The Hacker News11 小时
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been ...
The Hacker News1 天
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials
The Crocodilus artifacts analyzed by the Dutch mobile security company masquerade as Google Chrome (package name: ...
The Hacker News1 天
New Security Flaws Found in VMware Tools and CrushFTP — High Risk, PoC Released
VMware Tools flaw CVE-2025-22230 enables high-privilege actions on Windows VMs + No workaround + Patch in 12.5.1.
The Hacker News1 天
BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability
BlackLock's misconfigured leak site exposed internal commands, aiding Resecurity in uncovering 46 ransomware victims.
The Hacker News2 天
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, ...
The Hacker News2 天
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection
Central to the malware is a packer dubbed Armoury that executes code on a system's GPU to complicate analysis in virtual ...
The Hacker News2 天
Mozilla Patches Critical Firefox Bug Similar to Chrome's Recent Zero-Day Vulnerability
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after ...
The Hacker News2 天
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
This article discusses how IT pros and businesses can guarantee operational continuity and business resilience with Datto ...
The Hacker News2 天
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
PJobRAT malware targeted Taiwanese Android users via fake chat apps from Jan 2023 to Oct 2024, enabling deep surveillance and ...
The Hacker News2 天
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
Twelve npm packages hijacked via compromised maintainer accounts to exfiltrate secrets using obfuscated scripts.
The Hacker News2 天
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware | Read more hacking news on The Hacker News ...
The Hacker News2 天
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims' DNS Email Records
DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the ...