The Hacker News20 小时
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Critical SonicWall zero-day (CVE-2025-23006) in SMA 1000 appliances fixed. Rated 9.8 CVSS; patch now to prevent active ...
The Hacker News1 天
2025 State of SaaS Backup and Recovery Report
This article shares critical findings from the 2025 State of SaaS Backup and Recovery Report, which gathered data from over 3 ...
The Hacker News1 天
DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations
The action targets Jin Sung-Il (진성일), Pak Jin-Song (박진성), Pedro Ernesto Alonso De Los Reyes, Erick Ntekereze Prince, and ...
The Hacker News1 天
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, ...
The Hacker News2 天
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the ...
The Hacker News2 天
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
A third vulnerability patched by Cisco is CVE-2025-20128 (CVSS score: 5.3), an integer underflow bug impacting the Object ...
The Hacker News2 天
Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review
DHS terminates advisory committees, including CSRB, halting investigations into Chinese cyberattacks and AI safety.
The Hacker News1 天
Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations
Google's Identity Check locks sensitive Android settings behind biometrics, enhancing security outside trusted locations.
The Hacker News4 天
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A 13,000-router MikroTik botnet bypasses SPF protections on 20,000 domains, fueling malware, DDoS, and phishing.
The Hacker News2 天
Custom Backdoor Exploiting Magic Packet Vulnerability in Juniper Routers
Rare malware targets Juniper routers in the J-magic campaign, exploiting JunoOS and impacting industries like IT, energy, and ...
The Hacker News3 天
TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware
Google identifies TRIPLESTRENGTH targeting cloud platforms like AWS and Azure for cryptojacking and ransomware.
The Hacker News2 天
New Research: The State of Web Exposure 2025
New research by web exposure management specialist Reflectiz reveals several alarming findings about the high number of ...