News

The Hacker News30m
Cybercriminals Use Fake Apps to Steal Data and Blackmail Users Across Asia's Mobile Networks
A massive mobile malware campaign targets Android and iOS users in Asia, stealing personal data through fake apps.
The Hacker News1h
Why React Didn't Kill XSS: The New JavaScript Injection Playbook
JavaScript injection attacks surged in 2024, hitting major brands via Polyfill.io. Learn why frameworks failed.
The Hacker News5m
How the Browser Became the Main Cyber Battleground
Browser-based identity attacks surge in 2025, targeting SaaS apps and weak credentials across enterprise accounts.
The Hacker News6h
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability ...
The Hacker News23h
Email Security Is Stuck in the Antivirus Era: Why It Needs a Modern Approach
Legacy email filters miss post-delivery threats in Microsoft 365 and Google Workspace, exposing data. Here's how EDR-style ...
The Hacker News18h
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
In what's the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal's GitHub ...
The Hacker News1d
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Scattered Spider targets VMware ESXi in fast, stealthy ransomware attacks across U.S. retail and airline sectors.
The Hacker News1d
Critical Flaws in Niagara Framework Threaten Smart Buildings and Industrial Systems Worldwide
Tridium Niagara flaws expose critical infrastructure to takeover if misconfigured, affecting security and system uptime.
The Hacker News1d
EDR Detects, EPM Prevents. Why Using Both is a Winning Formula for Modern Endpoint Protection
This is why Endpoint Detection and Response (EDR) is really only one piece of the endpoint protection puzzle. It offers key ...
The Hacker News11d
From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware
This article discusses why IT leaders must think beyond backup and embrace cyber resilience to survive and thrive in the ...
The Hacker News5d
Storm-2603 Exploits SharePoint Flaws to Deploy Warlock Ransomware on Unpatched Systems
Storm-2603 exploits SharePoint flaws to deploy Warlock ransomware, affecting 400+ victims. Microsoft urges mitigation.
The Hacker News4d
CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
CastleLoader malware infected 469 devices via ClickFix, GitHub, and phishing since May 2025. Malware delivery is evolving ...