Security / Threat Research A new agentic browser attack targeting Perplexity's Comet browser that's capable of...
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch
Dec 05, 2025Ravie LakshmananApplication Security / Vulnerability A critical security flaw has been disclosed in Apache Tika that could result...
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing the newly...
JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
Dec 05, 2025Ravie LakshmananVulnerability / Network Security A command injection vulnerability in Array Networks AG Series secure access gateways has...
ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories
Dec 04, 2025Ravie LakshmananCybersecurity / Hacking News Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial...
Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts
Dec 04, 2025Ravie LakshmananDDoS Attacks / Network Security Cloudflare on Wednesday said it detected and mitigated the largest ever distributed...
Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution
Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has been disclosed in React Server Components (RSC) that,...
Discover the AI Tools Fueling the Next Cybercrime Wave — Watch the Webinar
Dec 03, 2025The Hacker NewsCybercrime / Artificial Intelligence Remember when phishing emails were easy to spot? Bad grammar, weird formatting,...
Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code
Dec 03, 2025Ravie LakshmananMachine Learning / Vulnerability Three critical security flaws have been disclosed in an open-source utility called Picklescan...
Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems
Dec 03, 2025Ravie LakshmananMalware / Web3 Security Cybersecurity researchers have discovered a malicious Rust package that's capable of targeting Windows,...
India Orders Messaging Apps to Work Only With Active SIM Cards to Prevent Fraud and Misuse
Dec 02, 2025Ravie LakshmananRegulatory Compliance / Online Safety India's Department of Telecommunications (DoT) has issued directions to app-based communication service...
