News

The Hacker News12h

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Commvault patched four flaws before 11.36.60, including CVE-2025-57790 (8.7 CVSS), preventing remote code execution.
The Hacker News18h

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Password cracking succeeded in 46% of environments in 2025, leaving valid accounts exploited in 98% of attacks.
The Hacker News12h

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

ClickFix attacks deliver CORNFLAKE.V3 backdoor via fake CAPTCHAs, enabling multi-payload delivery and persistence since Sept ...
The Hacker News17h

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that's being used to deliver via ...
The Hacker News21h

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in ...
The Hacker News1d

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Russian hackers exploit Cisco CVE-2018-0171 since 2022, breaching global networks and targeting U.S. infrastructure.
The Hacker News1d

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative ...
The Hacker News1d

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft | Read more hacking news on ...
The Hacker News2d

Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution

Specifically, the attack chain first uses CVE-2025-31324 to sidestep authentication and upload the malicious payload to the ...
The Hacker News1d

North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms

North Korean Hackers Used GitHub and Cloud Services in Espionage Campaign Against Diplomats, While IT Workers Exploited AI to ...
The Hacker News2d

Why Your Security Culture is Critical to Mitigating Cyber Risk

Nearly 60% of 2024 breaches involved human factors, showing weak security culture undermines advanced defenses ...
The Hacker News1d

From Impact to Action: Turning BIA Insights Into Resilient Recovery

Discover how a business impact analysis lays the groundwork for faster recovery in today’s threat-filled business landscape.