News

The Hacker News41m

Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution

Specifically, the attack chain first uses CVE-2025-31324 to sidestep authentication and upload the malicious payload to the ...
The Hacker News2h

U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback

U.K. drops January 2025 Apple backdoor mandate after U.S. civil liberties concerns, protecting encrypted iCloud data.
The Hacker News2h

Why Your Security Culture is Critical to Mitigating Cyber Risk

Nearly 60% of 2024 breaches involved human factors, showing weak security culture undermines advanced defenses ...
The Hacker News7h

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

PyPI unverified 1,800 emails since June 2025 to block expired-domain attacks, strengthening open-source supply chain security ...
The Hacker News18h

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

Noodlophile stealer targets enterprises via copyright phishing since 2024, using Gmail, Dropbox, and Telegram for evasion.
The Hacker News22h

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

PipeMagic is a plugin-based modular malware that uses a domain hosted on the Microsoft Azure cloud provider to stage the ...