The Hacker News4h
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
AWS patched an EC2 SSM Agent flaw on March 5, 2025, preventing privilege escalation via plugin ID path traversal.
The Hacker News3h
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an ...
The Hacker News5h
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure ...
The Hacker News13h
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google patched 62 flaws, including two actively exploited kernel bugs, closing exploit chains used in Android attacks.
The Hacker News11h
UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
CERT-UA identifies GIFTEDCROOK malware stealing browser data via phishing Excel files in attacks targeting Ukrainian ...
The Hacker News17h
CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks
Fast flux exploits DNS gaps to evade takedowns since 2007, enabling resilient malware and phishing operations.
The Hacker News13h
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More
This week, we trace how simple oversights turn into major breaches — and the silent threats most companies still ...
The Hacker News6d
The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page
The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
The Hacker News1d
PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks
PoisonSeed exploits CRM credentials to spread cryptocurrency seed phrase attacks, risking major wallet compromises.
The Hacker News2d
Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws
EncryptHub, also tracked under the monikers LARVA-208 and Water Gamayun, was spotlighted in mid-2024 as part of a campaign ...
The Hacker News1d
North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages
North Korean actors used 11 npm packages downloaded 5,600+ times to spread BeaverTail malware, expanding attacks to Bitbucket ...
The Hacker News1d
The New Frontier of Security Risk: AI-Generated Credentials
GitHub Copilot adoption rose 27% (2023–2024), causing a 40% spike in secret leaks, widening enterprise attack surfaces.