News

The Hacker News4h
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
AWS patched an EC2 SSM Agent flaw on March 5, 2025, preventing privilege escalation via plugin ID path traversal.
The Hacker News3h
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an ...
The Hacker News5h
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure ...
The Hacker News13h
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google patched 62 flaws, including two actively exploited kernel bugs, closing exploit chains used in Android attacks.
The Hacker News11h
UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
CERT-UA identifies GIFTEDCROOK malware stealing browser data via phishing Excel files in attacks targeting Ukrainian ...
The Hacker News17h
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
Fast flux exploits DNS gaps to evade takedowns since 2007, enabling resilient malware and phishing operations.
The Hacker News13h
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More
This week, we trace how simple oversights turn into major breaches — and the silent threats most companies still ...