News

The Hacker News5h
Europol Shuts Down Six DDoS-for-Hire Services Used in Global Attacks
Europol dismantled six DDoS-for-hire services, arrested four, seized nine domains—disrupting attacks since 2022.
The Hacker News6h
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
CVE-2025-27007 exploited in OttoKit WordPress plugin before v1.0.83 enables admin creation without authentication.
The Hacker News13h
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware
A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary ...
The Hacker News8h
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
All four vulnerabilities have been rectified by SysAid with the release of on-premise version 24.4.60 b16 in early March 2025 ...
The Hacker News8h
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
The exploitation of CVE-2025-29824 also points to the trend of ransomware actors using zero-days to infiltrate targets. Last ...
The Hacker News9h
Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection
A new report Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection analyzing gaps in SSE implementations ...
The Hacker News12h
Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times
PyPI package 'discordpydebug' hides a RAT, downloaded 11,574 times, using stealthy HTTP polling to bypass defenses.
The Hacker News14h
Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added CVE-2025-27363 to its Known Exploited ...
The Hacker News1d
Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence
A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited ...
The Hacker News1d
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) ...
The Hacker News1d
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
Microsoft warns default Helm charts expose Kubernetes apps by prioritizing ease over security, risking data leaks.
The Hacker News1d
Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches
Third-party breaches doubled to 30% in 2025 + ungoverned machine accounts fueled major attacks + unified identity strategy is ...