News

The Hacker News2h
AI Is Transforming Cybersecurity Adversarial Testing - Pentera Founder's Vision
AI transforms Pentera’s testing platform, enabling real-time, intent-driven validation for 1,200+ enterprises.
The Hacker News1h
CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link ...
The Hacker News1h
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures
UAC-0099, first publicly documented by the agency in June 2023, has a history of targeting Ukrainian entities for espionage ...
The Hacker News15h
ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
ClickFix is the name given to a social engineering tactic where prospective targets are deceived into infecting their own ...
The Hacker News18h
Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild
Google fixed 6 Android flaws, including 3 exploited Qualcomm bugs, raising spyware concerns. Users urged to update.
The Hacker News19h
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval
The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to ...
The Hacker News21h
Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
Most SaaS incidents come from misconfigurations or permission issues, not attacks—putting users at unseen risk.
The Hacker News1d
15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign
TikTok Shop users are targeted in a phishing and malware campaign using 15,000 fake sites. Data and crypto thefts surge.
The Hacker News2d
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected ...
The Hacker News1d
NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers
NVIDIA's August bulletin for Triton Inference Server also highlights fixes for three critical bugs (CVE-2025-23310, ...
The Hacker News3d
New 'Plague' PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system ...
The Hacker News2d
Why SaaS AI Governance Should Be on Every CISO's Agenda
Regularly scan for any new AI services or features popping up in your SaaS environment, and evaluate any updates to vendors' ...